|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
Woitek1993 How do I cheat? Reputation: 0
Joined: 01 Mar 2018 Posts: 2
|
Posted: Thu Mar 01, 2018 9:48 am Post subject: readMem problem in code cave |
|
|
Hello!
I've tried to write a simple code cave from bytes taken from memory.
So, I want to check from 10 bytes what I readed if they are equal with my address, if yes I want to make a jmp to memory, execute a code, and to last lea Code: | lea ecx,[eax*4 + [ptr]] | add address taken from ptr.
I would be glad if someone explain me what I'm doing wrong.
Code: |
alloc(org,10)
alloc(ptr,4)
org:
readMem(0045B221, 10)
ptr:
readMem(0045B227, 4)
define(address,"RejectedGhosts.exe"+5B221)
define(bytes,org)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000)
label(code)
label(return)
newmem:
code:
lea eax,[eax*4]
lea ecx,[eax*4 + [ptr]]
jmp return
address:
jmp code
nop
nop
nop
nop
nop
return:
[DISABLE]
address:
db bytes
dealloc(newmem)
|
|
|
Back to top |
|
|
ParkourPenguin I post too much Reputation: 138
Joined: 06 Jul 2014 Posts: 4275
|
Posted: Thu Mar 01, 2018 11:35 am Post subject: |
|
|
The two allocations above the [enable] section are never deallocated, and they should be in the [enable] section.
You should be using the module+offset syntax in the calls to readmem (where applicable).
"bytes" is defined to be "org" which is an address, so the assert statement will always fire.
CE doesn't seem to be able to evaluate [eax*4 + [ptr]] as a valid addressing mode.
The disable section will not restore the original bytes (as explained before, "bytes" is an address, not actual bytes)
Code: | define(address,"RejectedGhosts.exe"+5B221)
define(originalBytes,newmem+400)
[ENABLE]
alloc(newmem,$1000)
label(return)
newmem:
lea eax,[eax*4]
db 8D 0c 85 // lea ecx,[eax*4+disp32]
readmem("RejectedGhosts.exe"+5B227,4) // disp32
jmp return
originalBytes:
readmem(address,10)
address:
jmp newmem
nop
nop
nop
nop
nop
return:
[DISABLE]
address:
readmem(originalBytes,10)
dealloc(newmem) |
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
Back to top |
|
|
Woitek1993 How do I cheat? Reputation: 0
Joined: 01 Mar 2018 Posts: 2
|
Posted: Fri Mar 02, 2018 9:57 am Post subject: |
|
|
It's a bit tricky. Thank you very much. I'm using this tool alot for test orginal game code, and testing in auto assemble my "corrections"
I wrote this code in a bit different way =). After writing above 1k lines of code(putting orginal objects to dynamic memory and changing references to them) + rewritten some extra formulas written so poorly... I've managed to add extra row to columns in game what I'm modding.
Orginal:
imgur. com/15yB3fF.png
New:
imgur. com/dTi7JD8.png
By the way... is there a way in CheatEngine to put exactly amount of bytes what I want to label?
For example:
if I want to write 40 zeros to label, can I do it differently than put 10 dwords or 40 bytes?
|
|
Back to top |
|
|
ParkourPenguin I post too much Reputation: 138
Joined: 06 Jul 2014 Posts: 4275
|
Posted: Fri Mar 02, 2018 10:38 am Post subject: |
|
|
You can use resb if it's in memory you allocated (windows will initialize it to 0) or you don't care about it being 0.
Code: | alloc(mem,4096)
mem:
resb 40 // 40 (dec) bytes of padding automatically initialized by windows to 0 |
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|