| View previous topic :: View next topic |
| Author |
Message |
a2z
Advanced Cheater
![]() Reputation: 0
Joined: 28 Nov 2022
Posts: 58
|
 Posted: Tue Jul 11, 2023 11:21 am Post subject: Memory Allocation and C# conversion to lua Scripting? |
 |
|
Screenshot:
| Description: |
|
| Filesize: |
40.83 KB |
| Viewed: |
1961 Time(s) |
|
Last edited by a2z on Wed Jul 12, 2023 4:45 am; edited 1 time in total |
|
| Back to top |
|
 |
LeFiXER
Grandmaster Cheater Supreme
![]() Reputation: 20
Joined: 02 Sep 2011
Posts: 1055
Location: 0x90
|
| Posted: Tue Jul 11, 2023 11:42 am Post subject: Re: How to allocate new memory by lua Scripting? |
|
|
| Code: |
allocateMemory(size, BaseAddress OPTIONAL, Protection OPTIONAL)
|
|
|
| Back to top |
|
|
a2z
Advanced Cheater
![]() Reputation: 0
Joined: 28 Nov 2022
Posts: 58
|
| Posted: Tue Jul 11, 2023 12:19 pm Post subject: |
|
|
Thank you for your answer. I think I got past that part but into another error.
I have this c# code:
| Code: | | byte[] dest_bts = BitConverter.GetBytes((ulong)Dest); |
I tried to convert for lua:
| Code: | | local dest_bts = string.pack("L", Dest) |
got error:
bad argument #2 to 'pack' (unsigned overflow)
Script Error
What do I need to fix?
|
|
| Back to top |
|
|
LeFiXER
Grandmaster Cheater Supreme
![]() Reputation: 20
Joined: 02 Sep 2011
Posts: 1055
Location: 0x90
|
| Posted: Tue Jul 11, 2023 1:05 pm Post subject: |
|
|
| Why are you trying to cast it to a string? If it's a binary value. Allocate adequate memory space and create a memory record entry with the correct vartype; in this case vtBinary. Set the address to the allocated memory symbol and then read the value of dest_bts to the allocated memory.
|
|
| Back to top |
|
|
a2z
Advanced Cheater
![]() Reputation: 0
Joined: 28 Nov 2022
Posts: 58
|
| Posted: Tue Jul 11, 2023 2:00 pm Post subject: |
|
|
I asked chatgpt to convert this from c# to lua
| Code: | | byte[] dest_bts = BitConverter.GetBytes((ulong)Dest); |
this is what it gave me:
| Code: | | local dest_bts = string.pack("L", Dest) |
so thats how I got the string thingy
I got the source code in c# from another gamer friend which works fine on the game ,
but I want to replicate and make the the same thing using cheat engine lua and AA Script tables
so I am trying converting his c# code to lua to run in CE.
Btw I'm really newbie at this. Any help is appreciated.
So how should it be in lua?
Example code snippet would help a lot.
|
|
| Back to top |
|
|
LeFiXER
Grandmaster Cheater Supreme
![]() Reputation: 20
Joined: 02 Sep 2011
Posts: 1055
Location: 0x90
|
| Posted: Tue Jul 11, 2023 2:04 pm Post subject: |
|
|
| a2z wrote: | I asked chatgpt to convert this from c# to lua
| Code: | | byte[] dest_bts = BitConverter.GetBytes((ulong)Dest); |
this is what it gave me:
| Code: | | local dest_bts = string.pack("L", Dest) |
so thats how I got the string thingy
I got the source code in c# from another gamer friend which works fine on the game ,
but I want to replicate and make the the same thing using cheat engine lua and AA Script tables
so I am trying converting his c# code to lua to run in CE.
Btw I'm really newbie at this. Any help is appreciated.
So how should it be in lua?
Example code snippet would help a lot. |
Okay, probably not the best to rely on AI for the correct answer. It's great technology but by no means perfect. You can try something like this:
| Code: |
local function ulongToBytes(dest)
local bts = {}
for i = 1, 8 do
local byte = dest % 256
table.insert(bts, byte)
dest = (dest - byte) / 256
end
return bts
end
-- Example usage:
local dest = 1234567890 -- Replace with your ulong value
local dest_bts = ulongToBytes(dest)
-- Print the byte array
for i = 1, #dest_bts do
print(dest_bts[i])
end
|
That will get you up and running.
|
|
| Back to top |
|
|
a2z
Advanced Cheater
![]() Reputation: 0
Joined: 28 Nov 2022
Posts: 58
|
| Posted: Wed Jul 12, 2023 4:52 am Post subject: |
|
|
I haven't tried that yet, went to sleep, time zone difference. Anyway...
I have 3 blocks of c# code from my friend, that part is in the second block. So before that, Is my first block conversion correct or what needs to be changed?:
| Description: |
|
| Filesize: |
152.65 KB |
| Viewed: |
1888 Time(s) |
|
|
|
| Back to top |
|
|
LeFiXER
Grandmaster Cheater Supreme
![]() Reputation: 20
Joined: 02 Sep 2011
Posts: 1055
Location: 0x90
|
| Posted: Wed Jul 12, 2023 5:06 am Post subject: |
|
|
| You could paste the code in a code-block. That said, to clarify things a little further. You intend to replace an instruction with a jump to some allocated memory and then write the bytes at the newly allocated memory followed by a jump back to the the original instruction? Or are you just wholly replacing bytes?
|
|
| Back to top |
|
|
a2z
Advanced Cheater
![]() Reputation: 0
Joined: 28 Nov 2022
Posts: 58
|
| Posted: Wed Jul 12, 2023 5:54 am Post subject: |
|
|
I tried posting in the code blocks but gives me message that I cant post urls 
Still.. let me provide all code blocks:
Now what this code does when enabled, Memory view Shown by images:
1st image : Unenabled
2nd image: When Enabled
3rd image: Jumps to allocated memory, does its stuff and jumps back to 44 89 4C 24 48 i.e. mov [rsp+48],r9d seen on 2nd image
lastly when the code is disabled memory view returns back to like 1st image
I WANT TO DO THIS SAME THING THROUGH CE AA TABLES LUA SCRIPTS
| Description: |
|
| Filesize: |
93.67 KB |
| Viewed: |
1882 Time(s) |
|
| Description: |
|
| Filesize: |
142.58 KB |
| Viewed: |
1882 Time(s) |
|
|
|
| Back to top |
|
|
LeFiXER
Grandmaster Cheater Supreme
![]() Reputation: 20
Joined: 02 Sep 2011
Posts: 1055
Location: 0x90
|
| Posted: Wed Jul 12, 2023 6:51 am Post subject: |
|
|
| You can manually type the tags for the code block [ code ] ... [ / code ]. The addresses are helpful in explaining what happens too. Well, Auto Assembler can provide the code injection template which does the exact same thing as a code cave. No need for Lua in this sense. If I were to guess you pretty much want to prevent the check above the line mov r8l,01 in the first image from happening?
|
|
| Back to top |
|
|
a2z
Advanced Cheater
![]() Reputation: 0
Joined: 28 Nov 2022
Posts: 58
|
| Posted: Wed Jul 12, 2023 7:31 am Post subject: |
|
|
I got it to work with AA just before you posted.
When you said "Or are you just wholly replacing bytes?" It got me thinking that's what the c# code was doing with "WriteBytes"
So Tada!:
| Code: | [ENABLE]
alloc(newmem,2048,"game.exe"+ABC321)
label(returnhere)
label(exit)
newmem:
db 74 1F 41 83 7D 0C 00 0F 85 08 00 00 00 41 C7 45 0C 00 02 00 00 41 F6 45 0C 04 74 05 41 B0 01 EB 0A 45 32 C0 44 8B 8F 54 08 00 00
exit:
jmp returnhere
"game.exe"+ABC321:
jmp newmem
db 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
returnhere:
[DISABLE]
dealloc(newmem)
"game.exe"+ABC321:
db 74 0C 41 F6 45 0C 04 74 05 41 B0 01 EB 03 45 32 C0 44 8B 8F 54 08 00 00 |
I did have to count the number of nop 90 to do to account for the 24 bytes from the newmem jump point to where it would resume back.
So I still have a question, what determines the number of bytes for the inject/jump point? The red circled bytes:
| Description: |
|
| Filesize: |
47.23 KB |
| Viewed: |
1862 Time(s) |
|
|
|
| Back to top |
|
|
LeFiXER
Grandmaster Cheater Supreme
![]() Reputation: 20
Joined: 02 Sep 2011
Posts: 1055
Location: 0x90
|
| Posted: Wed Jul 12, 2023 7:39 am Post subject: |
|
|
It's either 5-bytes or 14-bytes. It depends whether Cheat Engine can allocated within 2GB of memory space, if not a 14-byte jump is required.
It's possible that this entire thing can be further refined. without the need for a code cave.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
