Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


64-bit game and Lua script.

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
mgr.inz.Player
I post too much
Reputation: 218

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Sat Apr 04, 2015 10:06 am    Post subject: Reply with quote

This
[findit+4]:

or other
[[[findit+xx]+xx]+xx]:

Doesn't work with CE version 6.4 and below. Wait for CE6.5 or download CE6.4+ (custom builds) or compile CE source yourself.

This bug is fixed in SVN.




EDIT:
Lua fix for you:


Code:
[ENABLE]
aobscan(findit,xx xx xx)
LuaCall(  unregisterSymbol('BasePTR'); registerSymbol('BasePTR',string.format('%X',readQword("findit+4")))  )

[DISABLE]
unregistersymbol(BasePTR)

_________________
Back to top
View user's profile Send private message MSN Messenger
mgr.inz.Player
I post too much
Reputation: 218

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Sat Apr 04, 2015 12:55 pm    Post subject: Reply with quote

Obviously you have to attach CE to game process first. And be sure your array of bytes are correct.


Then, just ignore that error. It only appears while editing script.



EDIT:
If you still want help. Post a screenshot of instructions from which you want to retrieve address.

_________________
Back to top
View user's profile Send private message MSN Messenger
mgr.inz.Player
I post too much
Reputation: 218

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Sun Apr 12, 2015 4:56 pm    Post subject: Reply with quote

Because you didn't post any screenshot, I assume you found a place with RIP-relative addressing.

For example, you attached to 64bit target and found code which access basePtr:
Code:
mov eax,[800171C8]      // it access basePtr
(bytes: 8B 05 xa xb xc xd)

mov [rbp-20],ecx        // it is the next instruction



And this opcode is coded with 6 bytes instead of 7 bytes or 11 bytes.


If you found RIP-relative addressing, retrieving basePtr becomes more complicated. We have to take dword and address of next instruction, and add them together:


An example:
aobscan(findit,8B 05 xa xb xc xd 89 4D E0 ....................)

our dword is at findit+2 and next instruction is at findit+6




Full script:
(I made few tests, it still needs more)
Code:
[ENABLE]
{$lua}
function RIPrelative(addr,i,j,symbol)
  if addr==' 00000000' then return end
  addr=tonumber(addr,16)
  i=addr+tonumber(i,16); j=addr+tonumber(j,16)

  local absoluteAddress = (readInteger(i)+j)

  unregisterSymbol(symbol)
  registerSymbol(symbol,absoluteAddress)
end
{$asm}

aobscan(findit,8B 05 x x x x 89 ....................)

LuaCall(   RIPrelative('findit',  '2',  '6',  'ptr')   )


[DISABLE]
unregistersymbol(ptr)

_________________
Back to top
View user's profile Send private message MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites