Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Cheat Engine Forum Index
PostGo back to topic
Csimbi
I post too much
Reputation: 94
Joined: 14 Jul 2007
Posts: 3110
PostPosted: Sun Oct 03, 2021 12:41 pm    Post subject: The mgr.inz.Player challenge
Hi all,
in absence of mgr.inz.Player, our resident LUA expert, I am not sure who could I turn to for help.

Are you may know, mgr.inz.Player built a LUA-based extention for custom templates. You can find my latest edits of his work here.

I would like to add jmp14 variants of them, so the injection code need to be tweaked as follows:
- look at the instruction and instead of replacing 5+ bytes worth of instructions, we'd need to replace 14+ bytes of instructions (to make sure there's always at least 14 byte for the extended jump we need to "round up" to the next complete instruction).
- No NOPs because when CE assembles a jmp14 by default, it will cause a crash.
- the return jump must point to the instruction behind the last instruction replaced.

Here's a sample of the original:
Code:
lblMoveSpeedCalc:
push rbx
//Alt: movss xmm1,[rsi+00000290]
//db F3 0F 10 8E 90 02 00 00
readmem(aobMoveSpeedCalc,8)
mov rbx,pCharComp
mov rbx,[rbx]
cmp rbx,rsi
jne short lblMoveSpeedCalcSkip
cmp dword ptr [bEnableMoveSpeedMod],1
jne short lblMoveSpeedCalcSkip
mulss xmm1,[fMoveSpeedMod]
lblMoveSpeedCalcSkip:
pop rbx
jmp lblMoveSpeedCalcRet
aobMoveSpeedCalc_i:
readmem(aobMoveSpeedCalc,8)

//CharacterComponent:UpdateMovement+1b03:
aobMoveSpeedCalc:
aobMoveSpeedCalc_r:
jmp lblMoveSpeedCalc
nop 3
lblMoveSpeedCalcRet:


And here's the manually created jmp14 version of it (ignore the fact I broken up the 16bytes into 2 pieces, a single 16byte array is just fine):
Code:
lblMoveSpeedCalc:
push rbx
//Alt: movss xmm1,[rsi+00000290]
//db F3 0F 10 8E 90 02 00 00
readmem(aobMoveSpeedCalc,8)
mov rbx,pCharComp
mov rbx,[rbx]
cmp rbx,rsi
jne short lblMoveSpeedCalcSkip
cmp dword ptr [bEnableMoveSpeedMod],1
jne short lblMoveSpeedCalcSkip
mulss xmm1,[fMoveSpeedMod]
lblMoveSpeedCalcSkip:
pop rbx
readmem(aobMoveSpeedCalc+08,8)
jmp lblMoveSpeedCalcRet
aobMoveSpeedCalc_i:
readmem(aobMoveSpeedCalc,16)

//CharacterComponent:UpdateMovement+1b03:
aobMoveSpeedCalc:
aobMoveSpeedCalc_r:
jmp lblMoveSpeedCalc
//nop 3
aobMoveSpeedCalc+10:
lblMoveSpeedCalcRet:


I there any among you who are up for the challlenge?
If you could update just one of the custom injection templates, I guess I could apply the same logic to the others.

Thank you!

PS.
In case you know what's up with mgr.inz.Player, please let me know.
Cheers!
Back to top
View user's profile Send private message
Post reviews:   Approve 1
Author Review
ByTransient
Review: Approve
Post reference:
ReviewPosted: Mon Nov 01, 2021 11:07 pm
Forever mgr .. Thanks..
Back to top
View user's profile Send private message
Display:  
Cheat Engine Forum Index


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites