|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
pears How do I cheat? Reputation: 0
Joined: 31 Oct 2015 Posts: 7
|
Posted: Tue Sep 10, 2019 8:21 pm Post subject: Executing a referenced function |
|
|
Hello,
I am looking for ways to execute a referenced function in a game I have attached to. I actually have a PDB for the game, and can load it into CE so I am able to find the address of the start of a function, and would like to be able to execute a function the game has created after pressing a button or some other event.
Is this possible to do? I am still new to CE.
Thank you,
pears
|
|
Back to top |
|
|
atom0s Moderator Reputation: 198
Joined: 25 Jan 2006 Posts: 8517 Location: 127.0.0.1
|
Posted: Wed Sep 11, 2019 1:52 pm Post subject: |
|
|
Yes, it is possible. You can do it using the 'createthread' feature of the auto-asssembler engine.
You can write out the functionality in a few different ways but generally the result is the same.
For example, here is a way that when you check and uncheck the cheat script entry in your cheat list, it will invoke the function:
Code: |
[ENABLE]
[DISABLE]
createthread(callGameFunction)
callGameFunction:
mov ecx, [playerPointer] // See note 1.
call SomeGameFunctionAddress // See note 2.
ret
|
Note 1: playerPointer here comes from another script that makes a global variable that can be accessed by other scripts. This setup is calling a class function (__thiscall convention).
Note 2: You can use the raw function name if symbols are available, or the exact address for the function. If the function moves (ie. its in a module or similar) you can use the symbol information to make the proper call as needed.
If your goal is to add this to a button on a UI, you can do similar with the functionality in Lua.
Here are two examples I made when CE first added Lua scripting that you can check out. Some of the Lua stuff has changed/gotten a lot better since then though, so that exact code may not work now, but still should get you the general idea.
https://forum.cheatengine.org/viewtopic.php?t=530117
https://forum.cheatengine.org/viewtopic.php?t=530047
_________________
- Retired. |
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25295 Location: The netherlands
|
Posted: Wed Sep 11, 2019 2:14 pm Post subject: |
|
|
executeCodeEx/executeMethod
Code: |
executeCodeEx(callmethod, timeout, address, {type=x,value=param1} or param1,{type=x,value=param2} or param2,...)
callmethod: 0=stdcall, 1=cdecl
timeout: Number of milliseconds to wait for a result. nil or -1, infitely. 0 is no wait (will not free the call memory, so beware of it's memory leak)
address: Address to execute
{type,value} : Table containing the value type, and the value
{
type: 0=integer (32/64bit) can also be a pointer
1=float (32-bit float)
2=double (64-bit float)
3=ascii string (will get converted to a pointer to that string)
4=wide string (will get converted to a pointer to that string)
value: anything base type that lua can interpret
}
if just param is provided CE will guess the type based on the provided type
executeMethod(callmethod, timeout, address, {regnr=0..15,classinstance=xxxxxxxx} or classinstance, {type=x,value=param1} or param1, {type=x,value=param2} or param2,...) - Executes a method.
regnr can be:
0: R/EAX
1: R/ECX
2: R/EDX
3: R/EBX
4: R/ESP
5: R/EBP
6: R/ESI
7: R/EDI
8: R8
9: R9
10: R10
11: R11
12: R12
13: R13
14: R14
15: R15
If no register number is provided then ECX(1) is picked
If instance is nil it is the same as executeCodeEx
If a direct parameter is given instead of a table entry describing the type, CE will 'guess' the type it is
Returns the E/RAX value returned by the called function (if no timeout or other interruption)
|
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|