|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
panraven Grandmaster Cheater Reputation: 54
Joined: 01 Oct 2008 Posts: 941
|
Posted: Sun Jan 17, 2016 1:24 pm Post subject: postAOB @ registerAutoAssemblerPrologue ?? |
|
|
How to use the postAOB option?
A use case example is appreciated.
Code: | registerAutoAssemblerPrologue(function(script, syntaxcheck), postAOB:boolean=false)
Registers a function to be called when the auto assembler is about to parse an auto assembler script. The script you get is after the [ENABLE] and [DISABLE] tags have been used to strip the script to the according one, but before comment stripping and trimming has occured
script is a Strings object which when changed has direct effect to the script
|
Thank you~
_________________
- Retarded. |
|
Back to top |
|
|
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Sun Jan 17, 2016 3:58 pm Post subject: |
|
|
Execute this script:
Code: |
function func1(script, syntaxcheck)
if syntaxcheck then return end
print(script.Text)
end
if func1ID~=nil then unregisterAutoAssemblerPrologue(func1ID);func1ID=nil end
func1ID = registerAutoAssemblerPrologue(func1)
|
Then activate/deactivate any AA script. You will see whole AA script. Try also those with aobscan, unlabelled labels (@@, @f, @b)
Then launch CE again, execute this script (postAOB):
Code: | function func2(script, syntaxcheck)
if syntaxcheck then return end
print(script.Text)
end
if func2ID~=nil then unregisterAutoAssemblerPrologue(func2ID);func2ID=nil end
func2ID = registerAutoAssemblerPrologue(func2,true) |
Then activate/deactivate AA script.
For me, if original AA script looks like this:
Code: | define(origBytes,12 65 34 76)
[ENABLE]
aobscan(myAOB,11 12 13 14)
alloc(newmem,2048)
[DISABLE]
dealloc(newmem) |
func1 prints (activate):
Code: | define(origBytes,12 65 34 76)
aobscan(myAOB,11 12 13 14)
alloc(newmem,2048) |
func1 prints(deactivate)
Code: | define(origBytes,12 65 34 76)
dealloc(newmem) |
and func2 prints(activate):
Code: | define(origBytes,12 65 34 76)
DEFINE(myAOB, 00E18511)
alloc(newmem,2048) |
and func2 prints(deactivate):
Code: | define(origBytes,12 65 34 76)
dealloc(newmem) |
As you see, in postAOB, all aobscans are converted into DEFINE.
Actually this is how AA scripts are parsed:
1) splitting - AA part which is outside ENABLE and DISABLE section is merged with ENABLE (or DISABLE) section
2) lua code is executed. Those inside {$lua} block. Then whole block is replaced by return string
3) comments are removed, lines trimmed
4) unlabelled labels get labelled, and potential labels are detected
5) aobscans are executed, if all found then all lines with aobscans are replaced with DEFINE
6) and so on
registerAutoAssemblerPrologue(func) - func will be called after step 1, before step 2
registerAutoAssemblerPrologue(func,true) - func will be called just after step 5, before step 6
_________________
|
|
Back to top |
|
|
panraven Grandmaster Cheater Reputation: 54
Joined: 01 Oct 2008 Posts: 941
|
Posted: Sun Jan 17, 2016 4:23 pm Post subject: |
|
|
Oh, I see how it work!
I downloaded CE 6.5.0.459, but seems not work , but I'll figure it out.
Thanks~
ADDED:
Not tested yet, can I have 2 Prologue functions at the same time, one before aobscan, one after, even no aobscan command is used?
mgr.inz.Player wrote: | panraven wrote: | but seems not work |
It depends on what you want to achieve.
Anyway, with registerAutoAssemblerPrologue you can add your own 'AA script parsing' step.
panraven wrote: | ADDED:
Not tested yet, can I have 2 Prologue functions at the same time, one before aobscan, one after? |
Yes. |
Interesting Thank you~
ADDED:
Yes, Tested working!
_________________
- Retarded.
Last edited by panraven on Sun Jan 17, 2016 4:42 pm; edited 3 times in total |
|
Back to top |
|
|
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Sun Jan 17, 2016 4:29 pm Post subject: |
|
|
panraven wrote: | but seems not work |
It depends on what you want to achieve.
Anyway, with registerAutoAssemblerPrologue you can add your own 'AA script parsing' step.
panraven wrote: | ADDED:
Not tested yet, can I have 2 Prologue functions at the same time, one before aobscan, one after? |
Yes. You can register more than one before aobscans, and more than one after aobscans.
EDIT: example, your own preprocessor command:
You probably know that we can't "cmp reg64,value64"
we have to use push, pop, and mov
Would be easier to just write:
compare(reg64,value64)
add this to autorun:
Code: | function trim(s)
return s:match'^()%s*$' and '' or s:match'^%s*(.*%S)'
end
--adds compare(register,64bitvalue) , e.g. compare(RCX,00007f3412784512)
function compareWith64bit(script, syntaxcheck)
local linesWithKeyword = {}
for i=script.Count-1,0,-1 do
local line = script[i]:lower():match('compare%(.*%)')
and script[i]:match('%((.*)%)')
if line then
local args = {}
line:gsub("([^,]+)",function(c) args[#args+1] = trim(c) end)
linesWithKeyword[1+#linesWithKeyword] = {lineNumber=i, args=args}
end
end
for _,v in ipairs(linesWithKeyword) do
if v.args[1]:lower()=='rax' then
script[v.lineNumber]='push rbx'
script.insert(v.lineNumber+1, 'mov rbx,'..v.args[2])
script.insert(v.lineNumber+2, 'cmp '..v.args[1]..',rbx')
script.insert(v.lineNumber+3, 'pop rbx')
else
script[v.lineNumber]='push rax'
script.insert(v.lineNumber+1, 'mov rax,'..v.args[2])
script.insert(v.lineNumber+2, 'cmp '..v.args[1]..',rax')
script.insert(v.lineNumber+3, 'pop rax')
end
end
end
registerAutoAssemblerPrologue(compareWith64bit)
|
With above you can write such AA scripts:
Code: | [ENABLE]
alloc(newmem,256)
label(symNewmem)
registersymbol(symNewmem)
newmem:
symNewmem:
compare(rbx,Tutorial-x86_64.exe+12345)
jne short @f
mov eax,#999
@@:
mov [rbx+000002C8],eax
[DISABLE]
dealloc(newmem)
unregistersymbol(symNewmem) |
Assembled output will be:
Code: | symNewmem - 50 - push rax
014C0001 - 48 B8 4523010001000000 - mov rax,Tutorial-x86_64.exe+12345
014C000B - 48 39 C3 - cmp rbx,rax
014C000E - 58 - pop rax
014C000F - 75 05 - jne 014C0016
014C0011 - B8 E7030000 - mov eax,000003E7
014C0016 - 89 83 C8020000 - mov [rbx+000002C8],eax
|
The above is just an example, we could use registerAutoAssemblerCommand to achieve the same thing.
registerAutoAssemblerPrologue is more powerful, we can parse/modify whole script.
_________________
|
|
Back to top |
|
|
panraven Grandmaster Cheater Reputation: 54
Joined: 01 Oct 2008 Posts: 941
|
Posted: Sun Jan 17, 2016 9:03 pm Post subject: |
|
|
Thanks the example.
Yes, AA is better in this case as it may want symbol generated after Prologue stage ie, from other custom or standard AA.
Prologue should be more suitable for parsing static like symbol (eg. mono function address,struct offset etc), or making some control struct eg. http://forum.cheatengine.org/viewtopic.php?p=5633362 , or defining multi-parameters multi-lines Macro that invoke as AA command (after Prologue stage) similar to your example (but user can customize without making own custom AA)?
_________________
- Retarded. |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|