Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Teleport scripts (saving and setting coordinate)

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
jim2point0
Master Cheater
Reputation: 4

Joined: 05 Oct 2012
Posts: 336

PostPosted: Tue Aug 06, 2013 5:43 pm    Post subject: Teleport scripts (saving and setting coordinate) Reply with quote

I'm still learning the basics around creating scripts in CE. There's some stuff I can do, but I'm trying to actually do some useful stuff as a learning exercise.

I created a single player cheat request similar to this, but this is more generic if anyone can just explain the logic around a teleport script.

I'll use this script I found from lowbit's Far Cry 3 table (awesome table, that).

Code:
[ENABLE]
//---------TELEPORTER-----------//
alloc(newmem_Teleport,2048)
label(returnhere_Teleport)
label(originalcode_Teleport)
label(exit_Teleport)
label(z_coord)
label(x_coord)
label(y_coord)
label(save_coord)
label(load_coord)
label(s_enable)
label(l_enable)
registersymbol(s_enable)
registersymbol(l_enable)

"FC3_d3d11.dll"+108612A:
jmp newmem_Teleport
nop
returnhere_Teleport:

newmem_Teleport:
cmp dword ptr [eax+4C],(int)0
jne originalcode_Teleport
cmp [s_enable],1
je save_coord
cmp [l_enable],1
je load_coord

save_coord:
mov [s_enable],0
push edx
mov edx,[eax+30]
mov [x_coord],edx
mov edx,[eax+34]
mov [z_coord],edx
mov edx,[eax+38]
mov [y_coord],edx
pop edx
jmp originalcode_Teleport

load_coord:
mov [l_enable],0
cmp [z_coord],0
je originalcode_Teleport
push edx
mov edx,[x_coord]
mov [eax+30],edx
mov edx,[z_coord]
mov [eax+34],edx
mov edx,[y_coord]
mov [eax+38],edx
pop edx
jmp originalcode_Teleport

originalcode_Teleport:
mov edx,[eax+30]
mov [ebp-30],edx

exit_Teleport:
jmp returnhere_Teleport

x_coord:
dd 0
z_coord:
dd 0
y_coord:
dd 0
s_enable:
dd 0
l_enable:
dd 0

[DISABLE]
dealloc(newmem_Teleport)
unregistersymbol(s_enable)
unregistersymbol(l_enable)
"FC3_d3d11.dll"+108612A:
mov edx,[eax+30]
mov [ebp-30],edx


First of all:

Code:
"FC3_d3d11.dll"+108612A:


I'm not really sure how to pick the spot for the code injection. Is this just any opcode that accesses the first coordinate as an injection point?

Code:
cmp dword ptr [eax+4C],(int)0


That logic I'm also not sure about. I don't know what that is comparing or why.

Code:
cmp [z_coord],0
je originalcode_Teleport


For that: if no value is stored, do not execute the teleport and just do the original code?

I've only done basic scripts that get values to store them in pointers, so this is all kinda new to me.

Thanks for any help\tips Smile
Back to top
View user's profile Send private message
++METHOS
I post too much
Reputation: 92

Joined: 29 Oct 2010
Posts: 4197

PostPosted: Tue Aug 06, 2013 6:42 pm    Post subject: Re: Teleport scripts (saving and setting coordinate) Reply with quote

jim2point0 wrote:

First of all:

Code:
"FC3_d3d11.dll"+108612A:


I'm not really sure how to pick the spot for the code injection. Is this just any opcode that accesses the first coordinate as an injection point?
-Sometimes. There are two things that you must check. First, make sure that the coordinate address is correct (before looking at any instruction). For example, some addresses will not teleport your through objects (walls, high ground etc.). So, make sure you have an address that does that. Second, you need to check the instruction because not all of them may work. I usually have my script written out, and just swap out the instruction address (and registers etc.), if it doesn't appear to be panning out. You can usually spot which offset you need to be working with. I usually start with an instruction that is being accessed the most, and move on to the next, if it doesn't work, based on that. So, if the instruction that accesses your first coordinate address that is being accessed the most does not work, I move on to the second most accessed instruction with the proper offset.

jim2point0 wrote:
Code:
cmp dword ptr [eax+4C],(int)0


That logic I'm also not sure about. I don't know what that is comparing or why.
-This is just a simple compare for player ID; filtering out everyone/everything except hero player. You do this if the instruction that you are using is not exclusive to your hero player and handles the coordinates for other things...and since you only want to store and load your hero coordinates, you need to filter the addresses out.

jim2point0 wrote:
Code:
cmp [z_coord],0
je originalcode_Teleport


For that: if no value is stored, do not execute the teleport and just do the original code?
-This is just a simple compare, in case someone accidentally loads their coordinates without storing them first...otherwise, the player will be teleported to some place off of the map and/or may crash the game etc.
Back to top
View user's profile Send private message
jim2point0
Master Cheater
Reputation: 4

Joined: 05 Oct 2012
Posts: 336

PostPosted: Tue Aug 06, 2013 7:55 pm    Post subject: Reply with quote

Thanks for the response.

Things seem to be going well. I have the right addresses. I did pick instruction that was accessed the most, which panned out well. But I seem to be falling apart at the hotkey logic. For example, I only want to save coordinates once you press a hotkey. See here:

Code:
[ENABLE]
label(pCoordX)
label(pCoordY)
label(pCoordZ)
label(s_enable)
label(save_coord)
registersymbol(pCoordX)
registersymbol(pCoordY)
registersymbol(pCoordZ)
registersymbol(s_enable)

alloc(newmem_Teleport,2048)
label(returnhere_Teleport)
label(originalcode_Teleport)
label(exit_Teleport)

newmem_Teleport:
cmp [s_enable],1
je save_coord

save_coord:
mov [s_enable],0
push edx
mov edx,[esi+50]
mov [pCoordX],edx
mov edx,[esi+54]
mov [pCoordY],edx
mov edx,[esi+58]
mov [pCoordZ],edx
pop edx
jmp originalcode_Teleport

originalcode_Teleport:
movss xmm0,[esi+50]

exit_Teleport:
jmp returnhere_Teleport

///
pCoordX:
dd 0
pCoordY:
dd 0
pCoordZ:
dd 0
s_enable:
dd 0
///

"DMC-DevilMayCry.exe"+15D49E1:
jmp newmem_Teleport
returnhere_Teleport:

[DISABLE]
dealloc(newmem_Teleport)
"DMC-DevilMayCry.exe"+15D49E1:
movss xmm0,[esi+50]
unregistersymbol(pCoordX)
unregistersymbol(pCoordY)
unregistersymbol(pCoordZ)
unregistersymbol(s_enable)


Problem is, as soon as I enable the script, the code under "save_coord" is being run and the coordinates are being saved. So I guess the logic I have to only run when "s_enable" is 1 isn't working, and it's just running anyways all the time.

Do you see any problems with that script above?

The good thing is, when I press my hotkey to set "s_enable" to 1, the code resets it to 0. So once the logic is nailed down, it should only save once when I press the key, which is good.
Back to top
View user's profile Send private message
++METHOS
I post too much
Reputation: 92

Joined: 29 Oct 2010
Posts: 4197

PostPosted: Tue Aug 06, 2013 8:32 pm    Post subject: This post has 1 review(s) Reply with quote

Code:
newmem_Teleport:
cmp [s_enable],1
je save_coord
jmp originalcode_Teleport  //you must add this, otherwise, save_coord will always be executed.

save_coord:
mov [s_enable],0
push edx
mov edx,[esi+50]
mov [pCoordX],edx
mov edx,[esi+54]
mov [pCoordY],edx
mov edx,[esi+58]
mov [pCoordZ],edx
pop edx
jmp originalcode_Teleport
Back to top
View user's profile Send private message
jim2point0
Master Cheater
Reputation: 4

Joined: 05 Oct 2012
Posts: 336

PostPosted: Tue Aug 06, 2013 9:53 pm    Post subject: Reply with quote

*facepalm*

Well, that works great Smile Loading the stored values was easy enough to add to the script after that.

Slowly learning how to use this thing. Thanks for the help!
Back to top
View user's profile Send private message
++METHOS
I post too much
Reputation: 92

Joined: 29 Oct 2010
Posts: 4197

PostPosted: Tue Aug 06, 2013 11:01 pm    Post subject: Reply with quote

No problem. Thank you for reporting back.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites