Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


AOB Scan Finds Address Only After I Manually Find It First

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting
View previous topic :: View next topic  
Author Message
honestabelink
How do I cheat?
Reputation: 0

Joined: 08 Sep 2014
Posts: 4

PostPosted: Mon Sep 08, 2014 1:09 am    Post subject: AOB Scan Finds Address Only After I Manually Find It First Reply with quote

My issue is when I AOBScan to match this byte pattern

83 c4 10 8b c8 b8 04 00 00 00 89 4d d0

I get no results.

But if I manually find the address I am looking for first, then AOBScan, it finds it and everything works just fine.

Is there something I'm missing?

This holds true in both the lau scripting side and the normal gui for cheat engine with the preset "Scan All Memory" set.

*edit
I found by making the search pattern shorter the ABOScan was able to return the address I was looking for. If anyone knows why this is I'd still like to know even though my problem is solved.
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Mon Sep 08, 2014 3:31 am    Post subject: Reply with quote

Perhaps you are reading out the second result (1) instead of the first result (0)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
honestabelink
How do I cheat?
Reputation: 0

Joined: 08 Sep 2014
Posts: 4

PostPosted: Mon Sep 08, 2014 1:38 pm    Post subject: Reply with quote

Thanks for the response Dark Byte.

Indexing correctly wasn't the issue, the return of the AOBScan was null.

After shortening the ABOScan I got many results.

Change
83 c4 10 8b c8 b8 04 00 00 00 89 4d d0 - original (not working)
83 c4 10 8b c8 b8 04 00 00 00 - returns many results

I do understand some byte code changes each time a new instance of the program allocates memory, so certain byte array searches cannot be counted on. (correct me if I'm wrong)

Here's the disassembly I'm scanning for

0335AE01 - 83 C4 10 - add esp,10
0335AE04 - 8B C8 - mov ecx,eax
0335AE06 - B8 04000000 - mov eax,00000004
0335AE0B - 89 4D D0 - mov [ebp-30],ecx

if I adjust search for this

0335AE01 - 83 C4 10 - add esp,10
0335AE04 - 8B C8 - mov ecx,eax
0335AE06 - B8 04000000 - mov eax,00000004

The scan works fine and return many results.

But the thing that is really perplexing is if I go through the steps of hunting down the address manually, IE scanning for values, breakpoints on access,
going to memory addresses, following the disassembly, ect. The AOBScan returns the address every time, even when using the longer search.

What do you think is causing this behavior?
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Mon Sep 08, 2014 1:48 pm    Post subject: Reply with quote

Perhaps a copy paste error with an invisible character somewhere at the end of the aob?
How do you call AOBScan? Each parameter a byte or one string?

Perhaps it's jitted code which may mean that the code needs to be executed at least once before you can find it

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
honestabelink
How do I cheat?
Reputation: 0

Joined: 08 Sep 2014
Posts: 4

PostPosted: Mon Sep 08, 2014 2:41 pm    Post subject: Reply with quote

Perhaps a copy paste error with an invisible character somewhere at the end of the aob?

I had this issue earlier, and then finally noticed it. I thought that it was the issue but, the problem is still occurring.

How do you call AOBScan?
I call the AOBScan from a Forms Cheat Table using the click event on a checkbox.
I pass the entire search all at once as one string
AOBScan("83 c4 10 8b c8 b8 04 00 00 00 89 4d d0");

Perhaps it's jitted code which may mean that the code needs to be executed at least once before you can find it?

I think you may be correct, but I am unsure. Does flash rely on a JIT. I do believe it does. (correct me if I'm wrong) If so you probably are correct.

I could, have the user of the cheat, execute the code by performing an action in the game and then search for it. But that seems rather messy.

If it means anything there are other abo's I do and they all work correctly. But maybe this comes back to what you said about the jitted code.

If it is jitted, what solutions would you use?

Thanks for the help so far.
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Mon Sep 08, 2014 3:17 pm    Post subject: Reply with quote

Try scanning that aob every few minutes till found. It will always have to be after the user has executed the code.
You could try finding the actionscript bytecode of the swf and edit that, but you'll have less options on what to do then

Tip: code that reads your health has a higher chance of being executed then the one that writes it

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
honestabelink
How do I cheat?
Reputation: 0

Joined: 08 Sep 2014
Posts: 4

PostPosted: Mon Sep 08, 2014 3:40 pm    Post subject: Reply with quote

Thanks Dark Byte again for the quick responses. This definitively has helped in coming up with the right solution.

Is my understanding of a JIT wrong?

We write code, code eventually reaches a compiler, which turns it into their specific byte code. On the end users machine the JIT takes that byte code and turns it into their machine specific code.

It always was my belief that the JIT compiled the entire program before it was run. But in this case it's showing only the parts of the program that are executed are actually compiled to machine code.

Is this what is going on?
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Mon Sep 08, 2014 8:05 pm    Post subject: Reply with quote

Correct Some jitters compile everything, but a lot only compile what is actually needed
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
sitapea1337
Newbie cheater
Reputation: 0

Joined: 29 Mar 2010
Posts: 19

PostPosted: Sat Sep 13, 2014 9:25 am    Post subject: Reply with quote

Sorry to hijack your thread, but I think since I also have an issue with AOBScan, then this might be the correct place to ask my question.


Anyway, is there a possibility to make mathematical calculations with AOBScan results? Any way to convert resulting strings into HEX or DEC numbers?

Thank you!
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Sat Sep 13, 2014 9:57 am    Post subject: Reply with quote

tonumber('0x'..hexadecimaladdress) converts it to an integer
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
sitapea1337
Newbie cheater
Reputation: 0

Joined: 29 Mar 2010
Posts: 19

PostPosted: Sat Sep 13, 2014 10:28 am    Post subject: Reply with quote

Oh! Never knew it would be so simple! Thank you! Smile

Just for testing, how to convert DEC to HEX? Somekind BASE function?
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Sat Sep 13, 2014 11:04 am    Post subject: Reply with quote

most ce functions can deal with integers fine, but the easiest is string.format("%x", value)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
sitapea1337
Newbie cheater
Reputation: 0

Joined: 29 Mar 2010
Posts: 19

PostPosted: Sat Sep 13, 2014 11:59 am    Post subject: Reply with quote

Yeah, noticed Smile That's a very strong feature Smile

Anyway! Thank you very much! I use it mostly for "print-debugging" to see if I have correct addresses/pointers etc.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites