Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


How to create a more sophisticated trainer

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
Dave D
How do I cheat?
Reputation: 0

Joined: 17 Jan 2008
Posts: 2
PostPosted: Thu Jan 17, 2008 11:21 am    Post subject: How to create a more sophisticated trainer Reply with quote
As far as I can tell, the stand-alone trainers that CE generates can only perform a subset of what CE does. For example, while it can make a trainer that NOPs certain pieces of code, it cannot make one that will, say, inject different code at that address. Granted, I can patch the original game executable and put in my own code, but is there a way to make a trainer that will do this in-memory?

I guess as a last resort I could take a look at the CE source code to see how it does it, and write the equivalent in C++. But it would be cool if more sophisticated trainers could be auto-generated.......
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 470

Joined: 09 May 2003
Posts: 25796
Location: The netherlands
PostPosted: Thu Jan 17, 2008 11:50 am    Post subject: Reply with quote
ce 5.4 allows auto assemble scripts using the alloc command
e.g:
Code:

[enable]
alloc(mycode,2048)
label(computer)
mycode:
cmp eax,1
jne computer

mov edx,#100

jmp return

computer:
//dec edx,esi //original code
mov edx,#0 //1 hit kill or instant kill depending on the game

exit:
//execute other overwritten bytes
push edx
push ecx
jmp return

00441234:
jmp mycode

[disable]
dealloc(mycode)
00441234:
//restore with original code
dec edx,esi
push edx
push ecx


then add it to your cheattable and in the trainer maker you can add that cheat to the trainer
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Dave D
How do I cheat?
Reputation: 0

Joined: 17 Jan 2008
Posts: 2
PostPosted: Thu Jan 17, 2008 12:44 pm    Post subject: Reply with quote
Ah, very cool, thanks. A few related questions:

Is there any option to convert c-script to assembly? Right now I can inject assembled c-script into the process, and call that code from auto-assembly, but of course if I save said auto-assembly as a cheat, the trainer will end up calling a non-existent method. What I would like to do is convert the c-script to assembly, then cut and paste that assembly into an auto-assembly window and save the whole thing as a cheat.

Also, is there anyway to create the trainer as a DLL, so that I can activate the cheats via another program?

BTW, LOVE the tutorial that comes with the program. It really helped me get up to speed fast.
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 470

Joined: 09 May 2003
Posts: 25796
Location: The netherlands
PostPosted: Thu Jan 17, 2008 1:29 pm    Post subject: Reply with quote
Actually the c-script function is an interpreter, not a compiler, so doesn't really generate assembly.

it's a bit tricky but perhaps possible to call with a trainer though. (never tried it myself so not sure it even works)
5.4 has a function called :injectdll

make sure the ucc12.dll and underc.dll are in the same folder as your trainer
Code:

[enable]
alloc(mycscript,4096)
alloc(scriptcaller,2048)
//alloc(otherstuffyoumigthneed)
injectdll(undercdll.dll)

scriptcaller:
push mycscript
call underc_executescript //call the underc_executescript function of the dll
ret

mycscript:
db 'int i;',13,10 //13,10 is newline
db 'i=12;',13,10
db '*(int *)0x00400500=*(int *)0x00400600+i;',13,10
db 13,10 //stupid habit but I always leave a empty line
db 0 //mark the end

//And then in your codecave or hook place a "call scriptcaller" to execute the script

[disable]
dealloc(scriptcaller)
dealloc(mycscript)
//dealloc(therestaswell)


Also, instead of using the db 'xxxx',13,10 method you could use loadbinary to load the script at mycscript , BUT it will require the c-script to be present in the trainer dir, available for everyone to see

Quote:

Also, is there anyway to create the trainer as a DLL, so that I can activate the cheats via another program?

no, but ce's autoassembler can be found somewhere in dll form (ask wiccaan about it, he has more experience with it)
Of course, the c-script engine is in dll form, but you first have to inject it into the target process. (you could of course load it in your own trainer, but that won't help much, except letting users extend your own trainer)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites