Cheat Engine

ner0 · Cheater Reputation: 0 Joined: 10 Dec 2011 Posts: 32

Firstly, this is related to mapped memory used by an emulator, specifically nullDC. The problem is that I'm trying to set a static value on a specific address but that value gets rewritten almost immediately. I tried observing what writes to the address and by replacing that code it did the trick. The issue is that the source of the change is constantly jumping around and changing adresses and the replacement in the codelist is no longer valid: The memory content isn't what it should be. Also, the instruction doesn't seem specific enough:

ParkourPenguin · Posted: Wed Feb 01, 2017 9:00 pm Post subject:

It's an emulator: it's probably not going to be as basic as you would hope it to be. If you want to know why, look up what an emulator is and how they work.

I'd recommend using whatever tools the emulator provides for you. Modifying whatever machine code the game uses is probably going to be easier than trying to modify the implementation of the emulator's interpreter. It might be easier if the emulator uses JIT compilation, but it's still better to not use CE if you don't have to IMO.

If you need to use CE, do some research first. Learn how emulators generally work, figure out the design and relevant implementation of nullDC, and your life will be easier in the end. nullDC seems to be open source, so that shouldn't be too hard.

SunBeam · Posted: Thu Feb 02, 2017 3:49 am Post subject:

Was going to say something similar: emulator code that "accesses" your game's value isn't accessing only that. It's probably a handler of some sorts and you'll need to do some research first.

Something similar: LUA (see Driver game; this post). There's a major handler there that can be hooked and based on certain differentiation, you can filter out only what you need Smile

ner0 · Cheater Reputation: 0 Joined: 10 Dec 2011 Posts: 32

I understand what you mean.
And although you are probably right, and as dirty as it seems, I still want to do it just to see what happens.

If I do it manually it doesn't seem to produce side effects (to be continued...) and the code that I change always stays the "same" it just migrates around regions in memory. Anyway, I lack crucial understanding, but anyway... here is my actual question:

Given a static address, can a LUA function check what writes to that very address and patch the asm function responsible for the "writing"?
This is basically a request to automate the "Find what writes to this address & Replace"

An example would be nice.

Thank you for the help.

++METHOS · Posted: Thu Feb 02, 2017 5:07 pm Post subject:

You need to look at incorporating AOBscan. CE can build a script for you, but since it's an emulator, you may have to build out the AOB signature manually. That said, since it's being emulated, it may or may not work indefinitely.

ParkourPenguin · Posted: Thu Feb 02, 2017 5:32 pm Post subject:

Yes, Lua can be used to set breakpoints on an address. Yes, Lua can be used to modify assembly. No, I do not believe this is a good solution to your problem.

Regardless, there is documentation in main.lua that will be helpful (i.e. debug_setBreakpoint, writeBytes, autoAssemble), and most Lua features have examples somewhere in CEF that can be found by using Google.

This is one way to do this:

ner0 · Cheater Reputation: 0 Joined: 10 Dec 2011 Posts: 32

SunBeam · Posted: Thu Feb 02, 2017 9:49 pm Post subject:

Just to be clear on this: I was not suggesting to use LUA, was just giving an example of game engine where everything is intertwined and a huge-ass handler manages everything.