|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
MetaUnv_WithCE How do I cheat? Reputation: 0
Joined: 27 Jul 2021 Posts: 9
|
Posted: Tue Jul 27, 2021 8:33 pm Post subject: How to use lua in AA I read alot still doesnt figure it out |
|
|
Code: |
alloc(newmem,2048,"GTA5.exe"+15CE6C)
label(returnhere)
label(originalcode)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
push rax
{$lua}
if (string.find(string.upper(readString(0x7FF70C97EB30,64,false)),"MULTIPLAYER"))
then
if (string.find(string.upper(readString(0x7FF70C97EC30,64,false)),"TIMELINE.ADD_MESSAGE"))
then
if (string.find(string.upper(readString(0x7FF69652ED59,512,false)),"GTA5") or string.find(string.upper(readString(0x7FF69652ED59,512,false)),"QQ") or string.find(string.upper(readString(0x7FF69652ED59,512,false)),"WECHAT"))
then
return 1
else
return 0
end
else
return 0
end
else
return 0
end
{$asm}
test rax,1
jne short originalcode
pop rax
retn
originalcode:
pop rax
mov rax,rsp
mov [rax+08],rbx
exit:
jmp returnhere
"GTA5.exe"+15CE6C:
jmp newmem
nop 2
returnhere: |
Above code is inejcted to somegame for adbot spam chat filter,basically if it is a spam message the call will immediteally retn,if not it will go continue the original show message process.
but it didnt work, ce now tell me it cannot compiled
since the string using in this game was UTF8,using pure ASM to compare string will be a pain for me,so I wanna use lua to compare these string,it seems exactly like our official wiki said using {$lua}lua code{$asm}asm code,why?
I've search and read so many posts about this in our forum up to 2012,still got no clue
And since the lua script will return 1 or 0 should write to rax,do I need to push rax first,then execute the lua script.then after finished use of rax and then pop rax again to recovery the stack?
|
|
Back to top |
|
|
ParkourPenguin I post too much Reputation: 140
Joined: 06 Jul 2014 Posts: 4290
|
Posted: Tue Jul 27, 2021 10:05 pm Post subject: |
|
|
{$lua} blocks are like preprocessor macros- they're executed just before the script gets assembled. They do not get executed at runtime.
The returned string, if any, will be substituted for the {$lua} block. e.g.:
Code: | // returns a line "define(foo,address)"
{$lua}
if syntaxcheck then return 'define(foo,0)' end
local result = assert(AOBScan('12 34 AB CD', '+X-C-W'))
local address = result[0]
result.destroy()
return ('define(foo,%08X)'):format(address)
${asm}
| edit: explicitly destroy aobscan result
If you want the game to execute Lua code in CE, look here:
https://forum.cheatengine.org/viewtopic.php?t=615359
tl;dr: you're better off writing that simple string comparison yourself.
IIRC there were thoughts of a feature to allow writing C code in AA scripts that gets compiled down to assembly automatically, but I'm not sure what the state of that is.
_________________
I don't know where I'm going, but I'll figure it out when I get there.
Last edited by ParkourPenguin on Wed Jul 28, 2021 2:22 am; edited 1 time in total |
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25288 Location: The netherlands
|
Posted: Tue Jul 27, 2021 11:29 pm Post subject: |
|
|
ParkourPenguin wrote: |
IIRC there were thoughts of a feature to allow writing C code in AA scripts that gets compiled down to assembly automatically, but I'm not sure what the state of that is. |
it's in next version. ({$ccode}) It also will have {$luacode} which will execute the given lua code at that point (inside the context of CE's process which then executes the code and on return modifies the given parameters)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
MetaUnv_WithCE How do I cheat? Reputation: 0
Joined: 27 Jul 2021 Posts: 9
|
Posted: Wed Jul 28, 2021 4:46 pm Post subject: |
|
|
ParkourPenguin wrote: | {$lua} blocks are like preprocessor macros- they're executed just before the script gets assembled. They do not get executed at runtime.
The returned string, if any, will be substituted for the {$lua} block. e.g.:
Code: | // returns a line "define(foo,address)"
{$lua}
if syntaxcheck then return 'define(foo,0)' end
local result = assert(AOBScan('12 34 AB CD', '+X-C-W'))
local address = result[0]
result.destroy()
return ('define(foo,%08X)'):format(address)
${asm}
| edit: explicitly destroy aobscan result
If you want the game to execute Lua code in CE, look here:
'cant post url' you're better off writing that simple string comparison yourself.
IIRC there were thoughts of a feature to allow writing C code in AA scripts that gets compiled down to assembly automatically, but I'm not sure what the state of that is. |
yep,I thought lua in CE was compiled into asm and integrate in to AA function before,but checked the asm after code injection now I think it was a remote call to CE process's lua server and will not execute at the code injection location(which you mean runtime)?
And,before this ask posts,years I've managed to solve problem by just search here and read other user's related ask posts and always found you answer there,and I do learned alot from there.Really do appreciate so much for your put and help with the whole community!
|
|
Back to top |
|
|
ParkourPenguin I post too much Reputation: 140
Joined: 06 Jul 2014 Posts: 4290
|
Posted: Wed Jul 28, 2021 6:14 pm Post subject: |
|
|
Fun_WithCE wrote: | now I think it was a remote call to CE process's lua server and will not execute at the code injection location(which you mean runtime)? | The last part is correct.
For the first part, it isn't a remote call. CE doesn't magically copy the entire script into the target process to make it work. When you activate the script, CE looks at the script and does what you write: aobscans, registersymbols, allocating memory, sequentially writing instructions to addresses, {$lua} blocks, etc all happen within CE.
Another example, albeit contrived. For all practical purposes, these two code blocks are the same:
Code: | newmem:
mov eax,[esi]
add eax,ecx
mov [edi],eax |
Code: | newmem:
mov eax,[esi]
{$lua}
-- returns a string that gets substituted for this lua block
return 'add eax,ecx'
{$asm}
mov [edi],eax |
It seems like {$luacode} will do what you want when the next version of CE comes out.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
Back to top |
|
|
MetaUnv_WithCE How do I cheat? Reputation: 0
Joined: 27 Jul 2021 Posts: 9
|
Posted: Wed Jul 28, 2021 8:07 pm Post subject: |
|
|
Dark Byte wrote: |
it's in next version. ({$ccode}) It also will have {$luacode} which will execute the given lua code at that point (inside the context of CE's process which then executes the code and on return modifies the given parameters) |
You can always get DARK BYTE answer your question by himself here LOL:D
I cant even believe after so many years you still answer questions like this by yourself in here.
after realized that lua was not compiled into asm and inject into game's process at this version of CE and some posts you mentioned that people should carefully take x64 call convention. then I have too compare the strings by pure asm now,and finally got it worked.code here:
Code: | alloc(newmem,2048,"GTA5.exe"+15CE6C)
label(returnhere)
label(originalcode)
label(exit)
label(fir)
label(sec)
label(fk1)
label(fk2)
label(fk3)
label(check1)
label(check2)
label(check3)
label(check4)
label(hitr)
label(hitr2)
label(hitr3)
label(fin)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
sub rsp,58
pushfq
push rax
push rbx
push rcx
push rdx
push rsi
push rdi
push rbp
push r8
push r9
push r10
push r11
push r12
push r13
push r14
push r15
mov rcx,7FF70C97EB30
push rcx
mov rdx,fir
push rdx
call shlwapi.StrStrIA
pop rdx
pop rcx
cmp rax,0
je originalcode
check1:
mov rcx,7FF70C97EC30
push rcx
mov rdx,sec
push rdx
call shlwapi.StrStrIA
pop rdx
pop rcx
cmp rax,0
je originalcode
check2:
mov rbx,0
mov rcx,7FF70C97ED30
push rcx
mov rdx,fk1
push rdx
call shlwapi.StrStrIA
pop rdx
pop rcx
cmp rax,0
jne hitr
check3:
mov rcx,7FF70C97ED30
push rcx
mov rdx,fk2
push rdx
call shlwapi.StrStrIA
pop rdx
pop rcx
cmp rax,0
jne hitr2
check4:
mov rcx,7FF70C97ED30
push rcx
mov rdx,fk3
push rdx
call shlwapi.StrStrIA
pop rdx
pop rcx
cmp rax,0
jne hitr3
fin:
cmp rbx,0x2
jb originalcode
pop r15
pop r14
pop r13
pop r12
pop r11
pop r10
pop r9
pop r8
pop rbp
pop rdi
pop rsi
pop rdx
pop rcx
pop rbx
pop rax
popfq
add rsp,58
sub rax,20
retn
hitr3:
inc rbx
jmp fin
hitr:
inc rbx
jmp check3
hitr2:
inc rbx
jmp check4
originalcode:
pop r15
pop r14
pop r13
pop r12
pop r11
pop r10
pop r9
pop r8
pop rbp
pop rdi
pop rsi
pop rdx
pop rcx
pop rbx
pop rax
popfq
add rsp,58
mov rax,rsp
mov [rax+08],rbx
exit:
jmp returnhere
///
fir:
db 'MULTIPLAYER',0,0,0
sec:
db 'TIMELINE.ADD_MESSAGE',0,0,0
fk1:
db 'GTA5',0,0,0
fk2:
db 'QQ',0,0,0
fk3:
db 'WECHAT',0,0,0
///
"GTA5.exe"+15CE6C:
jmp newmem
nop 2
returnhere:
|
=============================================
And another question:
do the function
aHR0cHM6Ly93d3cuY2hlYdipshitbmdpbmUub3JnL2ZvcnVtL3ZpZXd0b3BpYy5waHA/dD02MDkwMDEmc2lkPTA0OTJjN2M2NGE2NDliNmFhYmNiYjMzMThlODNhMjk3
(url base64 encoded,i cant post url string in posts)here you mentiond
db(utf- "some_string",0,0
now supported in current version?
=============================================
And another may bug in our forum php code:
when I login I got error below,after refresh the page it back to normal
Code: | phpBB : Critical Error
Error updating last visit time
DEBUG MODE
SQL Error : 1366 Incorrect integer value: '' for column 'user_last_nonowner_fnid' at row 1
UPDATE cephpbb_users SET user_session_time = 1627510674, user_session_page = 0, user_lastvisit = 1627441120 ,user_lastip='xx.xx.xx.xx' ,user_lastfnid='133456', user_last_nonowner_fnid='', user_previouslastip='' WHERE user_id = 123456
Line : 303
File : sessions.php |
=============================================
and Really appreciate you created this world,today I still clearly remember 10 years before I was out of sleep for days after I got red alert2's unlimited nuclear bomb works with CE to simple click and watch npc's base boom again and again.I've use Cheat Engine from my childhood,there's nothing comparable to CE.
=============================================
|
|
Back to top |
|
|
atom0s Moderator Reputation: 198
Joined: 25 Jan 2006 Posts: 8517 Location: 127.0.0.1
|
Posted: Wed Jul 28, 2021 11:04 pm Post subject: |
|
|
Unicode strings can be defined with:
Code: | dw 'Hello world.', 0 |
When dw is used, if the next value is seen as ' for a quote it'll treat it as a wide string.
_________________
- Retired. |
|
Back to top |
|
|
MetaUnv_WithCE How do I cheat? Reputation: 0
Joined: 27 Jul 2021 Posts: 9
|
Posted: Wed Aug 04, 2021 4:39 am Post subject: |
|
|
atom0s wrote: | Unicode strings can be defined with:
Code: | dw 'Hello world.', 0 |
When dw is used, if the next value is seen as ' for a quote it'll treat it as a wide string. |
okay,but is it totally same with db 'H',0,'e',0,'l',0,'l',0,'o',0,' ',0,'w',0,'o',0,'r',0,'l','d',0,0,0,0?
|
|
Back to top |
|
|
atom0s Moderator Reputation: 198
Joined: 25 Jan 2006 Posts: 8517 Location: 127.0.0.1
|
Posted: Thu Aug 05, 2021 12:21 am Post subject: |
|
|
Yes, but it's a lot easier to write it the way I showed instead.
_________________
- Retired. |
|
Back to top |
|
|
MetaUnv_WithCE How do I cheat? Reputation: 0
Joined: 27 Jul 2021 Posts: 9
|
Posted: Wed Aug 11, 2021 12:35 pm Post subject: |
|
|
atom0s wrote: | Yes, but it's a lot easier to write it the way I showed instead. |
Got it,Thanks!
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|