Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


How can I make it work? (autoAssemble pause in LuaScript)

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
TPRammus
Advanced Cheater
Reputation: 0

Joined: 05 Jan 2016
Posts: 61
Location: Germany
PostPosted: Thu Jun 09, 2016 11:24 am    Post subject: How can I make it work? (autoAssemble pause in LuaScript) Reply with quote
Hey!

I have made this script which 'recruits' the enemy Crew.
Its inside of a simple Button-Event which should do all work. (Its not a button which you can enable and disable)
Code:
[ENABLE]

aobscanmodule(INJECT,FTLGame.exe,D9 51 2C D9 84 24 80 00 00 00)
alloc(newmem,$1000)

label(code)
label(return)
label(onehit)

newmem:

code:
  cmp [ecx+4],1
  je onehit
  fst dword ptr [ecx+2C]
  fld dword ptr [esp+00000080]
  jmp return

onehit:
  mov [ecx+4],0
  jmp return

INJECT:
  jmp code
  nop
  nop
  nop
  nop
  nop
return:
registersymbol(INJECT)

[DISABLE]

INJECT:
  db D9 51 2C D9 84 24 80 00 00 00

unregistersymbol(INJECT)
dealloc(newmem)

(dont mind the 'onehit' label)

I tested it out inside of cheat engine(by enableing the script) and it perfectly worked. The problem is that the game does only run this section of code when its not paused. So I got me the pause address which determines if the game is paused or not.

I made it like this:
Code:
*(writeInteger)->Pause off*
*assembly-code*
*(writeInteger)->Pause on*


I edited the (assembly) code so that the 'enable' code section will run, then a pause of 1000ms and then the disable section will run.
But the game only pauses some milliseconds and unpauses again. Also, the enemy crew does not get recruited.

(I deleted the [ENABLE] and [DISABLE] thing and made the pause after the 'return:')

I tried both of those:
Dark Byte wrote:
in 32-bit:
push #1000
call kernel32.sleep

in 64-bit:
mov ecx,#1000
call kernel32.sleep

But theres simply no pause (at least when #1000 means one second)

regards, TPRammus
Back to top
View user's profile Send private message
ParkourPenguin
I post too much
Reputation: 140

Joined: 06 Jul 2014
Posts: 4289
PostPosted: Thu Jun 09, 2016 12:26 pm    Post subject: Reply with quote
To sum everything up just to make sure I'm getting this right: when a button is pressed, you want the game to pause, auto assemble something into the game, wait for 1 second so it can run, undo the thing you just auto assembled, and then unpause the game?

Regardless, posting the Lua code you currently have would help others figure out what's wrong.
_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
TPRammus
Advanced Cheater
Reputation: 0

Joined: 05 Jan 2016
Posts: 61
Location: Germany
PostPosted: Thu Jun 09, 2016 1:00 pm    Post subject: Reply with quote
ParkourPenguin wrote:
Regardless, posting the Lua code you currently have would help others figure out what's wrong.


"...want the game to unpause, auto assemble something into the game, wait for 1 second so it can run, undo the thing you just auto assembled, and then pause... (it again)"

There you go:
Code:
function CEButtonRecruitClick(sender)
  writeInteger("[[[[FTLGame.exe+003A38C4]+4c4]+238]+134]+650", 0)
  autoAssemble([[
  aobscanmodule(INJECT,FTLGame.exe,D9 51 2C D9 84 24 80 00 00 00)
  alloc(newmem,$1000)

  label(code)
  label(return)
  label(onehit)

  newmem:

  code:
    cmp [ecx+4],1
    je onehit
    fst dword ptr [ecx+2C]
    fld dword ptr [esp+00000080]
    jmp return

  onehit:
    mov [ecx+4],0
    jmp return

  INJECT:
    jmp code
    nop
    nop
    nop
    nop
    nop

  return:
    mov ecx,#1000
    call kernel32.sleep
  registersymbol(INJECT)

  INJECT:
    db D9 51 2C D9 84 24 80 00 00 00

  unregistersymbol(INJECT)
  dealloc(newmem)
]])
  writeInteger("[[[[FTLGame.exe+003A38C4]+4c4]+238]+134]+650", 1)
end

I forgot to save the Luascript thats why I did not posted it at first (I just did it like this)

--Wow with this code, the game also seems to crash when I am trying to unpause (after I clicked the button).
--(Tested both, that address for pause and the script in ce)

regards, TPRammus

Unbenandsdsnt.PNG
 Description:
scr2
 Filesize:  18.32 KB
 Viewed:  4888 Time(s)

Unbenandsdsnt.PNG
Unbendsannt.PNG
 Description:
scr1
 Filesize:  16.58 KB
 Viewed:  4888 Time(s)

Unbendsannt.PNG
Back to top
View user's profile Send private message
ParkourPenguin
I post too much
Reputation: 140

Joined: 06 Jul 2014
Posts: 4289
PostPosted: Thu Jun 09, 2016 1:56 pm    Post subject: Reply with quote
First of all, if you're in a 32-bit process, arguments are passed to subroutines through the stack. If you're in a 64-bit process, you should be using the 64-bit registers when addressing a memory location.

Regardless, why are you writing mov ecx,#1000 / call kernel32.sleep there? The only thing that will do is overwrite the code past the injection point with those instructions. That thread would wait for a second and probably crash the process after that.

If you have your [DISABLE] section just after your [ENABLE] section in the same call to autoAssemble, your script will just disable itself and not do anything. You overwriting the asm past the injection point isn't being disabled, which would still probably result in the process crashing.

Your code wouldn't stop CE's Lua script at all: CE would write 0 to that pause address, auto assemble that script, then immediately write 1 back into that pause address.

Separate your script and call sleep(milli) from Lua instead of writing erroneous instructions into the game's memory:
Code:
function CEButtonRecruitClick(sender)
  writeInteger("[[[[FTLGame.exe+003A38C4]+4c4]+238]+134]+650", 0)

  autoAssemble([[
    aobscanmodule(INJECT,FTLGame.exe,D9 51 2C D9 84 24 80 00 00 00)
    globalalloc(convertEnemy,256)

    label(code)
    label(return)
    label(onehit)

    registersymbol(INJECT)

    convertEnemy:
    code:
      cmp [ecx+4],1
      je onehit
      fst dword ptr [ecx+2C]
      fld dword ptr [esp+00000080]
      jmp return
    onehit:
      mov [ecx+4],0
      jmp return

    INJECT:
      jmp code
      nop
      nop
      nop
      nop
      nop
    return:
    ]])

  sleep(1000)

  autoAssemble([[
    INJECT:
      db D9 51 2C D9 84 24 80 00 00 00
    unregistersymbol(INJECT)
    ]])

  writeInteger("[[[[FTLGame.exe+003A38C4]+4c4]+238]+134]+650", 1)
end

_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
TPRammus
Advanced Cheater
Reputation: 0

Joined: 05 Jan 2016
Posts: 61
Location: Germany
PostPosted: Fri Jun 10, 2016 7:48 am    Post subject: Reply with quote
Wow thank you very much (also for the explanation). I get it now.
I thought you could pause like that because of this thread: http://forum.cheatengine.org/viewtopic.php?p=5574627

But I probably didnt read everything and assumed that it could paste it into my script.

Thanks!

regards, TPRammus
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites