Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


ASM issue

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
Frouk
Master Cheater
Reputation: 5

Joined: 22 Jun 2021
Posts: 489
Location: mov dword ptr [Ukraine]

PostPosted: Fri Aug 27, 2021 8:00 am    Post subject: ASM issue Reply with quote

I have a unity game where you can pickup powerups (rogue-like) but i wanted to make custom count pickup but there's some issues:
Code:
[ENABLE]
alloc(newmem,2048,PowerupInventory:AddPowerup+4c)
label(exit)
label(returnhere)
label(originalcode)
registerSymbol(newmem)

newmem: //this is allocated memory
//place your code here
add ecx,[newmem+40] //Adjust count
mov [rax],ecx

exit:

originalcode:
mov [rax],ecx
mov rax,0000002BF24060C10F00

PowerupInventory:AddPowerup+4c:
jmp newmem
nop 7
returnhere:

[DISABLE]
unregisterSymbol(newmem)
dealloc(newmem)
PowerupInventory:AddPowerup+4c:
mov [rax],ecx
mov rax,0000002BF24060C10F00

Some code may not be accurate(because i'm not home)
Everytime i launch game rax register is changing(mov rax,0000002BF24060C10F00)
So i can't restore opcode rax register

_________________
void(__cdecl *Haxing)(HWND hGameWindow)
Back to top
View user's profile Send private message
LeFiXER
Grandmaster Cheater Supreme
Reputation: 20

Joined: 02 Sep 2011
Posts: 1053
Location: 0x90

PostPosted: Fri Aug 27, 2021 9:06 am    Post subject: Reply with quote

In the script you provided you have executed mov [rax],ecx twice. Original code still executes after code located under the newmem label.
Back to top
View user's profile Send private message
Frouk
Master Cheater
Reputation: 5

Joined: 22 Jun 2021
Posts: 489
Location: mov dword ptr [Ukraine]

PostPosted: Fri Aug 27, 2021 9:58 am    Post subject: Reply with quote

LeFiXER wrote:
In the script you provided you have executed mov [rax],ecx twice. Original code still executes after code located under the newmem label.

How to solve mov rax,0000002BF24060C10F00? The address changes after restarting game

_________________
void(__cdecl *Haxing)(HWND hGameWindow)
Back to top
View user's profile Send private message
LeFiXER
Grandmaster Cheater Supreme
Reputation: 20

Joined: 02 Sep 2011
Posts: 1053
Location: 0x90

PostPosted: Fri Aug 27, 2021 10:18 am    Post subject: Reply with quote

By address, you mean the long value (0000002BF24060C10F00)? Or do you mean the address where this instruction is located?
Back to top
View user's profile Send private message
Frouk
Master Cheater
Reputation: 5

Joined: 22 Jun 2021
Posts: 489
Location: mov dword ptr [Ukraine]

PostPosted: Fri Aug 27, 2021 10:22 am    Post subject: Reply with quote

LeFiXER wrote:
By address, you mean the long value (0000002BF24060C10F00)? Or do you mean the address where this instruction is located?

Yeah, and i've get information that long value is instance to ui events

_________________
void(__cdecl *Haxing)(HWND hGameWindow)
Back to top
View user's profile Send private message
LeFiXER
Grandmaster Cheater Supreme
Reputation: 20

Joined: 02 Sep 2011
Posts: 1053
Location: 0x90

PostPosted: Fri Aug 27, 2021 10:59 am    Post subject: Reply with quote

I think you should dig further. I don't think that's the right place you want to be.
Back to top
View user's profile Send private message
Frouk
Master Cheater
Reputation: 5

Joined: 22 Jun 2021
Posts: 489
Location: mov dword ptr [Ukraine]

PostPosted: Fri Aug 27, 2021 11:00 am    Post subject: Reply with quote

LeFiXER wrote:
By address, you mean the long value (0000002BF24060C10F00)? Or do you mean the address where this instruction is located?

Anyway thx for help i already found how to fix it
Lua:
Code:
local class = mono_findClass('Assembly-CSharp','UiEvents')
local id = mono_class_getStaticFieldAddress('Instance',class)
registerSymbol('UiEvents',id)

AA Script:
Code:
[Enable]
registerSymbol(newmem)
alloc(newmem,2048,PowerupInventory:AddPowerup+4c)
label(returnhere)
label(originalcode)
label(exit)

newmem: //this is allocated memory, you have read,write,execute access
//place your code here
add ecx,[newmem+200]

originalcode:
mov [rax],ecx
mov rax,UiEvents

exit:
jmp returnhere

PowerupInventory:AddPowerup+4c:
jmp newmem
nop 7
returnhere:


[Disable]
unregisterSymbol(newmem)
dealloc(newmem)
PowerupInventory:AddPowerup+4c:
mov [rax],ecx
mov rax,UiEvents
//Alt: db 89 08 48 B8 F0 29 82 8A 3F 01 00 00

_________________
void(__cdecl *Haxing)(HWND hGameWindow)
Back to top
View user's profile Send private message
ParkourPenguin
I post too much
Reputation: 138

Joined: 06 Jul 2014
Posts: 4275

PostPosted: Fri Aug 27, 2021 11:41 am    Post subject: Reply with quote

You'd generally use readmem to back up and restore the bytes and reassemble to execute the instruction in your code injection. Examples:
https://www.cheatengine.org/forum/viewtopic.php?p=5745567
https://www.cheatengine.org/forum/viewtopic.php?p=5769600

_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites