|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
fred26 Expert Cheater Reputation: 0
Joined: 20 Dec 2014 Posts: 103
|
Posted: Mon Jun 08, 2015 6:55 pm Post subject: Automate Scan and Access |
|
|
I would like to get some idea on how to do the following:
- Automate a certain scan
- Loop through all scan results to find out if each of those addresses were accessed by some instruction (checking one at a time during n seconds)
- Save in an array those addresses that were accessed
Any ideas are appreciated!
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 457
Joined: 09 May 2003 Posts: 25262 Location: The netherlands
|
Posted: Mon Jun 08, 2015 7:33 pm Post subject: |
|
|
1: memscan class
2: function debugger_onBreakpoint() and a timer that calls debug_setBreakpoint(address, 4, bptAccess) and debug_removeBreakpoint(address)
3: lua .io lib or else a stringlist, or just a lua array
Not sure why you want this. But if it's for automated pointer scanning it can take a very long time and isn't guaranteed to find anything.
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
fred26 Expert Cheater Reputation: 0
Joined: 20 Dec 2014 Posts: 103
|
Posted: Tue Jun 09, 2015 8:48 am Post subject: |
|
|
Thanks. I need to check several candidate addresses, which should be accesses in a matter of seconds.
This is my code:
Code: |
function checkKeys(timer)
print("timer1")
end
filterDelayTimer = createTimer(nil,false)
timer_setInterval(filterDelayTimer, 100)
filterDelayTimer.Enabled=true
filterDelayTimer.OnTimer = checkKeys
ms=createMemScan()
memscan_firstScan(ms, soExactValue, vtString, rtRounded, "ABCD", "0", 0x00000000, 0xffffffff, "", fsmNotAligned, "", false, false, false, true) --change the last true to false if you do not wish case sensitivity
memscan_waitTillDone(ms)
fl=createFoundList(ms)
foundlist_initialize(fl)
local count=foundlist_getCount(fl)
print(count)
if (count>0) then
for i=0, count-1 do
local saddress=foundlist_getAddress(fl, i) --get the first address
print("Adding "..saddress.." to the list")
--add to the addresslist
local al=getAddressList()
local mr=addresslist_createMemoryRecord(al)
memoryrecord_setDescription(mr,"Result of automated scan")
memoryrecord_setAddress(mr, saddress)
end
--If you have ce 6.2 beta
--memoryrecord_setType(mr, vtString)
--memoryrecord_string_setSize(mr, 5)
--But for now:
else
print("No addresses found")
end
--cleanup
object_destroy(fl)
object_destroy(ms)
|
How can I loop through each the results, an in each one set a debugger_onBreakpoint() and then a timer of 10 seconds and if it is not accessed move to the next result and do the same until the last result?
Thanks!
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 457
Joined: 09 May 2003 Posts: 25262 Location: The netherlands
|
Posted: Tue Jun 09, 2015 11:21 am Post subject: |
|
|
at the end of the script, instead of destroying the foundlist and memscan object set a global variable holding the current index (e.g index) and call debug_setBreakpoint(address, 4, bptAccess) on the first entry in the list
e.g debug_setBreakpoint(fl.Address[0], 4, bptAccess)
after that enable filterDelayTimer
In checkKeys you disable the breakpoint of the current address : debug_removeBreakpoint(fl.Address[0]) and increase the index counter
if the index counter is smaller than fl.Count then call debug_setBreakpoint(fl.Address[index], 4, bptAccess) else just destroy the timer ( timer.destroy() )
in the function debugger_onBreakpoint() ,which you declare and implement yourself, you handle the debug events. e.g adding to a lua table, or writing to a file, or just printing out the event to the screen
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
fred26 Expert Cheater Reputation: 0
Joined: 20 Dec 2014 Posts: 103
|
Posted: Tue Jun 09, 2015 11:51 am Post subject: |
|
|
thanks Dark Byte. I will try it and revert back.
Just one last question, I need to breakpoint on fl.Address[index] - 8 bytes.
How do I do this as fl.Address[index] is a string? Do I need to convert it to an integer, substract 8 bytes and convert back to string?
Thanks!
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 457
Joined: 09 May 2003 Posts: 25262 Location: The netherlands
|
Posted: Tue Jun 09, 2015 12:05 pm Post subject: |
|
|
debug_setBreakpoint can deal with both integer and string notation
string notation goes through ce's symbol handler, so fl.Address[index].."-8" will work as well
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
fred26 Expert Cheater Reputation: 0
Joined: 20 Dec 2014 Posts: 103
|
Posted: Tue Jun 09, 2015 6:50 pm Post subject: |
|
|
Thanks. Code works perfect. Here it is
Code: |
index=0
function checkKeys(timer)
local saddressa=foundlist_getAddress(fl, index)
debug_removeBreakpoint(saddressa.."-24")
index=index+1
saddressa=foundlist_getAddress(fl, index)
print(saddressa)
if (saddressa==0) then object_destroy(filterDelayTimer) end
debug_setBreakpoint(saddressa.."-24", 4, bptAccess)
print("timer1")
end
function debugger_onBreakpoint()
local saddressa=foundlist_getAddress(fl, index)
debug_removeBreakpoint(saddressa.."-24")
print(saddressa.."-24")
index=index+1
saddressa=foundlist_getAddress(fl, index)
debug_setBreakpoint(saddressa.."-24", 4, bptAccess)
end;
filterDelayTimer = createTimer(nil,false)
timer_setInterval(filterDelayTimer, 500)
filterDelayTimer.OnTimer = checkKeys
ms=createMemScan()
memscan_firstScan(ms, soExactValue, vtString, rtRounded, "ABCD", "0", 0x00000000, 0xffffffff, "", fsmNotAligned, "", false, false, false, true) --change the last true to false if you do not wish case sensitivity
memscan_waitTillDone(ms)
fl=createFoundList(ms)
foundlist_initialize(fl)
local count=foundlist_getCount(fl)
print(count)
if (count>0) then
for i=0, count-1 do
local saddress=foundlist_getAddress(fl, i) --get the first address
print("Adding "..saddress.." to the list")
--add to the addresslist
local al=getAddressList()
local mr=addresslist_createMemoryRecord(al)
memoryrecord_setDescription(mr,"Result of automated scan")
memoryrecord_setAddress(mr, saddress.."-24")
end
--If you have ce 6.2 beta
--memoryrecord_setType(mr, vtString)
--memoryrecord_string_setSize(mr, 5)
--But for now:
else
print("No addresses found")
end
filterDelayTimer.Enabled=true
local saddressa=foundlist_getAddress(fl, index)
debug_setBreakpoint(saddressa.."-24", 4, bptAccess)
|
Now, how can I kill the timer?
The following does not work:
Code: |
if (saddressa==0) then object_destroy(filterDelayTimer) end
|
Thanks
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 457
Joined: 09 May 2003 Posts: 25262 Location: The netherlands
|
Posted: Tue Jun 09, 2015 7:04 pm Post subject: |
|
|
instead of checking saddressa=0 use the foundlist count and index (getting an index that doesn't exist will raise an error)
e. g
Code: |
if index>=fl.count then filterDelayTimer.destroy() end
|
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
fred26 Expert Cheater Reputation: 0
Joined: 20 Dec 2014 Posts: 103
|
Posted: Wed Jun 10, 2015 5:00 am Post subject: |
|
|
Perfect, it is working.
Thanks.
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|