View previous topic :: View next topic |
Author |
Message |
jbandy10 How do I cheat? Reputation: 0
Joined: 06 Jan 2015 Posts: 8 Location: United States
|
Posted: Mon Mar 02, 2015 7:40 pm Post subject: How to execute a code manually? |
|
|
Is there a way to do this?
I've got a game that uses a single code to add 1 currency. So if I do something in the game that adds 150 currency, it simply runs that code 150 times. I don't think there's a way to edit the code itself to make it add more than 1 at a time.
So my question is, how do I execute this script manually? Like, a lot of times?
|
|
Back to top |
|
|
aikoncwd Grandmaster Cheater Reputation: 23
Joined: 21 Dec 2012 Posts: 591 Location: Spain (Barcelona)
|
Posted: Mon Mar 02, 2015 8:13 pm Post subject: Re: How to execute a code manually? |
|
|
jbandy10 wrote: | Is there a way to do this?
I've got a game that uses a single code to add 1 currency. So if I do something in the game that adds 150 currency, it simply runs that code 150 times. I don't think there's a way to edit the code itself to make it add more than 1 at a time.
So my question is, how do I execute this script manually? Like, a lot of times? |
So... do you want how to call in-game functions? I don't know how to do that but I'm interested, that's why I posted this (to read any update or comment because email warnings).
Hope somebody can tell how to do it.
_________________
Hey Hitler
Test here your skill with CheatEngine, I coded a challenge for you. Try to beat it!
HERE |
|
Back to top |
|
|
jbandy10 How do I cheat? Reputation: 0
Joined: 06 Jan 2015 Posts: 8 Location: United States
|
Posted: Mon Mar 02, 2015 8:17 pm Post subject: |
|
|
Essentially, yes. I do.
|
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Mon Mar 02, 2015 8:54 pm Post subject: |
|
|
The way I do it is as follows.
You need to find code that the game is constantly executing (like health display).
Have it jump to your code block which assigns the necessary registers and pushes whatever is needed to the stack.
Then you can call the in-game method (assuming you have the correct address of it).
Setup a little on/off switch so if it's off, it skips the call. Otherwise, do the call then turn the switch off.
Create a little script that turns the switch on when you both enable and disable the script and set a hotkey.
So that script sort of acts like your button to enable the switch and when the game gets around to executing your code, the switch will be on and it will be as though you called the method with a push of the button.
|
|
Back to top |
|
|
jbandy10 How do I cheat? Reputation: 0
Joined: 06 Jan 2015 Posts: 8 Location: United States
|
Posted: Mon Mar 02, 2015 9:42 pm Post subject: |
|
|
Zanzer wrote: | The way I do it is as follows.
You need to find code that the game is constantly executing (like health display).
Have it jump to your code block which assigns the necessary registers and pushes whatever is needed to the stack.
Then you can call the in-game method (assuming you have the correct address of it).
Setup a little on/off switch so if it's off, it skips the call. Otherwise, do the call then turn the switch off.
Create a little script that turns the switch on when you both enable and disable the script and set a hotkey.
So that script sort of acts like your button to enable the switch and when the game gets around to executing your code, the switch will be on and it will be as though you called the method with a push of the button. |
Could you explain in a little more detail? This is pretty confusing to me.
|
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Mon Mar 02, 2015 10:07 pm Post subject: |
|
|
Right-click health and find out what accesses that address and then go back in game for a second and do nothing.
Often times, an instruction should pop up with several hundred executions already.
This is likely code that grabs the health value and uses it to update a status bar on screen.
So you would want to setup your injection point there.
You will, of course, need to know what values/registers the function you're calling requires.
Then you can simply use code like the following.
Code: | [ENABLE]
aobscanmodule(myfunc,game.exe,SOME BYTES)
alloc(newmem,$1000)
alloc(myswitch,1)
label(code)
label(return)
label(mycode)
newmem:
cmp byte ptr [myswitch],1
jne code
mycode:
// push/set registers
// call the function
mov byte ptr [myswitch],0
code:
// original code
jmp return
myfunc:
jmp newmem
nop
nop
return:
registersymbol(myfunc)
registersymbol(myswitch)
[DISABLE]
myfunc:
db 48 8B 04 0A 48 89 01
unregistersymbol(myfunc)
unregistersymbol(myswitch)
dealloc(newmem)
dealloc(myswitch) |
You can then create another script to act as your button:
Code: | [ENABLE]
myswitch:
db 1
[DISABLE]
myswitch:
db 1 |
The game's normal execution will continually execute your hook.
It won't be until the second script sets the value to 1 that the first script actually calls the game function.
Last edited by Zanzer on Tue Mar 03, 2015 7:29 pm; edited 1 time in total |
|
Back to top |
|
|
jbandy10 How do I cheat? Reputation: 0
Joined: 06 Jan 2015 Posts: 8 Location: United States
|
Posted: Mon Mar 02, 2015 10:21 pm Post subject: |
|
|
Zanzer wrote: | Right-click health and find out what accesses that address and then go back in game for a second and do nothing.
Often times, an instruction should pop up with several hundred executions already.
This is likely code that grabs the health value and uses it to update a status bar on screen.
So you would want to setup your injection point there.
You will, of course, need to know what values/registers the function you're calling requires.
Then you can simply use code like the following.
Code: | [ENABLE]
aobscanmodule(myfunc,game.exe,SOME BYTES)
alloc(newmem,$1000)
alloc(myswitch,1)
label(code)
label(return)
label(mycode)
newmem:
cmp byte ptr [myswitch],1
jne code
mycode:
// push/set registers
// call the function
mov [myswitch],0
code:
// original code
jmp return
myfunc:
jmp newmem
nop
nop
return:
registersymbol(myfunc)
registersymbol(myswitch)
[DISABLE]
myfunc:
db 48 8B 04 0A 48 89 01
unregistersymbol(myfunc)
unregistersymbol(myswitch)
dealloc(newmem)
dealloc(myswitch) |
You can then create another script to act as your button:
Code: | [ENABLE]
myswitch:
db 1
[DISABLE]
myswitch:
db 1 |
The game's normal execution will continually execute your hook.
It won't be until the second script sets the value to 1 that the first script actually calls the game function. |
So when I have the original code sitting in auto assembly for editing, I need to surround it with that on/off switch script you posted?
I'm assuming that part of the script that says "original code" is where i keep what i started with?
|
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Mon Mar 02, 2015 10:43 pm Post subject: |
|
|
Correct. The default AOB injection also uses "jmp code" which you need to change to "jmp newmem".
You may also need to do another AOB scan to find the address of the game function you're trying to call.
Since it could change places on reload. Or you'll get lucky and it'll be static at game.exe+XXXX.
Really, unless the function is small and simple, you're better off making your own.
For example, you can use the same hook to read the current money amount, add 500, and then overwrite the amount. You may have needed to find the amount address using some other script (if it's not on the same struct available from the health code you're hooking). Then your button would add +500 money with each press.
Trying to mimic a game function that spawns a unit is probably going to be too complicated.
|
|
Back to top |
|
|
vng21092 Grandmaster Cheater Reputation: 15
Joined: 05 Apr 2013 Posts: 644
|
Posted: Tue Mar 03, 2015 12:52 am Post subject: Re: How to execute a code manually? |
|
|
jbandy10 wrote: | I don't think there's a way to edit the code itself to make it add more than 1 at a time. |
It's really simple, just find the current address, find out what writes to it. More than likely it'll be something like
Code: | mov [eax],something | OR even better yet Code: | add [eax],something | change the "something" to what you want to increment it by, so if you want 150 then write "96", (96 Hex = 150 Dec), like so
What game are you trying to mess with?
and Zanzer...
Zanzer wrote: |
Code: | [ENABLE]
myswitch:
db 1
[DISABLE]
myswitch:
db 1 <-- COMO? |
|
|
|
Back to top |
|
|
++METHOS I post too much Reputation: 92
Joined: 29 Oct 2010 Posts: 4197
|
Posted: Tue Mar 03, 2015 3:41 am Post subject: |
|
|
I would bet that the OP is trying to alter a value in an online game...which is why he is needing to use this odd approach.
Otherwise, as others have pointed out, there is no need to do it this way.
|
|
Back to top |
|
|
jbandy10 How do I cheat? Reputation: 0
Joined: 06 Jan 2015 Posts: 8 Location: United States
|
Posted: Tue Mar 03, 2015 10:58 am Post subject: |
|
|
++METHOS wrote: | I would bet that the OP is trying to alter a value in an online game...which is why he is needing to use this odd approach.
Otherwise, as others have pointed out, there is no need to do it this way. |
It's not technically an online game, because the mode is single player, but because it's connected to an online server, it's hard to edit the currency.
|
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Tue Mar 03, 2015 7:28 pm Post subject: Re: How to execute a code manually? |
|
|
vng21092 wrote: | and Zanzer...
Zanzer wrote: |
Code: | [ENABLE]
myswitch:
db 1
[DISABLE]
myswitch:
db 1 <-- COMO? |
|
|
The injection script disables myswitch on its own.
So I use this second script as sort of a button, ignoring the checkbox.
Even though this script is checked, the switch will have been disabled.
So clicking this script again (disable) will actually activate the switch again for you.
|
|
Back to top |
|
|
++METHOS I post too much Reputation: 92
Joined: 29 Oct 2010 Posts: 4197
|
Posted: Tue Mar 03, 2015 7:48 pm Post subject: |
|
|
jbandy10 wrote: | It's not technically an online game, because the mode is single player, but because it's connected to an online server, it's hard to edit the currency. |
|
|
Back to top |
|
|
|