Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Lua for injecting near string reference using AOB in AA scri

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting
View previous topic :: View next topic  
Author Message
jgoemat
Master Cheater
Reputation: 22

Joined: 25 Sep 2011
Posts: 252

PostPosted: Sun Feb 18, 2018 12:00 am    Post subject: Lua for injecting near string reference using AOB in AA scri Reply with quote

I ran into a game made with Game Maker Studio which had a lot of script names in it's string list. Unfortunately there was also a lot of duplicate code sections making it impossible to write a good script that could work across versions. I came up with some LUA code that does the trick. It finds the address of the script name string, finds out where that is used in the code, and lets you specify an AOB string to find near it. The entire module is scanned and the closest AOB match is used.

For instance here is some code where they push the address of the string onto the stack and I want to change the 'jbe' instruction nearby to a 'jmp'. It scans "Game.exe" for the string "AlertScript" which has the address "Game.exe+BA0BC4". It then scans "Game.exe" for that address. Finally it scans "Game.exe" for the AOB "f2 0f 10 44 24 18" and registers the symbol "AlertScriptSymbol" to be the address of the match that is closest to where the string address is used in code.


Code:
[ENABLE]

LuaCall(aobScanNearStringReference("AlertScriptSymbol", "Game.exe", "AlertScript", "f2 0f 10 44 24 18"))
AlertScriptSymbol+14:
  nop
  db e9 // changes jbe to jmp, but jmp is one opcode...  Address is irrelevant this way

[DISABLE]

AlertScriptSymbol+14:
  db 0f 86


{
// ORIGINAL CODE - INJECTION POINT: "Game.exe"+3C0A94

"Game.exe"+3C0A66: E8 35 5F 2F 00           -  call Game.exe+6B69A0
"Game.exe"+3C0A6B: F7 40 0C FF FF FF 00     -  test [eax+0C],FFFFFF
"Game.exe"+3C0A72: 74 14                    -  je Game.exe+3C0A88
"Game.exe"+3C0A74: DD 5C 24 18              -  fstp qword ptr [esp+18]
// Game.exe+BA0BC4 is a pointer to the string "AlertScript"
"Game.exe"+3C0A78: C7 44 24 44 C4 0B 3C 01  -  mov [esp+44],Game.exe+BA0BC4
// ---------- AOB START (add +14 hex) ----------
"Game.exe"+3C0A80: F2 0F 10 44 24 18        -  movsd xmm0,[esp+18]
"Game.exe"+3C0A86: EB 04                    -  jmp Game.exe+3C0A8C
"Game.exe"+3C0A88: F2 0F 10 00              -  movsd xmm0,[eax]
"Game.exe"+3C0A8C: 66 0F 2E 05 28 6A 3A 01  -  ucomisd xmm0,[Game.exe+B86A28]
// ---------- CHANGING jbe to jmp ----------
"Game.exe"+3C0A94: 0F 86 2E 02 00 00        -  jbe Game.exe+3C0CC8
// ---------- DONE INJECTING  ----------
"Game.exe"+3C0A9A: 8B 47 04                 -  mov eax,[edi+04]
"Game.exe"+3C0A9D: 85 C0                    -  test eax,eax
"Game.exe"+3C0A9F: 74 07                    -  je Game.exe+3C0AA8
"Game.exe"+3C0AA1: 05 D0 22 00 00           -  add eax,000022D0
"Game.exe"+3C0AA6: EB 11                    -  jmp Game.exe+3C0AB9
"Game.exe"+3C0AA8: 8B 07                    -  mov eax,[edi]
"Game.exe"+3C0AAA: C7 04 24 2D 02 00 00     -  mov [esp],0000022D
"Game.exe"+3C0AB1: 89 F9                    -  mov ecx,edi
"Game.exe"+3C0AB3: FF 50 04                 -  call dword ptr [eax+04]
"Game.exe"+3C0AB6: 83 EC 04                 -  sub esp,04
}



tablescript.lua
 Description:
LUA Table Script with function

Download
 Filename:  tablescript.lua
 Filesize:  8.56 KB
 Downloaded:  244 Time(s)

Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites