Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Why is AOB Injection script does not work as expected

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
alex2102
How do I cheat?
Reputation: 0

Joined: 03 Dec 2024
Posts: 7
PostPosted: Fri Dec 06, 2024 12:27 pm    Post subject: Why is AOB Injection script does not work as expected Reply with quote
I'm using Cheat Engine to create AOB Injection script for single player game.
I have the following memory view:



The main goal is to modify xmmo,xmm1,xmm2 to update [rdx+offset] values. The modification is quite simple - declare a multiplier and multiply each of xmm.

I created a script that should do it:
```
[ENABLE]

aobscan(INJECT,48 89 6C 24 10 * * * * 40 * * * * 50) // should be unique
alloc(newmem,$1000,INJECT)

label(code)
label(return)
label(h)

registersymbol(h)
newmem:
vmulsd xmm0, xmm0,[h]
vmulsd xmm1, xmm1,[h]
vmulsd xmm2, xmm2,[h]

code:
mov [rsp+10],rbp
jmp return
h:
dd (float)0.5
INJECT:
jmp newmem
return:
registersymbol(INJECT)

[DISABLE]

INJECT:
db 48 89 6C 24 10

unregistersymbol(INJECT)
dealloc(newmem)
unregistersymbol(h)

{
// ORIGINAL CODE - INJECTION POINT: 1E09CB59EA7

1E09CB59E7D: 00 00 - add [rax],al
1E09CB59E7F: 00 44 8B 52 - add [rbx+rcx*4+52],al
1E09CB59E83: 08 49 C1 - or [rcx-3F],cl
1E09CB59E86: E2 03 - loop 1E09CB59E8B
1E09CB59E88: 49 3B C2 - cmp rax,r10
1E09CB59E8B: 0F 85 0F BE DB FC - jne 1E099915CA0
1E09CB59E91: 66 66 90 - nop 3
1E09CB59E94: 66 0F 1F 44 00 00 - nop word ptr [rax+rax+00]
1E09CB59E9A: 66 0F 1F 44 00 00 - nop word ptr [rax+rax+00]
1E09CB59EA0: 48 81 EC 18 00 00 00 - sub rsp,00000018
// ---------- INJECTING HERE ----------
1E09CB59EA7: 48 89 6C 24 10 - mov [rsp+10],rbp
// ---------- DONE INJECTING ----------
1E09CB59EAC: C5 FB 11 42 40 - vmovsd [rdx+40],xmm0
1E09CB59EB1: C5 FB 11 52 50 - vmovsd [rdx+50],xmm2
1E09CB59EB6: C5 FB 11 4A 48 - vmovsd [rdx+48],xmm1
```
It actually works, but it always multiply at 0 even though I specified 0.5 in the scipt. Here is a newmem view:


What am I doing wrong? Why **h** symbol does not have any value? Maybe there is a better way to do it?

F0dT3RMV.png
 Description:
 Filesize:  9.05 KB
 Viewed:  1202 Time(s)

F0dT3RMV.png
bq3Vz4Ur.png
 Description:
 Filesize:  6.41 KB
 Viewed:  1202 Time(s)

bq3Vz4Ur.png
Back to top
View user's profile Send private message
ParkourPenguin
I post too much
Reputation: 152

Joined: 06 Jul 2014
Posts: 4696
PostPosted: Fri Dec 06, 2024 12:41 pm    Post subject: Reply with quote
`vmulsd` - multiply scalar double
`h` should be `dq (double)0.5`

Also, use a more unique symbol name than "INJECT" for the injection point. If two different AOB injection scripts use the same symbolname, bad things will happen if both are enabled then disabled
_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
alex2102
How do I cheat?
Reputation: 0

Joined: 03 Dec 2024
Posts: 7
PostPosted: Sat Dec 07, 2024 8:39 am    Post subject: Reply with quote
ParkourPenguin, thanks, it fixed the problem
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites