Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


4 Byte Scan, and how to disassemble an address with Lua?

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting
View previous topic :: View next topic  
Author Message
usernotfound
Expert Cheater
Reputation: 0

Joined: 21 Feb 2016
Posts: 115
PostPosted: Thu Jan 26, 2017 9:29 pm    Post subject: 4 Byte Scan, and how to disassemble an address with Lua? Reply with quote
As title says, would anyone mind providing a simple example to 4 byte scan an address and also how to disassemble a result from an aobscan with Lua? (so that I could get the call or poiner/offset from the instructions in memview)
Back to top
View user's profile Send private message
Zanzer
I post too much
Reputation: 126

Joined: 09 Jun 2013
Posts: 3278
PostPosted: Thu Jan 26, 2017 9:45 pm    Post subject: Reply with quote
Code:
local memscan = createMemScan()
local foundlist = createFoundList(memscan)
memscan.firstScan(
  soValueBetween, vtDword, rtRounded,
  "19791800", "19791900", 0, 0xffffffffffffffff, "+W-C",
  fsmAligned, "4", false, false, false, false)
memscan.waitTillDone()
foundlist.initialize()
local values = {}
local value = foundlist.Value
for i = 0, foundlist.Count - 1 do
  values[value[i]] = true
end
foundlist.destroy()
memscan.destroy()
for i in pairs(values) do
  print(i)
end
Back to top
View user's profile Send private message
usernotfound
Expert Cheater
Reputation: 0

Joined: 21 Feb 2016
Posts: 115
PostPosted: Fri Jan 27, 2017 12:13 am    Post subject: Reply with quote
Thanks Zanzer always appreciate the help!
Back to top
View user's profile Send private message
Corroder
Grandmaster Cheater Supreme
Reputation: 75

Joined: 10 Apr 2015
Posts: 1667
PostPosted: Fri Jan 27, 2017 3:24 am    Post subject: Reply with quote
Is print out value as a Hex ?. if not how to outputting values as Hex ?

Thank you and regards
Back to top
View user's profile Send private message
Zanzer
I post too much
Reputation: 126

Joined: 09 Jun 2013
Posts: 3278
PostPosted: Fri Jan 27, 2017 7:38 pm    Post subject: Reply with quote
Code:
string.format("%X", value)
Back to top
View user's profile Send private message
usernotfound
Expert Cheater
Reputation: 0

Joined: 21 Feb 2016
Posts: 115
PostPosted: Sun Jan 29, 2017 12:41 pm    Post subject: Reply with quote
Hey guys sorry to bump the thread again, how can I print just the call address from instructions at this address opcode?

Code:
function getCall()
  autoAssemble([[
  aobscan(calladdr,E8 ?? ?? ?? ?? 8B ?? 89 ?? ?? ?? 85 ?? 0F 8E)
  label(_calladdr)
  registersymbol(_calladdr)
  calladdr:
  _calladdr:
  ]])
  print(disassemble("_calladdr"))
end

createNativeThread(getCall)


Back to top
View user's profile Send private message
ParkourPenguin
I post too much
Reputation: 140

Joined: 06 Jul 2014
Posts: 4289
PostPosted: Sun Jan 29, 2017 1:24 pm    Post subject: Reply with quote
How I would do it:
Code:
local res = assert(AOBScan('E8 ?? ?? ?? ?? 8B ?? 89 ?? ?? ?? 85 ?? 0F 8E','+X*C*W'), 'AoB pattern not found')
local addressOfCaller = tonumber(res[0],16)
local rel32 = readInteger(addressOfCaller + 1)
local addressOfCallee = addressOfCaller + 5 + rel32 - ((rel32 & 1 << 31) << 1)

print(string.format('Address of caller:\t%08X\r\nAddress of callee:\t%08X',
                    addressOfCaller, addressOfCallee))

res.destroy()


You can use string manipulation too.
Code:
local res = assert(AOBScan('E8 ?? ?? ?? ?? 8B ?? 89 ?? ?? ?? 85 ?? 0F 8E','+X*C*W'), 'AoB pattern not found')

local extra, asm, bytes, addressOfCaller = splitDisassembledString(disassemble(res[0]))

local addressOfCallee = asm:match('%x+$')

print(string.format('Address of caller:\t%s\r\nAddress of callee:\t%s',
                    addressOfCaller, addressOfCallee))

res.destroy()

_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
usernotfound
Expert Cheater
Reputation: 0

Joined: 21 Feb 2016
Posts: 115
PostPosted: Sun Jan 29, 2017 1:37 pm    Post subject: Reply with quote
Works perfectly thanks for the examples Parkour
Back to top
View user's profile Send private message
Corroder
Grandmaster Cheater Supreme
Reputation: 75

Joined: 10 Apr 2015
Posts: 1667
PostPosted: Fri Feb 03, 2017 3:46 am    Post subject: Reply with quote
Zanzer wrote:
Code:
local memscan = createMemScan()
local foundlist = createFoundList(memscan)
memscan.firstScan(
  soValueBetween, vtDword, rtRounded,
  "19791800", "19791900", 0, 0xffffffffffffffff, "+W-C",
  fsmAligned, "4", false, false, false, false)
memscan.waitTillDone()
foundlist.initialize()
local values = {}
local value = foundlist.Value
for i = 0, foundlist.Count - 1 do
  values[value[i]] = true
end
foundlist.destroy()
memscan.destroy()
for i in pairs(values) do
  print(i)
end


How to print Addresses + Values ? Smile Smile sir

EDIT :
nvm, it's solved..

Code:
UDF1.show()

function findDoubleValue(findValue)
  memscan = createMemScan()
  foundlist = createFoundList(memscan)
  protectionflags = "-W*X-C"
  memscan.firstScan(soExactValue, vtDouble, rtTruncated, findValue, nil,
               "0","7fffffff",protectionflags,
               fsmAligned,"4",
               false, false, false, false)
  memscan.waitTillDone()
  foundlist.initialize()

 if foundlist ~=nil then
  local addresses = {}
  local address = foundlist.Address
  local values = {}
  local value = foundlist.Value
  cnt = 1
    for i = 0, foundlist.Count - 1 do
     addresses[address[i]] = true
     values[value[i]] = true
     print(cnt.." Address : "..address[i].." - Value : "..value[i])
    cnt = cnt + 1
    end
  foundlist.destroy()
  memscan.destroy()
 else
  showMessage("No results found");end

------------------------------------------------- replace section
--  for i=0,foundlist.Count-1 do
--  fullAccess(  getAddress(foundlist.Address[i])  , 8)
--  writeDouble(  foundlist.Address[i], replaceWith)
--  end

--  sleep(50)
--  foundlist.destroy()
--  sleep(50)
--  memscan.destroy()
end

a = UDF1.CEEdit1.Text
a = tonumber(a)

function doit()
 findDoubleValue(a)
end

function CEButton1Click(sender)
 doit()
end

--- test and result for a = 0.0111

1 Address : 03515770 - Value : 0.0111846967146935
2 Address : 035C7598 - Value : 0.011120067472051
3 Address : 614317B0 - Value : 0.0111853429375859
4 Address : 61495080 - Value : 0.011185340707987
5 Address : 61D2C5E0 - Value : 0.0111854241358034
6 Address : 61EC07A0 - Value : 0.0111865997317778
7 Address : 620FCDBC - Value : 0.0111390396059483
8 Address : 67DF07B4 - Value : 0.011119937655508
9 Address : 67F43280 - Value : 0.0111850574416326
10 Address : 71756130 - Value : 0.0111848148807303
11 Address : 74D31A0C - Value : 0.0111869014373342
12 Address : 75E7709C - Value : 0.0111866000922322
13 Address : 76418E9C - Value : 0.0111206591761947
14 Address : 764CA7B0 - Value : 0.0111146506508888
15 Address : 7681CE7C - Value : 0.0111694410443306
16 Address : 76ACEFC4 - Value : 0.0111332947147291



regards
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites