| View previous topic :: View next topic |
| Author |
Message |
reverser69
Expert Cheater
![]() Reputation: 0
Joined: 03 Sep 2014
Posts: 112
|
 Posted: Wed Jan 23, 2019 7:36 pm Post subject: calling a game function |
 |
|
hi all
want to call this func with key press
anyone can help me? i know i must use GetAsyncKeyState and createthread but dont know haw.
| Code: |
push ecx
push -12{ 238 }
push TESV.exe+CB60D0 { ["iSkillUsageSneakMinDetection"] }
mov ecx,TESV.exe+171760C { [010773B4] }
call TESV.exe+3AB0
push TESV.exe+C4BCA0 { [B1760CB9] }
call TESV.exe+B520BC
pop ecx
ret
|
|
|
| Back to top |
|
 |
OldCheatEngineUser
Whateven rank
 Reputation: 20
Joined: 01 Feb 2016
Posts: 1586
|
| Posted: Thu Jan 24, 2019 6:57 am Post subject: |
|
|
you dont really want to createthread without setting up register contents, and you need to examine the two calls in this function. (after that you should decide what to do)
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
| STN wrote: | | i am a sweetheart. |
|
|
| Back to top |
|
|
anh7codon
How do I cheat?
![]() Reputation: 0
Joined: 23 Apr 2018
Posts: 9
|
| Posted: Fri Jan 25, 2019 5:07 am Post subject: |
|
|
Let say the game writing in c++ and have a function like this:
| Code: | void SendSocketMsg(char* szMsg, int iMsgSize)
{
//do something
} |
In CE I need to create thread to call to this function with some pre-defined message like this:
| Code: | struct HelloMessage
{
int ComputerID;
char HelloMessage[42];
};
|
now I try this in CE with create thread:
| Code: | [ENABLE]
alloc(thread,2048)
label(struct_HelloMsg)
createthread(thread)
thread:
//push first Parameter
push 2E // decimal=46 =sizeof(struct_HelloMsg)
//push seconds Parameter
mov edx, struct_HelloMsg
//then call the application function
call TestSocketApp.exe+63EB0
ret
struct_HelloMsg:
db 02 22 57 04 01 00 24 39 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[DISABLE] |
Then expception x80000001 arised. I don't know why
|
|
| Back to top |
|
|
LeonBlade
How do I cheat?
![]() Reputation: 0
Joined: 25 Jan 2019
Posts: 9
|
| Posted: Mon Jan 28, 2019 8:43 pm Post subject: |
|
|
Your function accepts a char* but you are passing in a struct. I'm not sure if that's intentional, but if it's not you might want to shift however many bytes down you need in order to avoid that problem.
Make note of the calling conventions for this function as well. You are pushing 2E but then only using the edx register for your second param. After moving edx you should then push edx to the stack.
|
|
| Back to top |
|
|
anh7codon
How do I cheat?
![]() Reputation: 0
Joined: 23 Apr 2018
Posts: 9
|
| Posted: Wed Feb 06, 2019 12:21 am Post subject: |
|
|
I'm lost...
I try to create a thread call to game function:
| Code: |
//push first Parameter
push 2E
//begin make second parameter
mov ecx,[eax+0002C210]
mov edx,[eax+0002C310]
mov [esp+20],ecx
mov ecx,[ebp+00000254]
mov edx,[edx+38]
lea ecx,[ecx+ecx*2]
lea ecx,[ecx+ecx*8]
shl ecx,04
mov ecx,[edx+ecx+00000208]
mov word ptr [esp+00000454],2202
mov [esp+24],ecx
mov ecx,0000000B
repe movsd
mov ecx,[eax+0002C1CC]
lea edx,[esp+00000454]
//end make second paramters
//push second paramter
push edx
call BatmanAK.exe+63EB0 |
my cheat engine Script:
| Code: |
[ENABLE]
alloc(thread,2048)
label(second_parameter)
createthread(thread)
thread:
//push first Parameter
push 2E
//pre-defined second parameter
mov edx, second_parameter
push edx
//then call the application function
call BatmanAK.exe+63EB0
ret
second_parameter: //pre-defined value
db 02 22 57 04 01 00 24 39 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
Cheat engine said thad instruction can not be compile when
mov edx, second_parameter
please give me some advise
|
|
| Back to top |
|
|
Digika
How do I cheat?
![]() Reputation: 0
Joined: 22 Dec 2020
Posts: 7
|
| Posted: Sat Feb 13, 2021 3:23 am Post subject: |
|
|
| Hey OP, you ever figured out how to call UE4 function? I have object dump from UUU and list of functions, there is void one that is tied to BP event, I just need to run it.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
