 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Oxijen
Expert Cheater
![]() Reputation: 0
Joined: 07 May 2020
Posts: 163
Location: On The Moon
|
 Posted: Fri Aug 27, 2021 5:43 pm Post subject: compileCS not working (i mean idk how to use it O_O) |
 |
|
| Code: |
csharp = [[using System.Windows.Form;
using System;
namespace hi
{
class Program
{
static void Main(string[] args)
{
MessageBox.Show("hi");
}
}
}]]
local references, sysfile=dotnetpatch_getAllReferences()
local csfile,msg=compileCS(csharp, references, sysfile)
csfile,msg=compileCS(csharp, references)
print("Done") |
Done is being printed, am i doing something wrong (ofc, but help me XC)
_________________
I can see you Hitler
Especially When I am On the Moon!!
You are Right now in cheat engine forum  |
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 458
Joined: 09 May 2003
Posts: 25287
Location: The netherlands
|
| Posted: Sat Aug 28, 2021 1:49 am Post subject: |
|
|
what is in csfile and msg ?
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Oxijen
Expert Cheater
![]() Reputation: 0
Joined: 07 May 2020
Posts: 163
Location: On The Moon
|
| Posted: Sat Aug 28, 2021 6:15 am Post subject: |
|
|
In the error dialog i got something like assembly csharp not found (i was attached to il2cpp game) then i attached to a random process there was no error (i cant show the error cuz i am not at home sorry)
_________________
I can see you Hitler
Especially When I am On the Moon!!
You are Right now in cheat engine forum |
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 458
Joined: 09 May 2003
Posts: 25287
Location: The netherlands
|
| Posted: Sat Aug 28, 2021 6:31 am Post subject: |
|
|
I don't think mono sysfile contains the System.Windows.Forms assembly so you may have to add that to the references manually
And i'm not sure an il2cpp implementation can load a .net binary. (didn't have much luck yet on my own tests)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Oxijen
Expert Cheater
![]() Reputation: 0
Joined: 07 May 2020
Posts: 163
Location: On The Moon
|
| Posted: Sat Aug 28, 2021 6:47 am Post subject: |
|
|
How can i add reference? And is there any wiki about compileCS and c code? I didnt find anything in the wiki page
_________________
I can see you Hitler
Especially When I am On the Moon!!
You are Right now in cheat engine forum |
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 458
Joined: 09 May 2003
Posts: 25287
Location: The netherlands
|
| Posted: Sat Aug 28, 2021 8:46 am Post subject: |
|
|
the references table is a list to assemblies used to compile your c# code
It needs a direct path to the assembly
Perhaps start with something easier, not using an assembly specific for windows on a target that isn't designed for windows specific code (mono runs on linux as well, so the system.windows namespace tends to be missing)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping
Last edited by Dark Byte on Sat Aug 28, 2021 8:51 am; edited 1 time in total |
|
| Back to top |
|
|
Oxijen
Expert Cheater
![]() Reputation: 0
Joined: 07 May 2020
Posts: 163
Location: On The Moon
|
| Posted: Sat Aug 28, 2021 8:49 am Post subject: |
|
|
Thx, i will mess around with the code a bit just to get used to it 
_________________
I can see you Hitler
Especially When I am On the Moon!!
You are Right now in cheat engine forum |
|
| Back to top |
|
|
panraven
Grandmaster Cheater
![]() Reputation: 55
Joined: 01 Oct 2008
Posts: 942
|
| Posted: Sat Aug 28, 2021 9:51 am Post subject: |
|
|
My attempt, following this script https://forum.cheatengine.org/viewtopic.php?p=5769516#5769516
on a free steam game red planet farming https://store.steampowered.com/app/1288170/Red_Planet_Farming/
It has to activate mono feature or there is no references found.
| Code: |
local bPrintRefs = false
local which = process=='RedPlanetFarming.exe'
local refs, sys = dotnetpatch_getAllReferences()
if refs and sys then
for k,v in pairs(refs)do
if bPrintRefs then print(k,v) end
if v:find'mscorlib'then sys2 = v end
if v:find'netstandard'then print( v) end
end
refs[1+#refs] = sys --- netstandard added to refs
print('sys:',sys)
local cs = which and [[
using System;
using System.Collections;
using System.Collections.Generic;
using System.Diagnostics;
using System.Runtime.CompilerServices;
using UnityEngine;
using UnityEngine.Events;
using UnityEngine.UI;
public class modField : Field {
public void modApplyCrop(string c) {
if (PlayerInfo.game.currentMoney < 399) {
PlayerInfo.game.currentMoney = 399;
}
base.applyCrop(c) ; //// **** --> should replace as dummyApplyCrop(c)
}
[MethodImpl(MethodImplOptions.NoInlining)]
public void dummyApplyCrop(string c) {
}
}
]] or [[
-- other process test --
]]
local assm, msg =compileCS(cs, refs, sys) -- 'sys' use netstandard, failed
print(tostring(assm),'\n1====\n',tostring(msg))
if not assm then
assm, msg =compileCS(cs, refs, sys2) -- 'sys' use mscorlib, ok
print(tostring(assm),'\n2====\n',tostring(msg))
end
if assm then
local result, disableinfo, disablescript=
InjectDotNetDetour(assm, "Field::applyCrop","modField::modApplyCrop","modField::dummyApplyCrop")
print(tostring(result),'\n---\n',tostring(disableinfo),'\n---\n',tostring(disablescript))
-- ...
end
end
|
Note on 1st try with 'netstandard' as sysfile, failed;
but success compile with 'mscordlib' as sysfile.
It still need to referenced 'netstandard',
but it is not in the original refs.
I had to add it manually.
netstandard is a small assembly file with seemly no actual code, but a lot lines like
[assembly: TypeForwardedTo(typeof(FileWebResponse))]
in assembly info page.
Before actually run this code, I do an action in game to let mono compile the Field:applyCrop (plant a seed, it is a required action in 1st play tutorial) .
So I can go to Field:applyCrop
then I run above code.
After that, the original Field:applyCrop will jmp to modField:modApplyCrop,
which is:
| Code: |
modField:modApplyCrop - 55 - push rbp
modField:modApplyCrop+1- 48 8B EC - mov rbp,rsp
modField:modApplyCrop+4- 48 83 EC 30 - sub rsp,30
modField:modApplyCrop+8- 48 89 4D F8 - mov [rbp-08],rcx
modField:modApplyCrop+c- 48 89 55 F0 - mov [rbp-10],rdx
modField:modApplyCrop+10- 48 B8 6038EBA0A2020000 - mov rax,000002A2A0EB3860
modField:modApplyCrop+1a- 48 8B 00 - mov rax,[rax]
modField:modApplyCrop+1d- 48 63 80 28040000 - movsxd rax,dword ptr [rax+00000428]
modField:modApplyCrop+24- 3D 8F010000 - cmp eax,0000018F
modField:modApplyCrop+29- 7D 17 - jnl modField:modApplyCrop+42
modField:modApplyCrop+2b- 48 B8 6038EBA0A2020000 - mov rax,000002A2A0EB3860
modField:modApplyCrop+35- 48 8B 00 - mov rax,[rax]
modField:modApplyCrop+38- C7 80 28040000 8F010000 - mov [rax+00000428],0000018F
modField:modApplyCrop+42- 48 8B 4D F8 - mov rcx,[rbp-08]
modField:modApplyCrop+46- 48 8B 55 F0 - mov rdx,[rbp-10]
modField:modApplyCrop+4a- 48 8D 6D 00 - lea rbp,[rbp+00]
modField:modApplyCrop+4e- 49 BB F9C682ADA2020000 - mov r11,000002A2AD82C6F9
modField:modApplyCrop+58- 41 FF D3 - call r11
modField:modApplyCrop+5b- 48 8D 65 00 - lea rsp,[rbp+00]
modField:modApplyCrop+5f- 5D - pop rbp
modField:modApplyCrop+60- C3 - ret
|
The code before last call is my modification code, which is to make minimum money 399.
The last call is suppose to call back the original Field:applyCrop (//// **** in above code)
The last call has this instruction at this moment:
| Code: |
2A2AD82C6F9 - E8 223BC9F0 - call 2A29E4C0220
|
It is kind of some place-holder for mono to be compile if the code actually run to this point.
But then the game crash when I plant the next crop.
So an unsuccessful attempt ~_~
ADDED:
It is my misunderstanding.
It work now by replacing
base.applyCrop(c)
with
dummyApplyCrop(c)
ADDEDx2 :
May I ask, how to deal with overloaded methods, same name but different signature?
nvm, found a possible solution after saw how InjectDotNetDetour work.
_________________
- Retarded. |
|
| Back to top |
|
|
Argaricolm
How do I cheat?
![]() Reputation: 0
Joined: 06 Mar 2016
Posts: 4
|
| Posted: Fri Sep 01, 2023 7:21 pm Post subject: |
|
|
Are there any way to do jit function as with mono and then use its address to write bytes like:
address+5: 90 90
? |
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 458
Joined: 09 May 2003
Posts: 25287
Location: The netherlands
|
| Posted: Sun Sep 03, 2023 12:25 am Post subject: |
|
|
yes, first do a
| Code: |
LaunchDotNetInterface()
|
then get the moduleid of the module that contains the method you're interested in . e.g: dotnet_getModuleID('Terraria.exe')
and then with dotnet_getMethodEntryPoint(moduleid, methoddef) you can get a entry point to that method . (it's usually a stub to the actual method, but it does get executed on method execution)
the methoddef you can get from the DotNetDataCollector (first get the domain, then module, then classlist, and then modulelist, and in there find the method you need)
e.g:
| Code: |
local d=getDotNetDataCollector()
modulehandle=d.enumModuleList(d.enumDomains()[1].DomainHandle)[1].ModuleHandle --adjust this if the code isn't in the main module, or loop this whole thing as well
local classlist=d.enumTypeDefs(modulehandle)
for i=1,#classlist do
if classlist[i].Name=='Terraria.Player' then
local methods=d.getTypeDefMethods(modulehandle, classlist[i].TypeDefToken)
for j=1,#methods do
if methods[j].Name=='KillMe' then
printf("KillMe is now at %x",dotnet_getMethodEntryPoint(dotnet_getModuleID('Terraria.exe'), methods[j].MethodToken ))
break
end
end
break
end
end
|
(TIP, you can also adjust the _IL version of a function before it's JIT'ed)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Argaricolm
How do I cheat?
![]() Reputation: 0
Joined: 06 Mar 2016
Posts: 4
|
| Posted: Sun Sep 03, 2023 8:13 pm Post subject: |
|
|
Thanks for info.
For me another approach have worked (found it in source).
First I do in init script:
if syntaxcheck then return end
LaunchDotNetInterface()
Then in activation script I did:
{$lua}
address = dotnet_findDotNetMethodAddress('','ClassName','MethodName','module.exe')
{$asm}
usual asm redirect/patch
Is it correct or should not be used this way? |
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 458
Joined: 09 May 2003
Posts: 25287
Location: The netherlands
|
| Posted: Mon Sep 04, 2023 12:16 am Post subject: |
|
|
works as well i think.
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
