 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Stacktrace
Expert Cheater
 Reputation: 1
Joined: 04 Jul 2015
Posts: 105
|
 Posted: Thu Jun 20, 2019 2:16 pm Post subject: Problem when moving several "objects" from an inst |
 |
|
Hi, there is a function in a game that contains all player objects and I made a cheat that moves every address that instruction contains (the player objects) into my own allocated memory with a registersymbol which I then use to set my own player object to which then causes my player to appear on another player.
The problem is I want my player to appear on each player over and over as the instruction contains all the players but the script only makes me go to one player and remains on that player till the player dies / etc causing the object to go away which it then moves over to another player
Is there any way to make my player move to each player over and over? For example move to one player for a second then onto another then another rather than stay on one even though it's receiving several at once
Hope I didn't explain it too poorly and apologies if so. I'm not sure how to explain this another way.
EXPLAINED BETTER
VVV
An instruction "movq xmm0,[esi+000000E5]" contains all player objects which are accessed by it. I then make a code that moves [esi+e0] into my own register symboled memory and then make a code that replaces my player object with the players from that address, which causes my player to appear on their player, so when they move around my player automatically sticks with them and follows them around.
Problem is, even though [esi+e5] contains all players ( let's say 8 players ) it only moves me to one player and then if that player object goes away (respawn, et-cetera) it moves me to another player, which is good but I wish it would move me to each address back and forth rather than only one object address. I'm very unsure how I'd go on about doing that.
Maybe I could somehow use a compare to check for objects that have been used and then skip that? Problem doing that would be I don't want to skip the player I still want to move onto the player for a few seconds and then move over to another and then back again- Not even sure how I would compare such thing and I would need a timer.
I'm sure there's a better and more logical method for this.
I was sure Cheat Engine would already make me go back and forth seeing as my memory location always receives an object so if you were to look at it from a value it would rapidly change object to object but yet I appear to stick with only one object till that object goes away and then it uses another object for another player and then sticks with that object and so on...
Attached a picture as you can see several objects are being stored by that instruction and only "counts" if a player walks around. This is where the issue happens, even if say all players walk around it still somehow sticks with one object.
Also I know it's not really an object what you see in the picture but that address - E5 leads me to the actual object, and E5 is the offset for velocity. 
| Description: |
|
| Filesize: |
12.32 KB |
| Viewed: |
2497 Time(s) |
|
|
|
| Back to top |
|
 |
daspamer
Grandmaster Cheater Supreme
 Reputation: 54
Joined: 13 Sep 2011
Posts: 1588
|
| Posted: Thu Jun 20, 2019 8:25 pm Post subject: |
|
|
Well one approach would be create an array (list), ordered by player address.
then iterate over the list and verify that each address is still valid (if not adjust.. remove address from list and shift the rest), this way you can count how many players there, and maintain append zero dword at the end (boundary).
allocate memory for index, and use it to select which player you seek to teleport to, or if you wish to select a different one by supplying an id (of course in list boundaries).
Could post an example if needed(not exact related to teleporting, some old work I made for some game)
or if you post some of the code I would try and help.
_________________
I'm rusty and getting older, help me re-learn lua. |
|
| Back to top |
|
|
Stacktrace
Expert Cheater
Reputation: 1
Joined: 04 Jul 2015
Posts: 105
|
| Posted: Tue Jun 25, 2019 10:47 am Post subject: |
|
|
| DaSpamer wrote: | Well one approach would be create an array (list), ordered by player address.
then iterate over the list and verify that each address is still valid (if not adjust.. remove address from list and shift the rest), this way you can count how many players there, and maintain append zero dword at the end (boundary).
allocate memory for index, and use it to select which player you seek to teleport to, or if you wish to select a different one by supplying an id (of course in list boundaries).
Could post an example if needed(not exact related to teleporting, some old work I made for some game)
or if you post some of the code I would try and help. |
Hi, thanks for the response. It would most likely be helpful to see your code, much appreciated! I'm still sitting here scratching my head on this. I feel like it would be simple, but yet I can't grasp it for some reason.
|
|
| Back to top |
|
|
daspamer
Grandmaster Cheater Supreme
Reputation: 54
Joined: 13 Sep 2011
Posts: 1588
|
| Posted: Tue Jun 25, 2019 12:27 pm Post subject: |
|
|
Tried to comment as much as I can do, also removed some game related information.
Key function:
checkLastItem - checks each item and item (recursive function); assigned to a different hook, more frequent called, to keep only relevant information.
_isWeaponID - checks if given value exists in our pre-made list; logic can be used to verify if given value exists in a list.
InventoryHook - performs checks (e.g weapon belongs to player and such), appends to a list (checkLastItem keeps it relavent by removing nulled entries).
| Code: | [ENABLE]
alloc(InventoryHook,1024) //Current hook memory
alloc(game_WeaponID,2048) //All weapon ids hard coded to compare 250 weapons (1000bytes) + functions
alloc(game_PlayerWeaponIndex,1280) //Current player weapon list
label(checkLastItem)
label(isValidInventoryHook)
label(returnCheckItem)
registersymbol(isValidInventoryHook)
label(game_PlayerWeapon) //Pointer to player weapons list
label(game_PlayerCurrentIndex) //Pointer to current index in player weapons list
label(game_PlayerWeaponAbilityType)
label(game_PlayerWeaponAbilityLevel)
registersymbol(InventoryHook)
registersymbol(game_WeaponID)
registersymbol(game_PlayerWeapon)
registersymbol(game_PlayerCurrentIndex)
registersymbol(game_PlayerWeaponIndex)
registersymbol(game_PlayerWeaponAbilityType)
registersymbol(game_PlayerWeaponAbilityLevel)
InventoryHook:
push eax
cmp [esi+1c],1 // holds 1 for player weapons???
jne OriginalFunction
cmp [esi+1c],3
// je @F
ja OriginalFunction
cmp [esi+1c],0
jb OriginalFunction
@@:
mov eax,[esi+30]
cmp eax,0
je OriginalFunction
cmp [eax],24454105
jne OriginalFunction
push [esi+10] // push weapon id
call _isWeaponID // this function checks if we already have item id in a list already (could be a pointer as well)
test eax,eax
je OriginalFunction
mov eax,-1
push ebx
@@: // add weapon to end of the list function; another hook below keeps it sorted and valid; check this part
inc eax
cmp [game_PlayerWeapon+eax*4],esi // ecx holds base pointer
je _saveCurrentIndex
cmp [game_PlayerWeapon+eax*4],0
je @F
jmp @B
@@:
mov [game_PlayerWeapon+eax*4],esi
mov [game_PlayerWeaponIndex],eax
inc [game_PlayerWeaponIndex]
push ebx
push ecx
push edx
push ebp
mov ecx,-1
@@:
cmp ecx,[esi+3c]
jbe @F
not ecx
mov ebx,eax // calculate where to save (game_PlayerWeaponAbilityType[WEAPONID * 4 + SLOT ID[0 to 3] * 4]
imul ebx,10
mov edx,ecx
imul edx,4
add ebx edx
mov ebp,ecx
imul ebp,C
mov edx,[esi+2c]
add edx,ebp
mov [game_PlayerWeaponAbilityType+ebx],edx
mov edx,[esi+30]
add edx,ebp
mov [game_PlayerWeaponAbilityLevel+ebx],edx
inc ecx
not ecx
jmp @B
@@:
pop ebp
pop edx
pop ecx
pop ebx
_saveCurrentIndex:
pop ebx
mov [game_PlayerCurrentIndex],eax
inc eax
OriginalFunction:
pop eax
cmp byte ptr [edi+00000600],00
jmp returnhere
checkLastItem: // checks each item and item if still is valid; recurisively each item and item
push ebp
mov ebp,esp
push eax
push ebx
mov ebx,[ebp+8]
dec ebx
js checkLastItemExit
cmp ebx,7F
ja checkLastItemExit
mov eax, [game_PlayerWeapon+ebx*4]
mov eax,[eax]
cmp eax,"game_-Win.exe"
jb @F // offset invalid;
cmp [eax+48],0
je checkNextItem
@@:
// okay now we have reset now we gotta shift all data 4 bytes earlier
push esi
mov esi,ebx
@@:
inc esi
cmp esi,[game_PlayerWeaponIndex]
ja @F
mov eax,[game_PlayerWeapon+esi*4]
mov [game_PlayerWeapon+esi*4-4],eax
jmp @B
@@:
mov [game_PlayerWeapon+esi*4],0
dec [game_PlayerWeaponIndex] // we removed 1 index so total weapons count is 1 less
pop esi
checkNextItem:
push ebx
call checkLastItem
checkLastItemExit:
pop ebx
pop eax
pop ebp
ret 4
isValidInventoryHook:
push [game_PlayerWeaponIndex]
call checkLastItem // check calls this
mov ecx,[edi+1c]
jmp returnCheckItem
// weapon fetch hook; main inventory hook
"game_-Win.exe"+64: //modified offset...
jmp InventoryHook
nop
nop
returnhere:
//some event that gets called quite a lot per item, sometimes weapon get nulled so we need to check it often in my case;
"game_-Win.exe"+128:
jmp isValidInventoryHook
nop
returnCheckItem:
game_PlayerWeaponIndex:
dd FF
game_PlayerCurrentIndex:
dd FF
game_PlayerWeapon:
// each dword holds 1 weapon id MAX 32 weapons which is above of game limit but there drop and such
resb 128
game_PlayerWeaponAbilityType:
//reserved 32 bytes
resb 512
game_PlayerWeaponAbilityLevel:
//reserved 32 bytes ...
resb 512
{ Game weapons ID memory block for script usage
}
// 250 total weapons id
game_WeaponID:
dd 00000001 00000002 00000003 00000004
dd 00000000 // padding..end of list;
// some long weapon list, removed...
{ procedure to get current weapon
parameter weapon id
}
_isWeaponID: // compare if given id exists in the game_weaponID list (the one I removed..)
push ebp
mov ebp,esp
push ecx
push edx
mov edx,[ebp+8]
mov ecx,game_WeaponID // ecx pointer, which weapon id
sub ecx,4
xor eax,eax // return weapon id
@@: // loop start
add ecx,4
cmp [ecx],0
je @f
cmp [ecx],edx
jne @b
mov eax,edx
@@:
pop edx
pop ecx
pop ebp
ret 4 // returns eax = weapon ID; 0 if not found
[DISABLE]
dealloc(InventoryHook)
dealloc(game_PlayerWeaponIndex)
dealloc(game_WeaponID) |
edit:
Game was 32bit, but shouldn't be hard to convert script to 64bit
_________________
I'm rusty and getting older, help me re-learn lua. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
