Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


I can't active my first asm script. :(

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
zhufeng716
How do I cheat?
Reputation: 0

Joined: 25 Aug 2018
Posts: 2
PostPosted: Sat Aug 25, 2018 4:41 am    Post subject: I can't active my first asm script. :( Reply with quote
Hello, Im a noob coder, met a problem with my first asm script...
I can't active it, and have no idea about wats wrong. Sad(( Can anyone help me out with it? Thanks a lot.

Description:
the code is for monster hunter world, used to inject item into the item box.

code:
Code:

{ Game   : MonsterHunterWorld.exe
  Version:
  Date   : 2018-08-25
  Author : EternalSword

  This script does blah blah blah
}

[ENABLE]
aobscanmodule(BoxBase,"MonsterHunterWorld.exe",75 00 00 00 01 00 00 00 FF FF FF FF) // should be unique
registersymbol(BoxBase)
alloc(ItemID,4)
registersymbol(ItemID)
alloc(quantity,4)
registersymbol(quantity)
alloc(itcode,$1000)
label(toend)
label(repeat)
label(injectitem)

jmp toend

itcode:
push rax
push rbx
push rbp
push rcx
mov rax,BoxBase
add rax,04A8
mov rbx,rax //@Tip 1
mov rcx,149
repeat:
mov rax,[rbx]
cmp rax,0
je injectitem
add rbx,10 //@tip2
loop repeat
{$lua}
print('fuuuuuuuuull Box XDDD')
{$asm}

injectitem:
mov rax,[ItemID]
mov [rbx],rax
mov rax,[quantity]
mov [rbx+04],rax


pop rcx
pop rbp
pop rbx
pop rax

toend:
[DISABLE]
dealloc(ItemID,4)
dealloc(quantity,4)
unregistersymbol(BoxBase)
unregistersymbol(ItemID)
unregistersymbol(quantity)
dealloc(itcode)


Tips:
tip1:
what in rbx is the address of the item at slot 1 of your item box.
then [rbx] is the item's ID at slot 1.
[rbx+04] is the quantity of this item.
tip2:
[slot1 + 0010H] = [slot2]

Thank You!
Back to top
View user's profile Send private message
TheyCallMeTim13
Wiki Contributor
Reputation: 51

Joined: 24 Feb 2017
Posts: 976
Location: Pluto
PostPosted: Sat Aug 25, 2018 5:38 am    Post subject: Reply with quote
1. There is no injection point.
2. The code execution would never return, if it was ever executed.
3. You never set "[ItemID]" or "[quantity]", but they're used in the script.
4. You're moving 8 byte registories with a 4 byte offset.
5. You're tell it to assemble outside of any memory.
6. If "jmp toend" was assembled into the new memory for the injection, it would just skip all the added code.

You should go back and do some tutorials, to get a better understanding of what "code injection" is and how it works.

Code:
{ Game   : MonsterHunterWorld.exe
  Version:
  Date   : 2018-08-25
  Author : EternalSword

  This script does blah blah blah
}

[ENABLE]
aobscanmodule(BoxBase, MonsterHunterWorld.exe, 75 00 00 00 01 00 00 00 FF FF FF FF) // should be unique
registersymbol(BoxBase)
alloc(ItemID,4)
registersymbol(ItemID)
alloc(quantity,4)
registersymbol(quantity)
alloc(itcode,$1000)
label(toend)
label(repeat)
label(injectitem)

jmp toend // This isn't assembled anywhere

itcode:
push rax
push rbx
push rbp // this is never used, and you are manipulating the stack base pointer.
push rcx
mov rax,BoxBase
add rax,04A8
mov rbx,rax //@Tip 1
mov rcx,149
repeat:
mov rax,[rbx]
cmp rax,0
// could just be // cmp [rbx],0
je injectitem
add rbx,10 //@tip2
loop repeat
{$lua}
print('fuuuuuuuuull Box XDDD') -- this will only print (once) when the AA script is enabled.
{$asm}

injectitem:
mov rax,[ItemID] // setting 8 byte registry
// [ItemID] is never set, thus it's value is zero
mov [rbx],rax // setting 8 bytes (RBX+0 and RBX+4)
mov rax,[quantity] // setting 8 byte registry
// [quantity] is never set, thus it's value is zero
mov [rbx+04],rax // setting 8 bytes (RBX+4 and RBX+8)


pop rcx
pop rbp
pop rbx
pop rax

toend: // Code execution goes nowhere, just ends here which will likely crash the game.

// you need an injection point and a return for that injection point.

[DISABLE]
dealloc(ItemID,4) // This is wrong
dealloc(quantity,4) // This is wrong
unregistersymbol(BoxBase)
unregistersymbol(ItemID)
unregistersymbol(quantity)
dealloc(itcode) // This is right


https://wiki.cheatengine.org/index.php?title=Tutorials:Auto_Assembler:Injection_full
https://wiki.cheatengine.org/index.php?title=Tutorials:Auto_Assembler:Templates
https://wiki.cheatengine.org/index.php?title=Auto_Assembler:Commands
_________________
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites