|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
Dark Byte Site Admin Reputation: 457
Joined: 09 May 2003 Posts: 25262 Location: The netherlands
|
Posted: Mon Dec 08, 2014 3:21 pm Post subject: |
|
|
Show IL disassembly will disassemble the IL code using the .net IL code format and show it in a small dialog. (it may be easier to read than the compiled native asm code)
Get IL code returns the address in memory where the native IL code is located, so you can edit it before it gets JITed using native IL code. To CE it will look like a bunch of random bytes, unless you also write a .net assembler/disassembler for CE
And JIT will make sure that the method has been JITed. (compiled)
Normally a method will only get JITed when it gets accessed for the first time, but certain methods, like loss of health, or actually death, are only called after being well in the game.
So, if you wish to edit the native compiled method before it gets called the first time (death of the player for example) you have to manually JIT it yourself first.
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
edliwo Newbie cheater Reputation: 0
Joined: 24 Oct 2014 Posts: 16
|
Posted: Tue Dec 09, 2014 6:44 am Post subject: |
|
|
Dark Byte wrote: | Show IL disassembly will disassemble the IL code using the .net IL code format and show it in a small dialog. (it may be easier to read than the compiled native asm code)
Get IL code returns the address in memory where the native IL code is located, so you can edit it before it gets JITed using native IL code. To CE it will look like a bunch of random bytes, unless you also write a .net assembler/disassembler for CE
And JIT will make sure that the method has been JITed. (compiled)
Normally a method will only get JITed when it gets accessed for the first time, but certain methods, like loss of health, or actually death, are only called after being well in the game.
So, if you wish to edit the native compiled method before it gets called the first time (death of the player for example) you have to manually JIT it yourself first. |
Ooh ok that cleared things up for me, thanks!
|
|
Back to top |
|
|
tfigment Advanced Cheater Reputation: 2
Joined: 12 Oct 2012 Posts: 93
|
Posted: Mon Jan 05, 2015 1:42 am Post subject: |
|
|
I'm trying to figure out how to get the results of mono_vtable_get_static_field_data into a symbol that can be used in a table memoryrecord as a base pointer.
The exact means of doing so is less important but ideally it would be the basis for future proofing tables from code changes.
While I have a pretty good handle on the lua scripting now, my autoassembly is very bad and my normal assembly is very rusty. I can get the static data pointer from some lua scripts and add it to a table but its is not automatically loaded as a symbol when attaching to the game.
I've been trying to follow the "Leisure suit larry: Mono hack method" tutorial but I cannot get anything to work.
What I'm trying to do here is have pGameManager symbol be loaded with the static data address for the GameManager class (no namespace). However this crashes the game everytime. Any assistance would be welcome. The next step would be getting the GETMONOSTRUCT function to export only static fields and get those populated but baby steps I think.
Code: | [ENABLE]
label(blaexit)
alloc(bla, 2048)
alloc(GameManager.Static,4)
registersymbol(GameManager.Static)
alloc(GameManager.Class,4)
registersymbol(GameManager.Class)
alloc(assemblyname, 64)
assemblyname:
db 'Assembly-CSharp',0
alloc(namespace, 64)
namespace:
db '',0
alloc(classname, 64)
classname:
db 'GameManager',0
alloc(status, 4)
bla:
PUSHAD
mov [GameManager.Static],0
mov [GameManager.Class],0
call mono.mono_get_root_domain
cmp eax,0
je blaexit
mov ebx,eax
push eax
call mono.mono_thread_attach
add esp,4
push status
push assemblyname
call mono.mono_assembly_load_with_partial_name
add esp,8
cmp eax,0
je blaexit
push eax
call mono.mono_assembly_get_image
add esp,4
cmp eax,0
je blaexit
push classname
push namespace
push eax
call mono.mono_class_from_name_case
add esp,C
cmp eax,0
je blaexit
mov [GameManager.Class],eax
push eax
push ebx
call mono.mono_class_vtable
add esp,8
cmp eax,0
je blaexit
push eax
call mono.mono_vtable_get_static_field_data
add esp,4
blaexit:
mov [GameManager.Static],eax
POPAD
ret
createthread(bla)
[DISABLE]
unregistersymbol(GameManager.Static)
unregistersymbol(GameManager.Class)
dealloc(assemblyname)
dealloc(classname)
dealloc(namespace)
dealloc(GameManager.Static)
dealloc(GameManager.Class)
dealloc(status)
dealloc(bla)
|
Edit: removed the getStructureCount stuff and put in more appropriate post.
Edit 2: I updated the code after figuring out what I was doing wrong and updated the above code to be correct. Now this code will populate GameManager.Static and GameManager.Class variables with relevant pointers for assembly:'Assembly-CSharp', namespace:'', classname:'GameManager' when the script is enabled. This version also has some null pointer protections if any of the calls fail and return zero.
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|