Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


game crashes after using aob injection

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
mbabo
Advanced Cheater
Reputation: 0

Joined: 30 Jul 2016
Posts: 74

PostPosted: Thu Sep 22, 2016 2:28 pm    Post subject: game crashes after using aob injection Reply with quote

hi i have tried a lot but the game am truing to hack seems to crash with code injection although selecting the function that is reducing my ammo and replace it with a code that does nothing is working fine but with aob injection even the original code crashes the game is it becuse of the game or is it becuse of my CE
( note that other games works fine but 3 of my games so far crash after injection)


Code:


[ENABLE]

aobscanmodule(ammo,EvilWithin.exe,29 41 10 8B 41 10) // should be unique
alloc(newmem,$1000,"EvilWithin.exe"+7C37CB)

label(code)
label(return)

newmem:

code:
  sub [rcx+10],eax
  mov eax,[rcx+10]
  jmp return

ammo:
  jmp code
  nop
return:
registersymbol(ammo)

[DISABLE]

ammo:
  db 29 41 10 8B 41 10

unregistersymbol(ammo)
dealloc(newmem)



some games works fine but some crashing
note : this code counts every time after i shoot an ammo
mighty dark byte please help :$
Back to top
View user's profile Send private message
Zanzer
I post too much
Reputation: 126

Joined: 09 Jun 2013
Posts: 3278

PostPosted: Thu Sep 22, 2016 2:34 pm    Post subject: Reply with quote

Sounds like some code above your injection attempts to jump to that second instruction (MOV).

Move your injection up one or, if all you want to do is NOP the instruction, don't use the full injection.
Code:
[ENABLE]
aobscanmodule(ammo,EvilWithin.exe,29 41 10 8B 41 10)
ammo:
  db 90 90 90
return:
registersymbol(ammo)

[DISABLE]
ammo:
  db 29 41 10
unregistersymbol(ammo)
Back to top
View user's profile Send private message
kuntz
Cheater
Reputation: 0

Joined: 29 Aug 2016
Posts: 44
Location: Canada

PostPosted: Thu Sep 22, 2016 2:48 pm    Post subject: Reply with quote

What is the original asm code of the game you want to replace?
Back to top
View user's profile Send private message
mbabo
Advanced Cheater
Reputation: 0

Joined: 30 Jul 2016
Posts: 74

PostPosted: Thu Sep 22, 2016 2:54 pm    Post subject: Reply with quote

Zanzer wrote:
Sounds like some code above your injection attempts to jump to that second instruction (MOV).

Move your injection up one or, if all you want to do is NOP the instruction, don't use the full injection.
Code:
[ENABLE]
aobscanmodule(ammo,EvilWithin.exe,29 41 10 8B 41 10)
ammo:
  db 90 90 90
return:
registersymbol(ammo)

[DISABLE]
ammo:
  db 29 41 10
unregistersymbol(ammo)


thank you soo much that worked fine so i assume is using the auto tamplete method is wrong ><

ok i need your help with one more thing am trying to use globalalloc function
to store the player Z axis pointer with aob injection



Code:

[ENABLE]

aobscanmodule(pointer,EvilWithin.exe,0F 29 81 20 01 00 00 48) // should be unique
alloc(newmem,$1000,"EvilWithin.exe"+6580C3)

label(code)
label(return)

globalalloc(player,4)

newmem:

code:
  mov [player],rcx
  movaps [rcx+00000120],xmm0
  jmp return

pointer:
  jmp code
  nop
  nop
return:
registersymbol(pointer)

[DISABLE]

pointer:
  db 0F 29 81 20 01 00 00

unregistersymbol(pointer)
dealloc(newmem)


then by adding pointer player+120 should indecate the adress wich works
then crashes the game i tried it after the game crushed it workd but crushed the game again after 2 seconds >< please help thanks again
Back to top
View user's profile Send private message
Zanzer
I post too much
Reputation: 126

Joined: 09 Jun 2013
Posts: 3278

PostPosted: Thu Sep 22, 2016 3:19 pm    Post subject: Reply with quote

Code:
globalalloc(player,8)

Code:
code:
  push rax
  mov rax,player
  mov [rax],rcx
  pop rax
  movaps [rcx+00000120],xmm0
  jmp return
Back to top
View user's profile Send private message
mbabo
Advanced Cheater
Reputation: 0

Joined: 30 Jul 2016
Posts: 74

PostPosted: Thu Sep 22, 2016 3:44 pm    Post subject: Reply with quote

Zanzer wrote:
Code:
globalalloc(player,8)

Code:
code:
  push rax
  mov rax,player
  mov [rax],rcx
  pop rax
  movaps [rcx+00000120],xmm0
  jmp return


am soory am new to this how do i use this code ?
Back to top
View user's profile Send private message
kuntz
Cheater
Reputation: 0

Joined: 29 Aug 2016
Posts: 44
Location: Canada

PostPosted: Thu Sep 22, 2016 3:55 pm    Post subject: Reply with quote

mbabo wrote:
am soory am new to this how do i use this code ?


I think he means to replace those sections with his code (which looks correct to me):

Code:
[ENABLE]

aobscanmodule(pointer,EvilWithin.exe,0F 29 81 20 01 00 00 48) // should be unique
alloc(newmem,$1000,"EvilWithin.exe"+6580C3)

label(code)
label(return)

globalalloc(player,8)

newmem:

code:
  push rax
  mov rax,player
  mov [rax],rcx
  pop rax
  movaps [rcx+00000120],xmm0
  jmp return

pointer:
  jmp code
  db 66 90
return:
registersymbol(pointer)

[DISABLE]

pointer:
  db 0F 29 81 20 01 00 00

unregistersymbol(pointer)
dealloc(newmem)
Back to top
View user's profile Send private message
mbabo
Advanced Cheater
Reputation: 0

Joined: 30 Jul 2016
Posts: 74

PostPosted: Thu Sep 22, 2016 4:02 pm    Post subject: Reply with quote

kuntz wrote:
mbabo wrote:
am soory am new to this how do i use this code ?


I think he means to replace those sections with his code (which looks correct to me):

Code:
[ENABLE]

aobscanmodule(pointer,EvilWithin.exe,0F 29 81 20 01 00 00 48) // should be unique
alloc(newmem,$1000,"EvilWithin.exe"+6580C3)

label(code)
label(return)

globalalloc(player,8)

newmem:

code:
  push rax
  mov rax,player
  mov [rax],rcx
  pop rax
  movaps [rcx+00000120],xmm0
  jmp return

pointer:
  jmp code
  db 66 90
return:
registersymbol(pointer)

[DISABLE]

pointer:
  db 0F 29 81 20 01 00 00

unregistersymbol(pointer)
dealloc(newmem)


it crushed the game imeaddiatly
Back to top
View user's profile Send private message
Zanzer
I post too much
Reputation: 126

Joined: 09 Jun 2013
Posts: 3278

PostPosted: Thu Sep 22, 2016 5:28 pm    Post subject: Reply with quote

Code:
[ENABLE]
aobscanmodule(pointer,EvilWithin.exe,0F 29 81 20 01 00 00 48)
alloc(newmem,$1000,pointer)

label(code)
label(return)
label(player)

newmem:

code:
  push rax
  mov rax,player
  mov [rax],rcx
  pop rax
  movaps [rcx+00000120],xmm0
  jmp return

player:
  dq 0

pointer:
  jmp code
  nop
  nop
return:
registersymbol(pointer)
registersymbol(player)

[DISABLE]
pointer:
  db 0F 29 81 20 01 00 00
unregistersymbol(pointer)
unregistersymbol(player)
dealloc(newmem)
Back to top
View user's profile Send private message
mbabo
Advanced Cheater
Reputation: 0

Joined: 30 Jul 2016
Posts: 74

PostPosted: Thu Sep 22, 2016 5:33 pm    Post subject: Reply with quote

Zanzer wrote:
Code:
[ENABLE]
aobscanmodule(pointer,EvilWithin.exe,0F 29 81 20 01 00 00 48)
alloc(newmem,$1000,pointer)

label(code)
label(return)
label(player)

newmem:

code:
  push rax
  mov rax,player
  mov [rax],rcx
  pop rax
  movaps [rcx+00000120],xmm0
  jmp return

player:
  dq 0

pointer:
  jmp code
  nop
  nop
return:
registersymbol(pointer)
registersymbol(player)

[DISABLE]
pointer:
  db 0F 29 81 20 01 00 00
unregistersymbol(pointer)
unregistersymbol(player)
dealloc(newmem)


still crashing the game crashes if you inject aob .
even if you inject the original code ( also even you disable it after enabling )
( quick enable then disable )
it crashes
Back to top
View user's profile Send private message
Zanzer
I post too much
Reputation: 126

Joined: 09 Jun 2013
Posts: 3278

PostPosted: Thu Sep 22, 2016 5:54 pm    Post subject: Reply with quote

Do you have the variable "player" defined in some other script? I don't see anything wrong.

Maybe trying replacing
Code:
movaps [rcx+00000120],xmm0
with
Code:
db 0F 29 81 20 01 00 00
Back to top
View user's profile Send private message
++METHOS
I post too much
Reputation: 92

Joined: 29 Oct 2010
Posts: 4197

PostPosted: Thu Sep 22, 2016 6:40 pm    Post subject: Reply with quote

When seeking help with your scripts, it is good practice to use the AOB Injection or Full Injection Template and paste them in their entirety so that we can see the assembly code around your injection point to determine if that could be causing any issues.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites