Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


readMem problem in code cave

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
Woitek1993
How do I cheat?
Reputation: 0

Joined: 01 Mar 2018
Posts: 2

PostPosted: Thu Mar 01, 2018 9:48 am    Post subject: readMem problem in code cave Reply with quote

Hello!

I've tried to write a simple code cave from bytes taken from memory.

So, I want to check from 10 bytes what I readed if they are equal with my address, if yes I want to make a jmp to memory, execute a code, and to last lea
Code:
lea ecx,[eax*4 + [ptr]]
add address taken from ptr.

I would be glad if someone explain me what I'm doing wrong.

Code:

alloc(org,10)
alloc(ptr,4)

org:
readMem(0045B221, 10)

ptr:
readMem(0045B227, 4)


define(address,"RejectedGhosts.exe"+5B221)
define(bytes,org)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000)
label(code)
label(return)

newmem:

code:
lea eax,[eax*4]
lea ecx,[eax*4 + [ptr]]
jmp return

address:
  jmp code
  nop
  nop
  nop
  nop
  nop
return:

[DISABLE]

address:
 db bytes

dealloc(newmem)
Back to top
View user's profile Send private message
ParkourPenguin
I post too much
Reputation: 138

Joined: 06 Jul 2014
Posts: 4275

PostPosted: Thu Mar 01, 2018 11:35 am    Post subject: Reply with quote

The two allocations above the [enable] section are never deallocated, and they should be in the [enable] section.

You should be using the module+offset syntax in the calls to readmem (where applicable).

"bytes" is defined to be "org" which is an address, so the assert statement will always fire.

CE doesn't seem to be able to evaluate [eax*4 + [ptr]] as a valid addressing mode.

The disable section will not restore the original bytes (as explained before, "bytes" is an address, not actual bytes)

Code:
define(address,"RejectedGhosts.exe"+5B221)
define(originalBytes,newmem+400)
[ENABLE]
alloc(newmem,$1000)
label(return)

newmem:
  lea eax,[eax*4]
  db 8D 0c 85    // lea ecx,[eax*4+disp32]
  readmem("RejectedGhosts.exe"+5B227,4) // disp32
  jmp return

originalBytes:
  readmem(address,10)

address:
  jmp newmem
  nop
  nop
  nop
  nop
  nop
return:

[DISABLE]
address:
  readmem(originalBytes,10)

dealloc(newmem)

_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
Woitek1993
How do I cheat?
Reputation: 0

Joined: 01 Mar 2018
Posts: 2

PostPosted: Fri Mar 02, 2018 9:57 am    Post subject: Reply with quote

It's a bit tricky. Thank you very much. I'm using this tool alot for test orginal game code, and testing in auto assemble my "corrections"

I wrote this code in a bit different way =). After writing above 1k lines of code(putting orginal objects to dynamic memory and changing references to them) + rewritten some extra formulas written so poorly... I've managed to add extra row to columns in game what I'm modding.

Orginal:

imgur. com/15yB3fF.png

New:

imgur. com/dTi7JD8.png

By the way... is there a way in CheatEngine to put exactly amount of bytes what I want to label?
For example:
if I want to write 40 zeros to label, can I do it differently than put 10 dwords or 40 bytes?
Back to top
View user's profile Send private message
ParkourPenguin
I post too much
Reputation: 138

Joined: 06 Jul 2014
Posts: 4275

PostPosted: Fri Mar 02, 2018 10:38 am    Post subject: Reply with quote

You can use resb if it's in memory you allocated (windows will initialize it to 0) or you don't care about it being 0.
Code:
alloc(mem,4096)
mem:
  resb 40  // 40 (dec) bytes of padding automatically initialized by windows to 0

_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites