|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
Brosephina22 How do I cheat? Reputation: 0
Joined: 05 Nov 2015 Posts: 5
|
Posted: Thu Nov 05, 2015 10:58 pm Post subject: How do I work with this in LUA? |
|
|
I couldn't really think of a proper thread title, so bear with me.
Basically I was forced to inject this for a game:
Code: |
globalalloc(_base,4)
code:
mov [_base],rbx
mov [rbx+0000011C],edi
jmp return
|
Of course, this works fine as expected, however there's an inherent issue: this returns multiple addresses and I'm fine with that, because the address I'm looking for always has a distinctive value. What I don't understand is, how does cheat engine deal with this in LUA?
Will cheat engine index _base in an array from where I can access the different addresses it procured?
Or does it only return the last/first aquired rbx, in which case I have to insert them into an array on my own to find an address with a specific value?
Also, currently I'm working with timers, however I want to read certain addresses a lot faster. Will coroutines/threads increase the performance or is that just how things are?
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 457
Joined: 09 May 2003 Posts: 25262 Location: The netherlands
|
Posted: Fri Nov 06, 2015 2:05 am Post subject: |
|
|
that code will only store the last rbx value. (also, rbx is 8 bytes)
you'll have to implement an array of some sort to store more. Alternatively, you could use the luaclient dll and send rbx values directly to ce's lua
a thread can be faster yes, but can also eat up the cpu
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
ParkourPenguin I post too much Reputation: 138
Joined: 06 Jul 2014 Posts: 4275
|
Posted: Fri Nov 06, 2015 10:39 am Post subject: |
|
|
Assuming rbx stores your address and you're only interested in the address that has a specific value, then this Lua code will find that and add it to your cheat table:
Code: | specificValue = 777
addressOfInstruction = 0x9001ACDC1337C0DE
debug_setBreakpoint(addressOfInstruction)
function debugger_onBreakpoint()
if RIP == addressOfInstruction then
if readInteger(RBX) == specificValue then
local al = getAddressList()
local rec = al.createMemoryRecord()
rec.Address = string.format("%X",RBX)
rec.Type = vtDword
rec.Description = "Description Here"
debug_removeBreakpoint(addressOfInstruction)
end
debug_continueFromBreakpoint(co_run)
return 1
end
end |
I tested a 32-bit equivalent of this and it worked. I think I translated everything correctly to 64-bit.
By the way, is there a way of telling if you currently have a breakpoint set at a certain address? main.lua says you can use debug_getBreakpointList(), but for me (CE 6.4) that function isn't defined.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
Back to top |
|
|
Brosephina22 How do I cheat? Reputation: 0
Joined: 05 Nov 2015 Posts: 5
|
Posted: Fri Nov 06, 2015 3:42 pm Post subject: |
|
|
Dark Byte wrote: |
a thread can be faster yes, but can also eat up the cpu |
Sorry that I don't really have any clue about LUA or ASM and the game being 64bit certainly doesn't make it easier for me. I have zero understanding of asm, so I was wondering; Instead of creating the threads with CE's LUA wrapper, would it be possible to have something like a static codecave that I can use as a pipe to read the addresses in another program - removing that cpu burden off CE? Otherwise I would probably use the clipboard as a pipe instead.
Thank you.
ParkourPenguin wrote: | Assuming rbx stores your address and you're only interested in the address that has a specific value, then this Lua code will find that and add it to your cheat table:
Code: | specificValue = 777
addressOfInstruction = 0x9001ACDC1337C0DE
debug_setBreakpoint(addressOfInstruction)
function debugger_onBreakpoint()
if RIP == addressOfInstruction then
if readInteger(RBX) == specificValue then
local al = getAddressList()
local rec = al.createMemoryRecord()
rec.Address = string.format("%X",RBX)
rec.Type = vtDword
rec.Description = "Description Here"
debug_removeBreakpoint(addressOfInstruction)
end
debug_continueFromBreakpoint(co_run)
return 1
end
end |
I tested a 32-bit equivalent of this and it worked. I think I translated everything correctly to 64-bit. |
Thanks, I didn't actually expect someone to actually write the code for it. That's a much more direct way that I did not know of and it's certainly a much better solution than the one I had in mind. I pretty much just filled a list, removed the dupes and kept evaluating their value. It worked really flimmsy as you can imagine.
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|