Cheat Engine

[Corroder]

Does anybody could give some explanation about this code :

[justa_dude]

It scans the target's memory for bytes that match the ones given in the aobscan and replaces them (or the first several of them) with the ones in the db line when someone enables the script.

[STN]

aobscan searches for that signature/aob (66 ?? ?? ?? 46 ?? ?? 03 61),

2. How does it work ? well it dumps the whole memory (or part of it dunno how DB does it) and make a comparison by fetching parts of the dumped memory with the signature you gave until it finds the right match then returns the address where it found the match.

_aob:
db 29 29 29 29 25 ac 02 75

_aob is a label defined in the code above to reference the found signature address, the db part simply writes the bytes at that location, which translates to

sub [rcx],ebp
sub [rcx],ebp
and eax,007502AC

i guessed the byte after 75 to be 00 but it could be anything and will change the address 007502AC in the bold part only.

- How the method work ?.

Erm, a little complex to explain look at CE's code but in short words, CE stores/fetches the code, stores the labels and changes it into an address, WPMs the bytes and other things to inject the AA script.

Hope it helps, tried my best to explain in easy terms.

[panraven]

(off-topic)

[Corroder]

Thank so much for explanation from all of you.

Now, I have more understand how it work.

I get conclusion, the wildcard ?? in use as AOB Pattern and search AOB in memory randomly and filtering the results as AOB pattern given.
Next if AOB found as results, it will be replacing by AOB in db has stated.

Just a little doubt, Is all results should replace by AOB in db ?.
Does it only replace the first result like use in auto assembler ?

Edit :
Is need to apply speed hack to 0 while doing the process scan and replace?

Regards

[Rydian]

It replaces the first result.

No need to speedhack.

[Corroder]

okay, thank for reply.

Then to replace all results, is it right function :