Cheat Engine :: View topic - How do I reference to mono addresses with colons and braces?

Cheat Engine
The Official Site of Cheat Engine

FAQ

Memberlist

Usergroups

Profile

How do I reference to mono addresses with colons and braces?

Cheat Engine Forum Index -> General Discussions

View previous topic :: View next topic

Author

Message

zwangxian
How do I cheat?

Reputation: 0

Joined: 20 May 2014
Posts: 9

Posted: Sat Nov 16, 2024 11:40 pm Post subject: How do I reference to mono addresses with colons and braces?

Code:

[ENABLE]

aobscan(INJECT,ERROR: Could not find unique AOB, tried code "83 F8 64 0F 8C 81 01 00 00") // should be unique
alloc(newmem,$1000,INJECT)

label(code)
label(return)

newmem:

code:
cmp eax,64
jl BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+2e0
jmp return

INJECT:
jmp newmem
nop 4
return:
registersymbol(INJECT)

[DISABLE]

INJECT:
db 83 F8 64 0F 8C 81 01 00 00

unregistersymbol(INJECT)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+156

BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+121: 48 BA A0 3B 32 1C B4 01 00 00 - mov rdx,000001B41C323BA0
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+12b: 83 38 00 - cmp dword ptr [rax],00
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+12e: 49 BB 92 3C D4 4B B5 01 00 00 - mov r11,000001B54BD43C92
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+138: 41 FF D3 - call r11
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+13b: F3 0F 5A C8 - cvtss2sd xmm1,xmm0
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+13f: F2 0F 10 45 C0 - movsd xmm0,[rbp-40]
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+144: 66 0F 2F C8 - comisd xmm1,xmm0
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+148: 0F 86 92 01 00 00 - jbe BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+2e0
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+14e: 48 8B 46 60 - mov rax,[rsi+60]
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+152: 48 63 40 28 - movsxd rax,dword ptr [rax+28]
// ---------- INJECTING HERE ----------
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+156: 83 F8 64 - cmp eax,64
// ---------- DONE INJECTING ----------
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+159: 0F 8C 81 01 00 00 - jl BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+2e0
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+15f: 48 8B 86 D8 00 00 00 - mov rax,[rsi+000000D8]
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+166: 48 8B C8 - mov rcx,rax
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+169: 83 39 00 - cmp dword ptr [rcx],00
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+16c: 48 8B 80 30 01 00 00 - mov rax,[rax+00000130]
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+173: 48 63 40 18 - movsxd rax,dword ptr [rax+18]
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+177: 83 F8 01 - cmp eax,01
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+17a: 0F 84 60 01 00 00 - je BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+2e0
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+180: 48 8B 86 D8 00 00 00 - mov rax,[rsi+000000D8]
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+187: 48 8B C8 - mov rcx,rax
}

I can't find an unique AOB, so I tried LaunchMonoDataCollector() together with the address identifier BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+156, but CE deemed this address invalid. Then how do I use this address as an identifier? Thanks for any help.

Game Hacking Dojo
Master Cheater

Reputation: 1

Joined: 17 Sep 2023
Posts: 250

Posted: Sun Nov 17, 2024 8:07 am Post subject:

First, use full injection instead of aob since the game provides symbols.
Second, put quotes around everything behind the plus sign

Before:

Code:

BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+156

After:

Code:

"BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>"+156

In the full injection template as an address use the symbol if Cheat Engine didn't do that for you like this:

Code:

define(address,"BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>"+156)
define(bytes,83 F8 64 0F 8C 81 01 00 00)

[ENABLE]

assert(address,bytes)
alloc(newmem,$1000,"BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>"+156)

label(code)
label(return)

newmem:

code:
cmp eax,64
jl "BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>"+2e0
jmp return

address:
jmp newmem
nop 4
return:

[DISABLE]

address:
db bytes
// cmp eax,64
// jl BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+2e0

dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+156

BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+121: 48 BA A0 3B 32 1C B4 01 00 00 - mov rdx,000001B41C323BA0
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+12b: 83 38 00 - cmp dword ptr [rax],00
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+12e: 49 BB 92 3C D4 4B B5 01 00 00 - mov r11,000001B54BD43C92
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+138: 41 FF D3 - call r11
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+13b: F3 0F 5A C8 - cvtss2sd xmm1,xmm0
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+13f: F2 0F 10 45 C0 - movsd xmm0,[rbp-40]
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+144: 66 0F 2F C8 - comisd xmm1,xmm0
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+148: 0F 86 92 01 00 00 - jbe BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+2e0
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+14e: 48 8B 46 60 - mov rax,[rsi+60]
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+152: 48 63 40 28 - movsxd rax,dword ptr [rax+28]
// ---------- INJECTING HERE ----------
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+156: 83 F8 64 - cmp eax,64
// ---------- DONE INJECTING ----------
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+159: 0F 8C 81 01 00 00 - jl BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+2e0
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+15f: 48 8B 86 D8 00 00 00 - mov rax,[rsi+000000D8]
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+166: 48 8B C8 - mov rcx,rax
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+169: 83 39 00 - cmp dword ptr [rcx],00
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+16c: 48 8B 80 30 01 00 00 - mov rax,[rax+00000130]
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+173: 48 63 40 18 - movsxd rax,dword ptr [rax+18]
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+177: 83 F8 01 - cmp eax,01
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+17a: 0F 84 60 01 00 00 - je BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+2e0
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+180: 48 8B 86 D8 00 00 00 - mov rax,[rsi+000000D8]
BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+187: 48 8B C8 - mov rcx,rax
}

zwangxian
How do I cheat?

Reputation: 0

Joined: 20 May 2014
Posts: 9

Posted: Sun Nov 17, 2024 10:10 am Post subject:

Game Hacking Dojo wrote:

First, use full injection instead of aob since the game provides symbols.
Second, put quotes around everything behind the plus sign

Before:

Code:

BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>+156

After:

Code:

"BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>"+156

In the full injection template as an address use the symbol if Cheat Engine didn't do that for you like this:

Code:

Thanks, I tried this address with and without the quotes, but both are invalid. It can't be reached by CTRL + G goto address function in the disassembler window either. I think this has something to do with the braces and double-colon. Typical mono style... I've met similar situations many times but never figured out a way to solve it.

Dark Byte
Site Admin

Reputation: 468

Joined: 09 May 2003
Posts: 25707
Location: The netherlands

Posted: Sun Nov 17, 2024 2:45 pm Post subject:

tried BattleObject::SkillLevelUpCheckProcess ? and you're sure this is mono and not microsoft .net ? _________________ Do not ask me about online cheats. I don't know any and wont help finding them. Like my help? Join me on Patreon so i can keep helping

zwangxian
How do I cheat?

Reputation: 0

Joined: 20 May 2014
Posts: 9

Posted: Sun Nov 17, 2024 10:36 pm Post subject:

Dark Byte wrote:

tried BattleObject::SkillLevelUpCheckProcess ?

and you're sure this is mono and not microsoft .net ?

I should've said it's a typical unity game thing.

I tried BattleObject::SkillLevelUpCheckProcess and this address is valid. CE goes to BattleObject:SkillLevelUpCheckProcess, automatically ignoring one colon inside. This module area has an identical code block to my target address, except that modifying it won't work:

Code:

BattleObject:SkillLevelUpCheckProcess+12b: 83 38 00 - cmp dword ptr [rax],00
BattleObject:SkillLevelUpCheckProcess+12e: 49 BB 22 0E EC 0C B6 02 00 00 - mov r11,000002B60CEC0E22 <=only difference is this dynamic address that changes every time the game reboots
BattleObject:SkillLevelUpCheckProcess+138: 41 FF D3 - call r11
BattleObject:SkillLevelUpCheckProcess+13b: F3 0F 5A C8 - cvtss2sd xmm1,xmm0
BattleObject:SkillLevelUpCheckProcess+13f: F2 0F 10 45 C0 - movsd xmm0,[rbp-40]
BattleObject:SkillLevelUpCheckProcess+144: 66 0F 2F C8 - comisd xmm1,xmm0
BattleObject:SkillLevelUpCheckProcess+148: 0F 86 92 01 00 00 - jbe BattleObject:SkillLevelUpCheckProcess+2e0
BattleObject:SkillLevelUpCheckProcess+14e: 48 8B 46 60 - mov rax,[rsi+60]
BattleObject:SkillLevelUpCheckProcess+152: 48 63 40 28 - movsxd rax,dword ptr [rax+28]
// ---------- INJECTING HERE ----------
BattleObject:SkillLevelUpCheckProcess+156: 83 F8 64 - cmp eax,64
// ---------- DONE INJECTING ----------
BattleObject:SkillLevelUpCheckProcess+159: 0F 8C 81 01 00 00 - jl BattleObject:SkillLevelUpCheckProcess+2e0
BattleObject:SkillLevelUpCheckProcess+15f: 48 8B 86 D8 00 00 00 - mov rax,[rsi+000000D8]
BattleObject:SkillLevelUpCheckProcess+166: 48 8B C8 - mov rcx,rax
BattleObject:SkillLevelUpCheckProcess+169: 83 39 00 - cmp dword ptr [rcx],00
BattleObject:SkillLevelUpCheckProcess+16c: 48 8B 80 30 01 00 00 - mov rax,[rax+00000130]
BattleObject:SkillLevelUpCheckProcess+173: 48 63 40 18 - movsxd rax,dword ptr [rax+18]
BattleObject:SkillLevelUpCheckProcess+177: 83 F8 01 - cmp eax,01
BattleObject:SkillLevelUpCheckProcess+17a: 0F 84 60 01 00 00 - je BattleObject:SkillLevelUpCheckProcess+2e0
BattleObject:SkillLevelUpCheckProcess+180: 48 8B 86 D8 00 00 00 - mov rax,[rsi+000000D8]

While modifying my target address with angled braces works well:

Code:

BattleObject:DMD<BattleObject::SkillLevelUpCheckProcess>

what I need is just change cmp eax,64 to cmp eax,01, and it won't take much time to make an AOB search and see which one is at the correct location. It's awkward that CE just somehow won't recognize this address, so I can't make an assertion and specify the address where the one byte I need to change.

Display posts from previous:

	Cheat Engine Forum Index -> General Discussions	All times are GMT - 6 Hours
Page 1 of 1

Jump to:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum