|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
paul44 Expert Cheater Reputation: 2
Joined: 20 Jul 2017 Posts: 152
|
Posted: Tue Jan 16, 2018 7:07 am Post subject: automatically disable AddressList script entry |
|
|
I've been experimenting with several techniques here to do just that: enable/tick a script, which then disables itself upon execution.
However, in some case, that did not seem to work. To skip all my T&E, I eventually figured using a 'global lua variable' could do the job...
In the [Table ~ Show CE Lua script], I had this function showing a simple messagebox; and nothing else.
Note: initially, I had also:
[code]
ScriptID = getAddressList().getMemoryRecordByID(49)
ScriptID.Active = false
[/code]
in there, but that did not (seem to) work?!
I then came across this article: [viewtopic.php?p=5650217], which makes use of a lua variable in the AA script. I figured this would do the trick, but not quit... again...
Initially I added a test in the [Table ~ Show CE Lua script], which set the variable to '999999' (pretty confident CE will never get such an entryID); and the script did close itself. However, after some more experimenting, I found out the [Table ~ Show CE Lua script] never picked up if the value changed. And if I just kept the jmp (ignoring the variable update), it still disables itself?!
Some questions:
1. I have no idea why/how this works. Anyone care to explain?
2. Is this construction actually save? Possible memory exceptions?
(I have been using it plenty by now, without any probs)
3. Why does the lua variable not seem to get updated? I've added a test in the [Table ~ Show CE Lua script] section, but that seems to be ignored, no matter what (if's) I place in there?
(how/when is this section scanned by CE anyway? Apart from the startup, that is...)
4. Is it possible to get the memory location of the lua variable; so that I could follow possible changes in memory? Did try several techniques, but sofar no luck. Is it possible to get it "label/symbol"-ed somehow?
{AA script}
[code]
[ENABLE]
luacall(Help()) // calls a showMessage(), nothing else
// ID: disable script in CE table
// using '$' sign in front of symbol/variable tells CE to use global Lua variable
// just declaring a lua global variable and adding the jmp instruction seems to do the trick...
// (see [Table ~ Show CE Lua Script]...)
jmp $addrDisableListID
//dd (int)48
[DISABLE]
[/code] |
|
Back to top |
|
|
TheyCallMeTim13 Wiki Contributor Reputation: 50
Joined: 24 Feb 2017 Posts: 976 Location: Pluto
|
Posted: Tue Jan 16, 2018 8:51 am Post subject: |
|
|
1. Using $ in front of a variable in the Auto Assembler tells it to look up a Lua global, but all Lua code in AA is run first and only when running the script.
2. Like much of any thing else in dealing with raw memory, no not really.
3. Cheat Engine table Lua is only run when loading the table, try putting your Lua code in an AA script. (use luaCall or {$lua})
4. Not directly in Lua that I am aware of. If reading and writing to the variable when running (enabling or disabling) a script wont work, you will have to allocate some memory, and read and write to that, or use a "__stdcall" to call a Lua function to change the value in a running AA script.
If the script needs to deactivate it self, I think you will need to launch a timer because the Lua code is run before the script is enabled.
Try this is an AA script to see that it will not enable the script.
Code: | luaCall(error('Test error')) |
This is because the error is raised before the script is enabled, and before AA runs the AA code.
Also there is a "memrec" Lua variable in AA script that is set to the memory record that is running the script, this may be of use but I have not really used it my self. _________________
|
|
Back to top |
|
|
FreeER Grandmaster Cheater Supreme Reputation: 53
Joined: 09 Aug 2013 Posts: 1091
|
Posted: Tue Jan 16, 2018 11:03 am Post subject: |
|
|
Quote: | I've been experimenting with several techniques here to do just that: enable/tick a script, which then disables itself upon execution. |
Simple enough, at least this has worked for me without any real issues
Code: | [ENABLE]
... AA code
{$lua}
local t = createTimer()
t.Interval = 100
t.OnTimer = function(t)
t.destroy() -- destroy timer so it doesn't run again
memrec.Active = false -- disable this script
end
{$asm} |
memrec was added in CE 6.7, there may be an issue with aobscans that take a long time...I can't remember now since I haven't used any recently but you can increase the interval from 100 milliseconds aka 1/10th of a second to something higher to compensate or do something more sophisticated and check inside the timer for the registered symbol before letting it disable and destroy the timer.
A better way would probably be to use the OnActivate event eg.
Code: | {$lua}
memrec.OnActivate = function(memrec, preState, curState)
if (not preState) and curState then
local t = createTimer()
t.Interval = 100
t.OnTimer = function(t)
t.destroy() -- destroy timer so it doesn't run again
memrec.Active = false -- disable this script
end
end
return true -- don't interrupt, not sure how it'd be handled...
end
{$asm} |
As for explanations, the table lua script runs when the table is opened to setup things, you could throw a timer in there to constantly run code if necessary (and you'd need to press "execute" when editing to get it to run).
The {$lua}{$asm} sections in AA scripts run, as TheyCallMeTim13 said, once when enabling the script before the AA code is assembled, you can actually return a string of AA code and it'll be used as if you had written it instead of the lua section eg.
Code: | [ENABLE]
{$lua}
if syntaxcheck then return end -- don't run when editing
-- 400290 is a readonly codecave in the tutorial-i386.exe process that comes with CE 6.7
-- create memory record for convenience
local mr = AddressList.createMemoryRecord()
mr.Address = '400290'
mr.Type = vtString
mr.String.Size = #'this is a test'
-- return AA code
return [[400290:
db 'this is a test',0]]
{$asm}
[DISABLE] |
would set 400290 to the 0 terminated ASCII/ANSI string "this is a test"
using $ to get lua variable values doesn't seem to work with strings (not something I've really played with), it refuses to enable and autoAssembleCheck doesn't really provide any info so I'd assume it's an internal check against strings since userdata like AddressList worked (it wrote the address that you could get from userDataToInteger) but it does work with simple integers.
Code: | [ENABLE]
{$lua}
if syntaxcheck then return end -- don't run when editing
-- 400290 is a readonly codecave in the tutorial-i386.exe process that comes with CE 6.7
globalValueTest= 23.15
-- create memory record for convenience
local mr = AddressList.createMemoryRecord()
mr.Address = '400290'
-- return AA code
return [[400290:
dd $globalValueTest]]
{$asm}
[DISABLE] |
would write 23 as a dword, similarly using globalValueTest = 0xFFFFFFFFFFFFFFFF would only write a dword 0xFFFFFFFF
Last edited by FreeER on Tue Jan 16, 2018 12:14 pm; edited 2 times in total |
|
Back to top |
|
|
paul44 Expert Cheater Reputation: 2
Joined: 20 Jul 2017 Posts: 152
|
Posted: Tue Jan 16, 2018 12:07 pm Post subject: Some jump that is... |
|
|
@TheyCallMeTim13:
The "funny" part here is that it DOES work, meaning the 'jmp' instruction will disable the script automatically?! A mechanism I do not really understand, hence my worries...
(just to be sure: the script MUST run, but then disable itself ~ since it is just a help/instruction message box. And thus users do not need to click it twice to get that help back...)
As you stated: when I enable the script, CE will first run the luacall; and then continues with the ASM part (being that jmp instruction)...?!
I have been thinking: will it actually "jump" to that value_location in memory (in my case '999999'); or will it effectively jump to the variable's memlocation? Or what?
And yep: I was already thinking about manipulating the var via a {$lua} section (more out of interest then anything else). I did search for it on stackoverflow ~ something with ?Getfield? to get memory address - but too much overkill for me...
Btw: that also makes me conclude that CE keeps the 'getAutoAttachList()' function alive so that the game will attach eventually (if CE is loaded first).
(which sits in my startup lua table)
@FreeER:
I have already been using the timer fn in the past (for my "hover" tables to respond to Fn keys). Though the 'memrec' function is definitely something I will look into. Especially since I'd like to pass on info from the script itself (basically its ID) to the lua function so I do not need to hardcode it (and thus easier to maintain)...
And thx for the feedback, gents
ps: if you'd like to have a look at the CE table, check out "assassin brotherhood fearless"
-EDIT-
it appears "any" asm code will do:
cmp eax,0 (instead of the jmp instruction)
As far as I know, there is no address defined where this opcode needs to be written/inserted?! So what I think happens here is: a) when saving the script, everything is peachy (no syntax errors; and whatever else CE verifies). b) However, when activating the script, the lua part (being preprocessed) is fine, but the "resulting" - final - ASM part makes no sense (has no "context", if you will). Either CE's AA routine decides it makes no sense to keep the script enabled; or its error routine kicks in, disabling it for the same reason... |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|