 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
GH*master
Expert Cheater
 Reputation: 8
Joined: 10 Jan 2008
Posts: 159
|
 Posted: Sun May 31, 2015 1:11 am Post subject: How get DissectCode table? |
 |
|
Hello!
I found DissectCode class from
http://code.google.com/p/cheat-engine/source/browse/trunk/Cheat%20Engine/bin/main.lua
https://code.google.com/p/cheat-engine/source/browse/trunk/Cheat+Engine/LuaDissectCode.pas
| Code: | DissectCode class: (Inheritance: Object)
getDissectCode() : Creates or returns the current code DissectCode object
properties:
methods:
dissect(modulename) : Dissects the memory of a module
dissect(base,size) : Dissect the specified memory region
getReferences(address) : Returns a table containing the addresses that reference this address and the type
getReferencedStrings(): Returns a table of addresses and their strings that have been referenced. Use getReferences to find out which addresses that are |
I have disasm code from test.exe
| Code: | 004556ED - 8B 00 - mov eax,[eax]
004556EF - E8 4CD4FFFF - call 00452B40
004556F4 - 8B 0D 74774500 - mov ecx,[00457774] : [0045B5A0]
;...
00452B40 - 53 - push ebx
00452B41 - A1 C8784500 - mov eax,[004578C8] : [00458040]
00452B46 - 83 38 00 - cmp dword ptr [eax],00
00452B49 - 74 0A - je 00452B55
00452B4B - 8B 1D C8784500 - mov ebx,[004578C8] : [00458040]
00452B51 - 8B 1B - mov ebx,[ebx]
00452B53 - FF D3 - call ebx |
I tried :
| Code: | dissectCode = getDissectCode()
dissectCode.clear()
dissectCode.dissect('test.exe')
tableData = dissectCode.getReferences(0x00452B40) -- is working any address?
print(#tableData) -- output "0"
tableData = dissectCode.getReferences('00452B40') -- is working any address?
print(#tableData) -- output "0" |
1. How to print table from "getReferences"?
2. How to print table from "getReferencedStrings"?
---
I used CE6.4+ "revision 15.04.26 pure" (http://forum.cheatengine.org/viewtopic.php?p=5590889#5590889) |
|
| Back to top |
|
 |
mgr.inz.Player
I post too much
 Reputation: 218
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Sun May 31, 2015 5:04 am Post subject: |
|
|
You have to convert them:
| Code: | function getReferences2(dc,address)
local tmp=dc.getReferences(address)
local tmp2={}
for k,v in pairs(tmp) do tmp2[#tmp2+1]=k end
table.sort(tmp2,function (a,b) return a<b end)
return tmp2,tmp
end
dissectCode = getDissectCode()
tableDataConv, tableData = getReferences2(dissectCode,0x00452B40) |
tableDataConv - this table contains list of all addresses,
tableData - this original table returned by getReferences
| Code: | | getReferencedStrings(): Returns a table of addresses and their strings that have been referenced. Use getReferences to find out which addresses that are |
looks like it is broken, it sets empty strings.
EDIT:
| Code: | function convert(T)
local tmp={}
for k,v in pairs(T) do tmp[#tmp+1]={k,v} end
table.sort(tmp,function (a,b) return a[1]<b[1] end)
return tmp
end
function fixReferencedStrings(T)
for k,v in pairs(T) do
T[k]=readString(k,500)
end
end
function tohex(v)
return string.format('%X',v)
end
dissectCode = getDissectCode()
references = dissectCode.getReferences(0x408B80)
referencesConv = convert(references) -- convert
referencedStrings = dissectCode.getReferencedStrings()
fixReferencedStrings(referencedStrings) -- fix
referencedStringsConv = convert(referencedStrings) -- convert
--print all refences to 0x408B80
for i=1,#referencesConv do
local ref = referencesConv[i][1]
local refhex = tohex(ref)
local type=referencesConv[i][2]
print('reference: '..refhex, ' , type of reference: '..type)
end |
_________________
|
|
| Back to top |
|
|
GH*master
Expert Cheater
Reputation: 8
Joined: 10 Jan 2008
Posts: 159
|
| Posted: Sun May 31, 2015 8:31 am Post subject: |
|
|
Thank you! It's working for me.
Sorry for my English. I found the variables (https://cheat-engine.googlecode.com/svn/trunk/Cheat%20Engine/DissectCodeThread.pas)
calllist: TMap;
unconditionaljumplist: TMap;
conditionaljumplist: TMap;
memorylist: TMap; //e.g strings
3. Can I read adresses from "calllist: TMap" with DissectCode class or local pointer to "calllist: TMap"?
I need replase all calls with autoassembler, but I can not get a table all calls or local pointers to them
Unfortunately this is the best my solution code about replace some calls (not all calls from DissectCode class), but not into all calls from the module
--startAddress = experimentally determine
--endAddress = experimentally determine
--maxCalls = experimentally determine
LogCalls(startAddress, endAddress, maxCalls)
| Code: | allocMememoryCount = 0
sizeInstructions = 0
function SetMemoryScanOptions(startAddress, endAddress)
local mainFrm = getMainForm()
mainFrm.FromAddress.Lines.Text = string.format('%X', startAddress)
mainFrm.ToAddress.Lines.Text = string.format('%X', endAddress)
end
function AllocMemory(maxCalls)
allocMememoryCount = allocMememoryCount + 1
strNameCode = 'MemoCallCount'..allocMememoryCount
strNameData = 'MemoDataCount'..allocMememoryCount
autoAssemble(string.format([[alloc(%s,%s)
registersymbol(%s)
]],strNameCode,maxCalls * 200,strNameCode))
autoAssemble(string.format([[alloc(%s,%s)
registersymbol(%s)
]],strNameData,maxCalls * 4,strNameData))
adressCodeMem = getAddress(strNameCode)
addressDataMem = getAddress(strNameData)
return adressCodeMem, addressDataMem
end
-- startAddress = experimentally determine
-- endAddress = experimentally determine
-- endAddress = experimentally determine
function LogCalls(startAddress, endAddress, maxCalls)
pause()
lastClock = os.clock()
currentAddress = startAddress
disassembler = getDefaultDisassembler()
adressCodeMem, addressDataMem = AllocMemory(maxCalls)
countCall = 0
while currentAddress < endAddress and countCall < maxCalls do
line = disassembler.disassemble(currentAddress)
local data = disassembler.getLastDisassembleData()
sizeCurrentInstruction = getInstructionSize(currentAddress)
if(data["isCall"]) then
if(sizeCurrentInstruction < 5) then
--print(string.format('Пропущенна инструкция %s',line))
else
adressCodeCount = adressCodeMem + sizeInstructions
adressDataCount = countCall*4 + addressDataMem
if(sizeCurrentInstruction > 5) then
--print(line)
aaCode = string.format([[%x:
inc [%x]
jmp %s
%x:
call %x
db%s]], adressCodeCount, adressDataCount, data["parameters"], currentAddress, adressCodeCount, string.rep(' 90', sizeCurrentInstruction - 5))
else
aaCode = string.format([[%x:
inc [%x]
jmp %s
%x:
call %x]], adressCodeCount, adressDataCount, data["parameters"], currentAddress, adressCodeCount)
end
autoAssemble(aaCode)
sizeJmp = getInstructionSize(adressCodeCount + 6) -- PushF=2, Inc=6, Popf = 2
sizeInstructions = sizeInstructions + 6 + sizeJmp
countCall = countCall + 1
--print(string.format('Инъекция %s',line))
end
end
currentAddress = currentAddress + sizeCurrentInstruction
end
print('Last log call at '..line)
--print(string.format('Last address code from region 0x%08X',currentAddress))
print(string.format("Start region : 0x%08X, End region : 0x%08X", startAddress,endAddress))
print(string.format("Call injections : %s", countCall))
print(string.format("End address from region: 0x%08X", currentAddress))
print(string.format("Scan addresses %s", endAddress - startAddress))
print(string.format("Finish time %.2f sec", os.clock() - lastClock))
print(string.format("Mem count region : 0x%08X, End region : 0x%08X", addressDataMem, addressDataMem + maxCalls * 4))
print("Injections complete!!")
SetMemoryScanOptions(addressDataMem, addressDataMem + maxCalls * 4)
unpause()
end |
 |
|
| Back to top |
|
|
mgr.inz.Player
I post too much
Reputation: 218
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Sun May 31, 2015 2:27 pm Post subject: |
|
|
CE6.4+ compiled on 15.05.31, custom release
changes compared to SVN:
- added getCallList method to DissectCode class
Download:
https://googledrive.com/host/0BwMAnE6mjogMNXNjdHgxY1NqcEU/customRelease+getCallList%2015.05.31.7z
Installation:
Overwrite all files in folder where you have "revision 15.04.26 pure".
Example:
| Code: | function convert(T)
local tmp={}
for k,v in pairs(T) do tmp[#tmp+1]={k,v} end
table.sort(tmp,function (a,b) return a[1]<b[1] end)
return tmp
end
dissectCode = getDissectCode()
callList = dissectCode.getCallList()
table.sort(callList)
print('#callList: '..#callList)
--examples:
--get only addresses of functions which are between 0x400500 and 0x40A500
-- ("tutorial-i386.exe" has 184 such addresses)
filtered={}
for i=1,#callList do
if callList[i]>=0x400500 and callList[i]<=0x40A500 then
filtered[#filtered+1]=callList[i]
end
end
print('#filtered (should be 184 for tutorial-i386.exe): '..#filtered)
--get only addresses of functions which are between 0x42C37F and 0x42C381
-- ("tutorial-i386.exe" has 1 such address - 0x42C380)
-- and it has 136 refcount
filtered={}
for i=1,#callList do
if callList[i]>=0x42C37F and callList[i]<=0x42C381 then
filtered[#filtered+1]=callList[i]
end
end
print('#filtered: '..#filtered)
references = dissectCode.getReferences(filtered[1])
referencesConv = convert(references) -- convert
print('#referencesConv: ',#referencesConv) |
_________________
|
|
| Back to top |
|
|
GH*master
Expert Cheater
Reputation: 8
Joined: 10 Jan 2008
Posts: 159
|
| Posted: Mon Jun 01, 2015 12:24 pm Post subject: |
|
|
| Thanks! |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
