|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
hdf13 Advanced Cheater Reputation: 1
Joined: 18 Sep 2013 Posts: 75
|
Posted: Fri Aug 29, 2014 6:35 pm Post subject: |
|
|
++METHOS wrote: | You must use additional coding (LUA or other) to force the script to disable itself after each run. You can not use assembly inside of that script to achieve this.
The only purpose I can see with wanting to do this is to remain undetected against periodic memory checks. If you have another reason, I would be interested in knowing what that reason is. |
I have already mentioned, what I need it for. CheatHappens has trainers that work like this, where the option does something once, than deactivates. Adds numbers to a stat, or timer. Or say, I want a "level up" button, that calls the level up handling game function or some such. Or maybe I want a script, that in a strategy game, sets all resources to a high value at the press of a button, and don't have to set all 12 resource numbers manually, or some such. I have not thought about a game self checking, as that sort of thing would scare me away, too complicated for me.
What I need is an example of how to manipulate the cheat table from within a running auto assembly code. "Call CE lua function" template shows how to get started, but I can't find any docs for how to manipulate CE table from lua.
|
|
Back to top |
|
|
Geri Moderator Reputation: 111
Joined: 05 Feb 2010 Posts: 5636
|
Posted: Fri Aug 29, 2014 7:01 pm Post subject: |
|
|
Lol. The cheat types that you have mentioned above are not removing the code injection at all. They are just using flags to turn on/off the cheats, as it was described in the second post.
User is setting the flag to 1 by pressing a key, the script runs once, set back the flag to 0 and the script will do nothing until the user is setting the flag to 1 again.
Recifense is using such flags in his tables with 0 and 1. The only difference is that his cheats are not setting the flag to 0 after the script has been executed.
If you wanted to achieve that result only, you have totally overcomplicated it.
_________________
|
|
Back to top |
|
|
hdf13 Advanced Cheater Reputation: 1
Joined: 18 Sep 2013 Posts: 75
|
Posted: Fri Aug 29, 2014 7:18 pm Post subject: |
|
|
I have figured out, how to do it! Thanks to Dark Byte for the lua bit idea, and Geri for the assembly part.
(Assuming, that the option description is "test", and has assigned toggle hotkey.)
Code: | [ENABLE]
{$lua}
function disableSelf(sender)
sender.destroy()
local addr=getAddressList().getMemoryRecordByDescription("test")
local hk=memoryrecord_getHotkey(addr)
memoryrecordhotkey_doHotkey(hk)
end
local t=createTimer(nil)
t.OnTimer=disableSelf
t.Interval=100
t.Enabled=true
{$asm}
define(address,"?.exe"+??????)
define(bytes,?? ?? ?? ?? ?? ??)
define(len,6)
assert(address,bytes)
globalalloc(code1,512)
globalalloc(originalcode1,len)
label(return)
originalcode1:
db bytes
code1:
mov [ebx],#999
//restore with original bytes
//fullaccess(address,len) //make read/write/execute
pushad //backup all registers
pushfd //backup all flags
cld
mov ecx,len //number of bytes
mov esi,originalcode1
mov edi,address
rep movsb
popfd
popad
jmp return
address:
jmp code1
nop
return:
[DISABLE]
|
Last edited by hdf13 on Sat Aug 30, 2014 12:02 pm; edited 17 times in total |
|
Back to top |
|
|
++METHOS I post too much Reputation: 92
Joined: 29 Oct 2010 Posts: 4197
|
Posted: Fri Aug 29, 2014 7:33 pm Post subject: |
|
|
hdf13 wrote: | I have already mentioned, what I need it for. | -Not before my post. Anyway, good luck.
|
|
Back to top |
|
|
hdf13 Advanced Cheater Reputation: 1
Joined: 18 Sep 2013 Posts: 75
|
Posted: Fri Aug 29, 2014 7:52 pm Post subject: |
|
|
++METHOS wrote: | hdf13 wrote: | I have already mentioned, what I need it for. | -Not before my post. Anyway, good luck. |
Yes I did, in this post to Geri: http://forum.cheatengine.org/viewtopic.php?p=5549020#5549020
Quote: | So like to set a specific value to something, add to a value, or to run an ingame function. |
|
|
Back to top |
|
|
++METHOS I post too much Reputation: 92
Joined: 29 Oct 2010 Posts: 4197
|
Posted: Fri Aug 29, 2014 7:59 pm Post subject: |
|
|
No, that explains what you wanted to do...not why. Asking the why part often saves us a lot of time because the person asking may not know that there are better solutions, better approaches and/or what they are really needing.
|
|
Back to top |
|
|
hdf13 Advanced Cheater Reputation: 1
Joined: 18 Sep 2013 Posts: 75
|
Posted: Sat Aug 30, 2014 1:03 pm Post subject: |
|
|
While working on improving this trick, I also figured out how to do another.
Here is a way, to dynamically generate table elements for memory locations (possibly stored in a globalalloc or with registersymbol):
Code: | [ENABLE]
{$lua}
function genRecords(sender)
sender.destroy()
local al=getAddressList()
local parent=al.getMemoryRecordByDescription("GenTable")
local mr
mr=al.getMemoryRecordByDescription("Health")
if mr==nil then
mr=al.createMemoryRecord()
mr.appendToEntry(parent)
mr.setDescription("Health")
mr.setAddress("hp")
end
mr=al.getMemoryRecordByDescription("Mana")
if mr==nil then
mr=al.createMemoryRecord()
mr.appendToEntry(parent)
mr.setDescription("Mana")
mr.setAddress("mana")
end
end
function onOpenProcess(processid)
if getProcessIDFromProcessName("game.exe")~=processid then
return
end
local t=createTimer(nil)
t.OnTimer=genRecords
t.Interval=1
t.Enabled=true
end
{$asm}
[DISABLE]
|
Sometimes it's really hard, (or impossible) to find a static pointer for the needed addresses, but this makes it possible, for the table to generate itself, upon attaching to the target process.
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|