|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
gurimy00 How do I cheat? Reputation: 0
Joined: 02 Apr 2015 Posts: 8
|
Posted: Thu Jan 20, 2022 4:42 am Post subject: what is wrong with this script... i literally don't get it |
|
|
just trying to catch eax in the symbol...
[ENABLE]
alloc(newmem,2048)
label(returnhere)
registersymbol(esp11)
alloc(esp11,4)
newmem:
mov esp11,[eax]
mov eax,ecx
mov edx,esi
dec esi
jmp returnhere
00A65CB0:
jmp newmem
returnhere:
[DISABLE]
00A65CB0:
mov eax,ecx
mov edx,esi
dec esi
dealloc(newmem)
unregistersymbol(esp11)
dealloc(esp11)
getting the error line 8 (mov 00000000,[eax]) this instruction can not be compiled. are you sure you want to edit it to this?
doesn't enable.
Last edited by gurimy00 on Thu Jan 20, 2022 12:32 pm; edited 1 time in total |
|
Back to top |
|
|
LeFiXER Grandmaster Cheater Supreme Reputation: 20
Joined: 02 Sep 2011 Posts: 1053 Location: 0x90
|
Posted: Thu Jan 20, 2022 9:44 am Post subject: |
|
|
1) There is nowhere in the script to say I need the address at x,y,z location.
Check:
Code: |
AOBSCAN(name, xx xx xx xx xx)
// Scans the memory for the given array of byte and sets the result to the symbol named "name"
AOBSCANMODULE(name, moduleName, xx xx xx xx xx)
// Scans the memory of a specific module for the given array of byte and sets the result to the symbol names "name"
AOBSCANREGION(name, Sadd$, Fadd$, xx xx xx)
// Will scan the specific range from start address to finish address, for the given AOB and labels it with the given name.
|
2) Not only that, you're allocating 32-bytes of memory for an address which is a 32-bit value, i.e. 4-bytes.
3) I would also search how to use AOB injection.
|
|
Back to top |
|
|
TheyCallMeTim13 Wiki Contributor Reputation: 50
Joined: 24 Feb 2017 Posts: 976 Location: Pluto
|
Posted: Thu Jan 20, 2022 11:57 am Post subject: |
|
|
Your trying to set a labels (esp11) address, you can't do it that way. You need to set the value of the label.
EDIT:
Basically if you look at how this would need to be assembled:
You'd see something like this, which is not valid ASM:
_________________
|
|
Back to top |
|
|
gurimy00 How do I cheat? Reputation: 0
Joined: 02 Apr 2015 Posts: 8
|
Posted: Thu Jan 20, 2022 12:24 pm Post subject: |
|
|
[quote="TheyCallMeTim13"]Your trying to set a labels (esp11) address, you can't do it that way. You need to set the value of the label.
EDIT:
Basically if you look at how this would need to be assembled:
[code]mov esp11,[eax][/code]
You'd see something like this, which is not valid ASM:
[code]mov DEADBEEF,[eax][/code][/quote]
i remembered registersymbol basically = an address? how do i make a symbol then which i can be use to store EAXs value?
i allocated memory for it
i put a label there
and i registered a symbol for it
i need to log the value of the address on eax on that variable.
i still don't get how this should be performed then.
[quote="LeFiXER"]1) There is nowhere in the script to say I need the address at x,y,z location.
Check:
[code]
AOBSCAN(name, xx xx xx xx xx)
// Scans the memory for the given array of byte and sets the result to the symbol named "name"
AOBSCANMODULE(name, moduleName, xx xx xx xx xx)
// Scans the memory of a specific module for the given array of byte and sets the result to the symbol names "name"
AOBSCANREGION(name, Sadd$, Fadd$, xx xx xx)
// Will scan the specific range from start address to finish address, for the given AOB and labels it with the given name.
[/code]
2) Not only that, you're allocating 32-bytes of memory for an address which is a 32-bit value, i.e. 4-bytes.
3) I would also search how to use AOB injection.[/quote]
i have 0 need for an aob scan at this situation.
all i need is to literally get the variable to work.
the size is of safety concerns, it's perfectly fine to allocate more.
i just want to understand how to make this symbol work as a variable. as in have an address that goes by that symbol
i'm not trying to move it to a label like the other person said, i'm trying to create a symbol, allocate memory for it and use it.
even if it's 4 bytes and not 32 (still certain that it doesn't matter but i'll do that just so this goes out of the topic) it still doesn't compile
what do i need to do?
again AoBs have literally 0 relation to my problem
all i want to do is log this eax in a variable i could place in my table and monitor. not even for editing purposes, just to watch over it for something.
|
|
Back to top |
|
|
LeFiXER Grandmaster Cheater Supreme Reputation: 20
Joined: 02 Sep 2011 Posts: 1053 Location: 0x90
|
Posted: Thu Jan 20, 2022 1:58 pm Post subject: |
|
|
You haven't told CE where to allocate the newmem hence why I suggested an AOB. To find a code cave within the executable where you can place your new code. AOB is one such way of doing so especially when you want to see data at a specific point, what better than to inject at the point where you want to read that data?
I'm not here to bust your gonads just saying how I would do things, whether you use that information is entirely your decision.
|
|
Back to top |
|
|
++METHOS I post too much Reputation: 92
Joined: 29 Oct 2010 Posts: 4197
|
Posted: Thu Jan 20, 2022 2:46 pm Post subject: |
|
|
It is advisable to use the injection templates until you have a better understanding of things.
Nonetheless, you should structure things similarly to the example below:
Code: | [ENABLE]
aobscanmodule(aob_example,Tutorial-i386.exe,81 BB B0 04 00 00 E8 03 00 00)
alloc(newmem_example,1024,Tutorial-i386.exe)
label(return_example)
label(originalcode_example)
label(example_address)
registersymbol(aob_example)
registersymbol(example_address)
newmem_example:
push edi
lea edi,[ebx+000004B0]
mov [example_address],edi
pop edi
originalcode_example:
cmp [ebx+000004B0],000003E8
jmp return_example
example_address:
dd 0
aob_example:
jmp newmem_example
nop 5
return_example:
[DISABLE]
dealloc(newmem_example)
aob_example:
db 81 BB B0 04 00 00 E8 03 00 00
unregistersymbol(aob_example)
unregistersymbol(example_address) |
Once enabled, manually add a pointer address to your table, and use "example_address" in the text field:
Description: |
|
Filesize: |
12.38 KB |
Viewed: |
910 Time(s) |
|
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|