 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
MichaelLee01
Cheater
![]() Reputation: 0
Joined: 07 Apr 2020
Posts: 37
|
 Posted: Fri May 08, 2020 10:33 pm Post subject: Aob injectino Random Crash,help plz! |
 |
|
I created a No Recoil hack for a game,but there is a 10%chance the hack crash my game(totally random).can you check my script,see if there is a way to improve it? thz
{ Game : FSD-Win64-Shipping.exe
Version:
Date : 2020-03-26
Author : Michael
This script does blah blah blah
}
[ENABLE]
aobscanmodule(Norecoil,FSD-Win64-Shipping.exe,0F 10 70 10 0F 11 78 20 44 0F 11 40 30 48 8B 4D E // should be unique
alloc(newmem,$1000,FSD-Win64-Shipping.exe+15345E3)
label(code)
label(return)
newmem:
nop 4
movups [rax+20],xmm7
jmp return
code:
movups [rax+10],xmm6
movups [rax+20],xmm7
jmp return
Norecoil:
jmp newmem
nop 3
return:
registersymbol(Norecoil)
[DISABLE]
Norecoil:
//db 0F 10 70 10 0F 11 78 20 (44 0F 11 40 30 48 8B 4D E
db 0F 10 70 10 0F 11 78 20
unregistersymbol(Norecoil)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: FSD-Win64-Shipping.exe+15306A3
"FSD-Win64-Shipping.exe"+1530683: 41 89 46 08 - mov [r14+08],eax
"FSD-Win64-Shipping.exe"+1530687: 41 3B 46 0C - cmp eax,[r14+0C]
"FSD-Win64-Shipping.exe"+153068B: 7E 0A - jle FSD-Win64-Shipping.exe+1530697
"FSD-Win64-Shipping.exe"+153068D: 8B D7 - mov edx,edi
"FSD-Win64-Shipping.exe"+153068F: 49 8B CE - mov rcx,r14
"FSD-Win64-Shipping.exe"+1530692: E8 19 E9 D7 FE - call FSD-Win64-Shipping.exe+2AEFB0
"FSD-Win64-Shipping.exe"+1530697: 48 8B C7 - mov rax,rdi
"FSD-Win64-Shipping.exe"+153069A: 48 C1 E0 06 - shl rax,06
"FSD-Win64-Shipping.exe"+153069E: 49 03 06 - add rax,[r14]
"FSD-Win64-Shipping.exe"+15306A1: 89 18 - mov [rax],ebx
// ---------- INJECTING HERE ----------
"FSD-Win64-Shipping.exe"+15306A3: 0F 10 70 10 - movups [rax+10],xmm6
"FSD-Win64-Shipping.exe"+15306A7: 0F 11 78 20 - movups [rax+20],xmm7
// ---------- DONE INJECTING ----------
"FSD-Win64-Shipping.exe"+15306AB: 44 0F 11 40 30 - movups [rax+30],xmm8
"FSD-Win64-Shipping.exe"+15306B0: 48 8B 4D E8 - mov rcx,[rbp-19]
"FSD-Win64-Shipping.exe"+15306B4: 48 33 CC - xor rcx,rsp
"FSD-Win64-Shipping.exe"+15306B7: E8 84 5E 09 01 - call FSD-Win64-Shipping.exe+25C6540
"FSD-Win64-Shipping.exe"+15306BC: 4C 8D 9C 24 E0 00 00 00 - lea r11,[rsp+000000E0]
"FSD-Win64-Shipping.exe"+15306C4: 49 8B 5B 58 - mov rbx,[r11+58]
"FSD-Win64-Shipping.exe"+15306C8: 41 0F 28 73 F0 - movaps xmm6,[r11-10]
"FSD-Win64-Shipping.exe"+15306CD: 41 0F 28 7B E0 - movaps xmm7,[r11-20]
"FSD-Win64-Shipping.exe"+15306D2: 45 0F 28 43 D0 - movaps xmm8,[r11-30]
"FSD-Win64-Shipping.exe"+15306D7: 49 8B E3 - mov rsp,r11
}
|
|
| Back to top |
|
 |
happyTugs
Cheater
 Reputation: 0
Joined: 23 Apr 2020
Posts: 26
|
| Posted: Sat May 09, 2020 8:10 pm Post subject: |
|
|
| Quote: | | movups [rax+10],xmm6 |
Are you sure that this isn't a shared opcode? If it is, you removing it may be causing the crash. As a result, you have to keep that instruction and add a few comparisons to filter out the address that you want. | Quote: | code:
movups [rax+10],xmm6
movups [rax+20],xmm7
jmp return |
By the way, I don't think this section is necessary as it will never be run since you are jumping to 'return' before that section is even executed as seen below. | Quote: | newmem:
nop 4 //-- Why are you adding a nop here?
movups [rax+20],xmm7
jmp return |
If you do decide to remove it, make sure to remove the label as well.
_________________
This is a block of text that can be added to posts you make. There is a 300 character limit |
|
| Back to top |
|
|
MichaelLee01
Cheater
![]() Reputation: 0
Joined: 07 Apr 2020
Posts: 37
|
| Posted: Sun May 10, 2020 8:06 am Post subject: |
|
|
First of all.Thank you for your help! to answer your questions.
1.movups [rax+10],xmm6 controls camera movment(any camera shake),its not technically recoil hack,but it does the job,and yes it is a shared opcode.but the crash is totally random,made me wonder if i need any cmp at all.
2.( "code:
movups [rax+10],xmm6
movups [rax+20],xmm7")
if the entire session is unnecessary,I delete it,and only write my changes to newmem,will it stabilize my script?
3.About nop
movups [rax+10],xmm6 controls camera shake but movups [rax+20],xmm7 control other things,simply deleting xmm6 won't
it crash my game?
| Description: |
|
| Filesize: |
80.63 KB |
| Viewed: |
1530 Time(s) |
|
|
|
| Back to top |
|
|
happyTugs
Cheater
Reputation: 0
Joined: 23 Apr 2020
Posts: 26
|
| Posted: Mon May 11, 2020 1:00 am Post subject: |
|
|
| Quote: | | will it stabilize my script? |
I am rather sure that it won't 'stabilize' your script, but you are free to try.
| Quote: | | simply deleting xmm6 won't it crash my game? |
I am not quite sure I am following what you are trying to say.
I asked about the nop since I was just curious as to why you placed a nop at the beginning of newmem.
| Quote: | | made me wonder if i need any cmp at all |
You would need to compare since this is a shared opcode and you will need to filter out those addresses instead of removing the opcode entirely.
This is because other addresses - besides your 'camera' address - depend on that instruction.
Sure, it may not have crashed as you soon executed the script.
But, it may crash somewhere along the way as you play through the game (which I am assuming is the case).
You can filter out these addresses either through dissecting the struct of each dereferenced address, the commonality scanner, or even Structure Spider (though I am unfamiliar with that route).
Here is where I would go into detail as to how you would do it.
But, there are plenty of tutorials out there that will teach you more clearly than I can since I am terrible at explaning things.
So, I recommend some YouTube videos by Stephen Chapman, Cheat The Game, or even Guided Hacking to explain it.
"Game Hacking: Technique To Find No Recoil/No Spread /Accuracy" 31:09 -Cheat The Game - This one should be of interest to you!
"Comparing Multi Level Pointers For Inf Health and Other Codes" 20:08 -Cheat The Game
"Cheat Engine 6.5 Tutorial Part 14: How to Find Addresses an Instruction Accesses! [Deadpool]" 18:40 -Stephen Chapman
_________________
This is a block of text that can be added to posts you make. There is a 300 character limit |
|
| Back to top |
|
|
MichaelLee01
Cheater
![]() Reputation: 0
Joined: 07 Apr 2020
Posts: 37
|
| Posted: Mon May 11, 2020 5:20 am Post subject: |
|
|
| Thanks for your help! You re the best!
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
