Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


AOB Scan

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
phpjunkie
Cheater
Reputation: 0

Joined: 26 Dec 2022
Posts: 26
Location: Wasilla, Ak
PostPosted: Sun Jan 15, 2023 3:42 pm    Post subject: AOB Scan Reply with quote
This works but it takes awhile for it to get the address.
Code:
aobScan(WalletScan,50 5C BA E9 F6 7F 00 00 00 00 00 00)

This, "HorizonZeroDawn.exe+71526A8, " is the base module of the pointer path to my character, witch is, [[[HorizonZeroDawn.exe+71526A8]+40]+50]. Now the offset for the WalletComponent changes based on the saved game I have loaded.. It starts at 130 and increases as I continue in the game. On my saved game of level 63 the offset is 180.

What I'm trying to do is speed up the aobScan, but nether one of these are working.
Code:
aobScanModule(WalletScan,"HorizonZeroDawn.exe"+71526A8,50 5C BA E9 F6 7F 00 00 00 00 00 00)
Code:
aobScanModule(WalletScan,"HorizonZeroDawn.exe",50 5C BA E9 F6 7F 00 00 00 00 00 00)


Screenshot_20230115_121856.png
 Description:
 Filesize:  144.19 KB
 Viewed:  2077 Time(s)

Screenshot_20230115_121856.png
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 471

Joined: 09 May 2003
Posts: 25833
Location: The netherlands
PostPosted: Mon Jan 16, 2023 2:31 am    Post subject: Reply with quote
you can also follow the pointer to that list and then on each address call getRTTIClassName(address) and check which one us the one you need
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
phpjunkie
Cheater
Reputation: 0

Joined: 26 Dec 2022
Posts: 26
Location: Wasilla, Ak
PostPosted: Tue Jan 17, 2023 10:47 am    Post subject: Reply with quote
Took me awhile but I finally got it figured out. The region I'm scanning changes dramatically each time I load a saved game. I've seen it as low as 3.6 seconds, and as high as 14.8 seconds, but that definitely beats a minute+ with aobscan with ether asm or lua.
Code:
local script = [[{$STRICT}
[ENABLE]
globalalloc(CharacterComponent,8,"HorizonZeroDawn.exe"+71526A8)
globalalloc(WalletComponent,8,"HorizonZeroDawn.exe"+71526A8)
globalalloc(MedicineComponent,8,"HorizonZeroDawn.exe"+71526A8)

alloc(AllocateComponents,2048,"HorizonZeroDawn.exe"+754776)
label(Return)

AllocateComponents:

{$TRY}
mov rdx,HorizonZeroDawn.exe+71526A8
mov rdx,[rdx]
mov rdx,[rdx+40]
mov rdx,[rdx+50]
mov [CharacterComponent],rdx
{$EXCEPT}

mov rdx,0
mov ecx,00000400

jmp Return
"HorizonZeroDawn.exe"+754776:
jmp AllocateComponents
Return:

[DISABLE]
dealloc(*)
"HorizonZeroDawn.exe"+754776:
db B9 00 04 00 00
]]

function firstAddress(first)
    if first == nil then first = true end

    local base = readQword( 'CharacterComponent' )
    local compareStr = string.sub( string.format( '%X', base ), 0, 2 )

    local result = base
    local compare = base

    local offset = 0

    repeat
          compare = readQword( compare )
          if ( first and result > compare ) or ( first == false and result < compare ) then
             result = compare
          end

          offset = offset + 8
          compare = base + offset
    until compareStr ~= string.sub( string.format( '%X', readQword( compare )), 0, 2 )

    return result
end

function scanRegion(AOB)
    local ms = createMemScan()
    ms.firstScan( soExactValue, vtByteArray, rtRounded, AOB, "", firstAddress(), firstAddress(false), "", fsmNotAligned, "", true, false, false, false )
    ms.waitTillDone()

   local fl = createFoundList(ms)
   fl.initialize()

   local result
   if fl.Count == 0 then
      result = nil
   else
       result = tonumber(fl.getAddress(0), 16)
   end

   fl.destroy()
   ms.destroy()

   return result
end

local clock = os.clock()

local assembled, Info = autoAssemble(script)
if assembled then
   local result = scanRegion('50 5C BA E9 F6 7F 00 00 00 00 00 00')
   if result ~= nil then
      writeQword('WalletComponent', result)
   end

   result = scanRegion('20 4D B3 E9 F6 7F 00 00 00 00 00 00')
   if result ~= nil then
      writeQword('MedicineComponent', result)
   end
   createTimer(1000, function() autoAssemble(script, Info) end)
end

print( os.clock() - clock )
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites