Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


[SOLVED] CE Auto Assemble inserts unexpected code

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
Peeszdyetc
How do I cheat?
Reputation: 0

Joined: 27 Jun 2023
Posts: 4
PostPosted: Tue Jun 27, 2023 2:53 pm    Post subject: [SOLVED] CE Auto Assemble inserts unexpected code Reply with quote
AA (Auto Assemble) script I have:

Code:
[Enable]
label(back)

mb_warband.exe+B0863:
jmp   007BDB6D
back:
call mb_warband.exe+B00D0

007BDB6D:
jmp back

[Disable]
mb_warband.exe+B0863:
call mb_warband.exe+B00D0


Memory before AA execution

Code:
mb_warband.exe+B0860 - 50                    - push eax
mb_warband.exe+B0861 - 8B CB                 - mov ecx,ebx
mb_warband.exe+B0863 - E8 68F8FFFF           - call mb_warband.exe+B00D0
mb_warband.exe+B0868 - 8B E8                 - mov ebp,eax
mb_warband.exe+B086A - 8B 3D A0F38500        - mov edi,[mb_warband.exe+45F3A0]
mb_warband.exe+B0870 - 8B 44 24 2C           - mov eax,[esp+2C]


Memory after AA exaction

Code:
mb_warband.exe+B0860 - 50                    - push eax
mb_warband.exe+B0861 - 8B CB                 - mov ecx,ebx
mb_warband.exe+B0863 - E9 05D33000           - jmp mb_warband.exe+3BDB6D
mb_warband.exe+B0868 - E8 63F8FFFF           - call mb_warband.exe+B00D0
mb_warband.exe+B086D - F3 85 00              - repe test [eax],eax
mb_warband.exe+B0870 - 8B 44 24 2C           - mov eax,[esp+2C]


What a hell is 'repe test' that i wasn't expected to see after script execution at all? Because of it game crashes when reaches this memory area. When I remove this unexpected bonus added by AA manually via Memory Viewer and fill with nop's - everything works good.

Nop'd version:
Code:
mb_warband.exe+B0860 - 50                    - push eax
mb_warband.exe+B0861 - 8B CB                 - mov ecx,ebx
mb_warband.exe+B0863 - E9 05D33000           - jmp mb_warband.exe+3BDB6D
mb_warband.exe+B0868 - E8 63F8FFFF           - call mb_warband.exe+B00D0
mb_warband.exe+B086D - 90                    - nop
mb_warband.exe+B086E - 90                    - nop
mb_warband.exe+B086F - 90                    - nop
mb_warband.exe+B0870 - 8B 44 24 2C           - mov eax,[esp+2C]



So, how to prevent AA from doing this?
P.S. AA not even remove this 'repe test' when I disable this script.

Last edited by Peeszdyetc on Sat Jul 01, 2023 3:51 pm; edited 1 time in total
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 470

Joined: 09 May 2003
Posts: 25812
Location: The netherlands
PostPosted: Tue Jun 27, 2023 4:45 pm    Post subject: Reply with quote
that is because after you overwrite call mb_warband.exe+B00D0 with jmp 007BDB6D you write a call mb_warband.exe+B00D0
which overwrites the 5 bytes at
Code:

mb_warband.exe+B0868 - 8B E8                 - mov ebp,eax
mb_warband.exe+B086A - 8B 3D A0F38500        - mov edi,[mb_warband.exe+45F3A0]


and as you can see, F3 85 00 will be left


What might work better:
Code:

[Enable]
label(back)

mb_warband.exe+B0863:
jmp   007BDB6D
back:


007BDB6D:
call mb_warband.exe+B00D0
jmp back

[Disable]
mb_warband.exe+B0863:
call mb_warband.exe+B00D0


It might also help to look into the alloc command in case 007BDB6D is non-executable
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Peeszdyetc
How do I cheat?
Reputation: 0

Joined: 27 Jun 2023
Posts: 4
PostPosted: Sat Jul 01, 2023 2:47 pm    Post subject: Reply with quote
Dark Byte wrote:
that is because after you overwrite call mb_warband.exe+B00D0 with jmp 007BDB6D you write a call mb_warband.exe+B00D0
which overwrites the 5 bytes at
Code:

mb_warband.exe+B0868 - 8B E8                 - mov ebp,eax
mb_warband.exe+B086A - 8B 3D A0F38500        - mov edi,[mb_warband.exe+45F3A0]


and as you can see, F3 85 00 will be left


What might work better:
Code:

[Enable]
label(back)

mb_warband.exe+B0863:
jmp   007BDB6D
back:


007BDB6D:
call mb_warband.exe+B00D0
jmp back

[Disable]
mb_warband.exe+B0863:
call mb_warband.exe+B00D0


It might also help to look into the alloc command in case 007BDB6D is non-executable


Thank you! This clears up things.
Solved.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites