 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
guy960915
Expert Cheater
 Reputation: 2
Joined: 17 Sep 2007
Posts: 168
|
 Posted: Sun Apr 21, 2019 10:35 pm Post subject: AA AOB won't activate after multiple edit & save |
 |
|
Game target is "They Are Billions"
v0.9.2 and 10.16.18
using CE 6.8.3, no addons.
this is weird, I'm puzzled about this,
Note: this is my first 64bit game that I've extensively worked on.
i was testing with the: (w/ & w/out Optional, far/near/code cave)
- alloc(SymbolName, Size, AllocateNearThisAddress OPTIONAL)
- aobscan, aobscanmodule, aobscanregion.
after multiple edit and save of a AA AOB script, it won't activate anymore.
even when i restore it to the working script before. even when i assign it to table again.
but when i create another AA AOB (same add, same working script), the new AA AOB will activate.
|
|
| Back to top |
|
 |
ParkourPenguin
I post too much
 Reputation: 153
Joined: 06 Jul 2014
Posts: 4740
|
| Posted: Mon Apr 22, 2019 8:03 am Post subject: |
|
|
I'm guessing the AoB signature includes some bytes that change value on game restart. I might be able to give you a better idea of what's wrong if you provide a script.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
guy960915
Expert Cheater
Reputation: 2
Joined: 17 Sep 2007
Posts: 168
|
| Posted: Mon Apr 22, 2019 10:56 am Post subject: |
|
|
only this parts i altered , the rest is the same,
| Code: | aobscanregion(_trainbuild_AOB,7FF000000000,7FFFFFFFFFFF,C4 E1 7A 10 81 38 01 00 00 C4)
alloc(_trainbuild_newmem,512,clr.dll) |
in the alloc: i mess around with the range part only.
---alloc(newmem,512,7FFE9B4B61D7) <-- this is the AA generated
tested these:
---alloc(newmem,512) --> will result in long jumps (take up 16 bytes somthing???)
---alloc(newmem,512,TheyAreBillions.exe) --> will result in long jumps (take up 16 bytes somthing???)
---alloc(newmem,512,7FF000000000) --> will result in long jumps (take up 16 bytes somthing???)
---alloc(newmem,512,7FFE00000000) -> will result in long jumps (take up 16 bytes somthing???)
after multiple saves and activate, it suddenly wont activate anymore. even when i return it to the AA generated.
:::::::::::
in the aobscan: same, only messed with the range part only,
aobscan(_trainbuild_AOB,C4 E1 7A 10 81 38 01 00 00 C4) <-- AA generated.
tested these:
---aobscanmodule(_trainbuild_AOB,TheyAreBillions.exe,C4 E1 7A 10 81 38 01 00 00 C4) --> result AOB long search
---aobscanmodule(_trainbuild_AOB,7FF000000000,C4 E1 7A 10 81 38 01 00 00 C4) --> result AOB long search
---aobscanmodule(_trainbuild_AOB,7FFE00000000,C4 E1 7A 10 81 38 01 00 00 C4) --> result AOB long search
---aobscanregion(_trainbuild_AOB,7FF000000000,7FFFFFFFFFFF,C4 E1 7A 10 81 38 01 00 00 C4) --> result AOB fast search
same, after multiple saves and activate, it suddenly wont activate anymore. even when i return it to the AA generated.
Solution:
1. Create another AA AOB.
2. Restart Game and CE
==============================================
this is my final script tested on v10.16.18 ,
not tested on other version yet.
| Code: | aobscanregion(_trainbuild_AOB,7FF000000000,7FFFFFFFFFFF,C4 E1 7A 10 81 38 01 00 00 C4)
alloc(_trainbuild_newmem,512,clr.dll)
label(code)
label(return)
_trainbuild_newmem:
mov [rcx+138],(float)0.05 //set timer
code:
vmovss xmm0,[rcx+00000138] //orig code
jmp return
_trainbuild_AOB:
jmp _trainbuild_newmem
nop
nop
nop
nop
return:
registersymbol(_trainbuild_AOB)
[DISABLE]
unregistersymbol(_trainbuild_AOB)
dealloc(_trainbuild_newmem)
_trainbuild_AOB:
db C4 E1 7A 10 81 38 01 00 00 |
|
|
| Back to top |
|
|
ParkourPenguin
I post too much
Reputation: 153
Joined: 06 Jul 2014
Posts: 4740
|
| Posted: Mon Apr 22, 2019 11:11 am Post subject: |
|
|
If it's in a module, use aobscanmodule; otherwise, you should just use aobscan.
Your code isn't guaranteed to be within 2GB of the injection point. Allocate the memory near the injection point instead:
| Code: | | alloc(_trainbuild_newmem,512,_trainbuild_AOB) |
Alternatively, stop trying to write code yourself and let CE generate it for you. Highlight the instruction you wish to inject code at in the disassembler, open an AA window, and select "AOB injection". CE will automatically generate code that's correct.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
guy960915
Expert Cheater
Reputation: 2
Joined: 17 Sep 2007
Posts: 168
|
| Posted: Mon Apr 22, 2019 8:05 pm Post subject: |
|
|
by testing and experimenting, i learn a lot, the WIKI and HELP just give common examples.
i did not know you can use the injection point for the alloc range.
it's joy when you learn something,
thank you very much,
|
|
| Back to top |
|
|
TheyCallMeTim13
Wiki Contributor
 Reputation: 51
Joined: 24 Feb 2017
Posts: 976
Location: Pluto
|
| Posted: Mon Apr 22, 2019 11:26 pm Post subject: |
|
|
| guy960915 wrote: | by testing and experimenting, i learn a lot, the WIKI and HELP just give common examples.
i did not know you can use the injection point for the alloc range.
it's joy when you learn something,
thank you very much, |
It's not the most thorough but one of the examples has an AOB symbol. But I guess it would be better to have is with an example using both "aobScan" and "alloc".
| Code: | | alloc(SomeSymbol, 0x4, SomeAOBSymbol) |
https://wiki.cheatengine.org/index.php?title=Auto_Assembler:alloc
_________________
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
