|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
Kajih Cheater Reputation: 1
Joined: 08 Feb 2021 Posts: 32
|
Posted: Thu Apr 21, 2022 7:18 am Post subject: How do I setup an AOB on a section? |
|
|
I'm not sure of the exact wording but basically up until now I didn't really need to have an injection on more than a single instruction so running the AOB template on said instruction was all I needed, also made multiple AOBs in the same script if needed. However i ran into something today and I'm not quite sure how to set it up correctly. I have multiple instructions I want to inject on:
Code: |
GameAssembly.dll+2065127 - 89 47 30 - mov [rdi+30],eax
GameAssembly.dll+206512A - 66 0F6E C8 - movd xmm1,eax
GameAssembly.dll+206512E - 0F5B C9 - cvtdq2ps xmm1,xmm1
GameAssembly.dll+2065131 - 66 41 0F6E C5 - movd xmm0,r13d
GameAssembly.dll+2065136 - 0F5B C0 - cvtdq2ps xmm0,xmm0
GameAssembly.dll+2065139 - F3 0F5E C8 - divss xmm1,xmm0
GameAssembly.dll+206513D - F3 0F11 4F 34 - movss [rdi+34],xmm1
|
The reason being is that I need to modify the first instruction here and the last one. I thought I could just AOB on all the bytes listed here and then nop the remaining bytes?something like:
Code: |
aobscanmodule(infHealth,GameAssembly.dll,89 47 30 66 0F 6E C8 0F 5B C9 66 41 0F 6E C5 0F 5B C0 F3 0F 5E C8 F3 0F 11 4F 34) // should be unique
alloc(newmem,$1000,infHealth)
label(code)
label(return)
newmem:
cmp [rdi+DA4],0
je return
code:
mov [rdi+30],eax
movd xmm1,eax
cvtdq2ps xmm1,xmm1
movd xmm0,r13d
cvtdq2ps xmm0,xmm0
divss xmm1,xmm0
movss [rdi+34],xmm1
jmp return
infHealth:
jmp newmem
nop 22
return:
registersymbol(infHealth)
[DISABLE]
infHealth:
db 89 47 30 66 0F 6E C8 0F 5B C9 66 41 0F 6E C5 0F 5B C0 F3 0F 5E C8 F3 0F 11 4F 34
unregistersymbol(infHealth)
dealloc(newmem)
|
Is the Nop 22 correct here? I keep 5 bytes and nop the rest?
Thanks in advance for any clarification, or any tips on how to make this better.
|
|
Back to top |
|
|
LeFiXER Grandmaster Cheater Supreme Reputation: 20
Joined: 02 Sep 2011 Posts: 1053 Location: 0x90
|
Posted: Thu Apr 21, 2022 7:50 am Post subject: |
|
|
Is the health contained in [RDI+34]?
|
|
Back to top |
|
|
Kajih Cheater Reputation: 1
Joined: 08 Feb 2021 Posts: 32
|
Posted: Thu Apr 21, 2022 8:20 am Post subject: |
|
|
The health value is contained in RDI+30 and the health bar value (UI controller) is contained in RDI+34. I could just inject at mov [rdi+30],eax and ignore the health bar (UI), or do another AOB, but I would rather be able to just grab that whole section and modify both if possible.
Edit: Although I suppose I could simply put my current health value into EAX and that should handle the other instruction down the line. I would still like to know if what i am asking is even possible though.
|
|
Back to top |
|
|
LeFiXER Grandmaster Cheater Supreme Reputation: 20
Joined: 02 Sep 2011 Posts: 1053 Location: 0x90
|
Posted: Thu Apr 21, 2022 11:04 am Post subject: |
|
|
The UI value is updated after the health value has updated because it grabs the value from eax:
Code: |
mov [rdi+30],eax
movd xmm1,eax
|
You could just do this:
Code: |
aobscanmodule(infHealth,GameAssembly.dll,89 47 30 66 0F 6E C8 0F 5B C9 66 41 0F 6E C5 0F 5B C0 F3 0F 5E C8 F3 0F 11 4F 34) // should be unique
alloc(newmem,$1000,infHealth)
label(code)
label(return)
newmem:
cmp [rdi+DA4],0
je code // You'll want the original instructions to execute if the criteria isn't met
mov eax,270F // 9999, you can change it to whatever you want
code:
mov [rdi+30],eax
movd xmm1,eax
cvtdq2ps xmm1,xmm1
movd xmm0,r13d
cvtdq2ps xmm0,xmm0
divss xmm1,xmm0
movss [rdi+34],xmm1
jmp return
infHealth:
jmp newmem
nop 22 // this should be remedied though
return:
registersymbol(infHealth)
[DISABLE]
infHealth:
db 89 47 30 66 0F 6E C8 0F 5B C9 66 41 0F 6E C5 0F 5B C0 F3 0F 5E C8 F3 0F 11 4F 34
unregistersymbol(infHealth)
dealloc(newmem)
|
|
|
Back to top |
|
|
ParkourPenguin I post too much Reputation: 138
Joined: 06 Jul 2014 Posts: 4275
|
|
Back to top |
|
|
Kajih Cheater Reputation: 1
Joined: 08 Feb 2021 Posts: 32
|
Posted: Thu Apr 21, 2022 12:01 pm Post subject: |
|
|
Ah! I wasn't sure if the nop amount was decimal or hex. That's what I did in the end is to just update eax. Thanks for the tip about length, whenever I do injections, I'll stick with the just using the first instruction as per the template.
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|