Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Set a random value using ASM or LUA

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
aikoncwd
Grandmaster Cheater
Reputation: 23

Joined: 21 Dec 2012
Posts: 591
Location: Spain (Barcelona)

PostPosted: Thu Apr 16, 2015 6:11 pm    Post subject: Set a random value using ASM or LUA Reply with quote

Hi

I have this working script:

Code:
[ENABLE]

aobscanmodule(PedestalItemPick,isaac-ng.exe,C7 46 14 00 00 00 00 74)
alloc(newmem,$1000)

label(code)
label(return)
globalalloc(pPedestal,4)

newmem:

code:
  mov [esi+14],F6     //HERE
  mov [pPedestal],esi
  jmp return

PedestalItemPick:
  jmp code
  nop
  nop
return:
registersymbol(PedestalItemPick)

[DISABLE]

PedestalItemPick:
  db C7 46 14 00 00 00 00

unregistersymbol(PedestalItemPick)
dealloc(newmem)


Has you can see, I set F6 to [esi+14]. All I want is set a random value (from 1 to 200) in [esi+14], something like this:

Code:

push eax
mov eax,rnd(1-200)
mov [esi+14],eax
pop eax
...


rnd(1-200) is innvented by me, lol, is there any way to achieve this via ASM? I can accept LUA solution, something like:

Code:

{$lua}
TMP=generateRandomValue(1,200);
{$asm}
mov [easi+14],TMP
...


Is this possible?

Thanks! Very Happy

_________________
Hey Hitler
Test here your skill with CheatEngine, I coded a challenge for you. Try to beat it!
HERE
Back to top
View user's profile Send private message
jgoemat
Master Cheater
Reputation: 22

Joined: 25 Sep 2011
Posts: 252

PostPosted: Thu Apr 16, 2015 6:53 pm    Post subject: Reply with quote

If you use LUA it will only generate the random number when assembling, i.e. once when they enable the script (untried):

Code:

label(myRandomNumber)
myRandomNumber:
{$lua}
return string.format("dd #%d", math.random(100))
{$asm}
// this should return something like "dd #97"


If you want a new random number every time you will have to get some code for a random number generator. There is some sample code if you do a search, or you could write a quick c program that calls rand() and debug it and view the assembly as you step through it. I don't know if it is available in a dll. Taking the simple c code from wikipedia:

Code:
m_w = <choose-initializer>;    /* must not be zero, nor 0x464fffff */
m_z = <choose-initializer>;    /* must not be zero, nor 0x9068ffff */
 
uint get_random()
{
    m_z = 36969 * (m_z & 65535) + (m_z >> 16);
    m_w = 18000 * (m_w & 65535) + (m_w >> 16);
    return (m_z << 16) + m_w;  /* 32-bit result */
}


This might work (untried):

Code:

newmem:

label(m)
m:
  dd 12345678 87654321 // m_w and m_z

label(rand)
rand:
  push ebx
  push ecx
  push edx
 
  mov ebx,[m]
  mov ecx,ebx
  and ecx,0000ffff // ebx is now (m_w & 65535)
  shr ebx,10 // ecx is now (m_w >> 16)
  mov eax, #18000
  mul ecx
  add eax,ebx
  mov [m],eax // update m_w

  mov ebx, [m+04]
  mov ecx,ebx
  and ebx,0000ffff // ebx is now (m_z & 65535)
  shr ecx,10 // ecx is now (m_z >> 16)
  mov eax,#36969
  mul ebx
  add eax,ecx
  mov [m+04],eax // update m_z

  // eax still m_z
  shl eax,10 // eax now (m_z << 16)
  add eax,[m] // add m_w

  pop edx
  pop ecx
  pop ebx
  ret

// here's your code
code:
  push eax
  call rand
  and eax,00FF
  mov [esi+14],eax // HERE
  pop eax

  mov [pPedestal],esi
  jmp return
Back to top
View user's profile Send private message
Zanzer
I post too much
Reputation: 126

Joined: 09 Jun 2013
Posts: 3278

PostPosted: Thu Apr 16, 2015 8:31 pm    Post subject: Reply with quote

If you only need the "random" number once every so often, this should work. Number is in EDX.

Code:
rdtsc
mov ecx,#200
xor edx,edx
div ecx
inc edx


Last edited by Zanzer on Thu Apr 16, 2015 8:32 pm; edited 1 time in total
Back to top
View user's profile Send private message
panraven
Grandmaster Cheater
Reputation: 55

Joined: 01 Oct 2008
Posts: 941

PostPosted: Thu Apr 16, 2015 8:31 pm    Post subject: Reply with quote

I follow one of these LCG http://en.wikipedia.org/wiki/Linear_congruential_generator

Code:
globalalloc(RNG,1024)
RNG+10: // seed
dd 1
label(genRng)
RNG+20:

mov ecx,30
mov esi,RNG
add esi,100
@@:
call genRng     // eax is rng(0-2^32-1)
mov  ebx,#200
xor  edx,edx
div  ebx
mov [esi],edx   // edx is remainder of rng/200
add esi,04
loop @b
ret

genRng:
mov  eax,[RNG+10]
mov  edx,#22695477
mul  edx
add  eax,#1
mov  [RNG+10],eax
ror   eax,10
ret
createThread(RNG+20)


added: rotate eax by 16bit.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites