 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Chase Payne
Grandmaster Cheater
 Reputation: 1
Joined: 20 Mar 2008
Posts: 533
|
 Posted: Sat Apr 19, 2008 12:36 am Post subject: Noob Minesweeper script |
 |
|
| Code: | [ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048) //2kb should be enough
label(returnhere)
label(originalcode)
label(exit)
alloc(Mines,2048)
registersymbol(Mines)
01001E76:
jmp newmem
nop
returnhere:
newmem:
push eax
mov [010056a4],eax
mov [Mines],eax
pop eax
jmp returnhere //this is allocated memory, you have read,write,execute access
//place your code here
originalcode:
//mov [010056a4],ecx
exit:
jmp returnhere
[DISABLE]
dealloc(newmem)
dealloc(Mines)
unregistersymbol(Mines)
01001E76:
mov [010056a4],ecx
//code from here till the end of the code will be used to disable the cheat
|
I have tried everything to make this work, but the miens dont go to 1... they just lower to 12 or 24, and crash on beginner.... any sugesstions on how to make it work? I know its a worthless cript... but I'm trying to learn.
I will +rep the person who explains what I should do and very detailed.
|
|
| Back to top |
|
 |
Psy
Grandmaster Cheater Supreme
![]() Reputation: 1
Joined: 27 Mar 2008
Posts: 1366
|
| Posted: Sat Apr 19, 2008 2:54 am Post subject: |
|
|
What are you using to do this?
Have you done this table or is it from someone else.
Without popping open minesweeper myself, this areas looks suspect:
| Code: |
mov [010056a4],eax
mov [Mines],eax
|
|
|
| Back to top |
|
|
Chase Payne
Grandmaster Cheater
Reputation: 1
Joined: 20 Mar 2008
Posts: 533
|
| Posted: Sat Apr 19, 2008 9:51 am Post subject: |
|
|
| What im trying to do is make the new adress Mines control how many mines you have. So I figured if I store the adress in EAX it might work.
|
|
| Back to top |
|
|
Psy
Grandmaster Cheater Supreme
![]() Reputation: 1
Joined: 27 Mar 2008
Posts: 1366
|
| Posted: Sat Apr 19, 2008 10:51 am Post subject: |
|
|
You're guessing what to do.
You can't just decide you will stick something into a register and hope for the best, coz its never gonna work.
Read tuts, study other AA scripts... you'll get better real quick 
|
|
| Back to top |
|
|
HalfPrime
Grandmaster Cheater
![]() Reputation: 0
Joined: 12 Mar 2008
Posts: 532
Location: Right there...On your monitor
|
| Posted: Sat Apr 19, 2008 11:25 am Post subject: |
|
|
Stores the value of EAX into the address pointed to by Mines
this stores the value of EAX into the address pointed to by [010056a4] which I assume is the number of mines. Problem is, you just pushed EAX right before, so I have no idea what EAX is at that point.
|
|
| Back to top |
|
|
Chase Payne
Grandmaster Cheater
Reputation: 1
Joined: 20 Mar 2008
Posts: 533
|
| Posted: Sat Apr 19, 2008 11:35 am Post subject: |
|
|
| what do you mean? People say you always push the stack before changing anything so nothing screws up... even without push the script doesn't work.
|
|
| Back to top |
|
|
Labyrnth
Moderator
![]() Reputation: 10
Joined: 28 Nov 2006
Posts: 6301
|
| Posted: Sat Apr 19, 2008 12:19 pm Post subject: |
|
|
| Chase when you change the address of how many mines you have , im sure you got to hit F2 on minesweeper to reset the game so it can not draw but 1 mine, If you change it after all the mines are drawn it will still have them all.
|
|
| Back to top |
|
|
Chase Payne
Grandmaster Cheater
Reputation: 1
Joined: 20 Mar 2008
Posts: 533
|
| Posted: Sat Apr 19, 2008 10:45 pm Post subject: |
|
|
Did any of you actually tried the script... of course I know to hit f2 to make sure the mines update, but the idea of this script was to make the registered address ''mines'' to change the number of mines.
I'm not guessing what to do.
| Quote: | | Dark Byte wrote: | I am assuming you have read the info about auto assembler scripts in cheat tables: http://forum.cheatengine.org/viewtopic.php?t=4868
Let's continue with explaining the use of registersymbol and unregistersymbol.
When you have registered a symbol by either manually inputting it in the userdefined symbollist in the memory view, or by registering it by auto assemble script, you can then use it as if it is a normal address.
So, if you allocate some memory, and store a address there using the script, you can then easily access it by it's name.
Let's take a look at the auto assembler script of the pinball tutorial, and change it slightly:
| Code: |
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
registersymbol(pointertoballs) //add "pointertoballs" to the userdefined symbollist
alloc(newmem,2048) //2kb should be enough
alloc(pointertoballs,4)
label(returnhere)
label(originalcode)
label(exit)
Pinball.exe+175b7:
jmp newmem
nop
returnhere:
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
mov [pointertoballs],esi //store the base address to pointertoballs
originalcode:
mov [esi+00000146],eax
exit:
jmp returnhere
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
unregistersymbol(pointertoballs)
dealloc(newmem)
dealloc(pointertoballs)
Pinball.exe+175b7:
mov [esi+00000146],eax
|
as you see, I allocated 4 extra bytes to store the register value of esi in, and registered that address, and deallocate that memory in the disable part, and unregister it (so it becomes useless after disabling it)
I could have used:
[qoute]
push eax
lea eax,[esi+146]
mov [pointertoballs],eax
pop eax
[/qoute]
to store the exact address, but let's keep it easy for people with only a little assembler knowledge
One downside is of course that after enabling the script, the address doesn't immediately hold the right value, but only after it has been executed. So keep that in mind.
Another thing is that addresses that use the symbolname pointertoballs only get updated after a few seconds, so the first few seconds it may be pointing at a old address. One way to get by this is rightclick and choose "force recheck symbols"
anyhow, when the script has been executed you can use it for all sorts of useful things, like a base pointer... |
|
As you can clearly see his registered address is moving into esi. And it works. My question is how mine doesn't.
|
|
| Back to top |
|
|
HalfPrime
Grandmaster Cheater
![]() Reputation: 0
Joined: 12 Mar 2008
Posts: 532
Location: Right there...On your monitor
|
| Posted: Sun Apr 20, 2008 1:23 pm Post subject: |
|
|
| Code: | mov [pointertoballs],esi //store the base address to pointertoballs
|
Is what you're missing. Mines is just garbage data so it's pointing to some random place in memory, not to where the mines are kept.
|
|
| Back to top |
|
|
Labyrnth
Moderator
![]() Reputation: 10
Joined: 28 Nov 2006
Posts: 6301
|
| Posted: Sun Apr 20, 2008 1:32 pm Post subject: |
|
|
Pointertoballs is a code cave.
And is getting filled with the bytes from esi.
Also another thing, chase in your script you still have the original address's code in place.
Try this script:
| Code: |
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
registersymbol(pointertoballs) //add "pointertoballs" to the userdefined symbollist
alloc(newmem,2048) //2kb should be enough
alloc(pointertoballs,4)
label(returnhere)
label(originalcode)
label(exit)
Pinball.exe+175b7:
jmp newmem
nop
returnhere:
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
mov [pointertoballs],esi //store the base address to pointertoballs
mov [esi+00000146],eax
originalcode:
exit:
jmp returnhere
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
Pinball.exe+175b7:
mov [esi+00000146],eax
unregistersymbol(pointertoballs)
dealloc(newmem)
dealloc(pointertoballs)
|
|
|
| Back to top |
|
|
Chase Payne
Grandmaster Cheater
Reputation: 1
Joined: 20 Mar 2008
Posts: 533
|
| Posted: Mon Apr 21, 2008 11:00 pm Post subject: |
|
|
this is the correct script
Lab gave me a big hint... and I jsut realised it after I made this script ... bytes are writing to esi
| Code: | [ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048) //2kb should be enough
label(returnhere)
label(originalcode)
label(exit)
alloc(Mines,2048)
registersymbol(Mines)
01001E76:
jmp newmem
nop
returnhere:
newmem:
push ecx
mov [010056a4],ecx
mov ecx,#0
pop ecx
push eax
mov eax,#0
add eax,[Mines]
mov [010056a4],eax
pop eax
jmp returnhere //this is allocated memory, you have read,write,execute access
//place your code here
originalcode:
//mov [010056a4],ecx
exit:
jmp returnhere
[DISABLE]
dealloc(newmem)
dealloc(Mines)
unregistersymbol(Mines)
01001E76:
mov [010056a4],ecx
//code from here till the end of the code will be used to disable the cheat
|
I made mines 0, then I made the mines add from the new adress called MINES that's all I wanted.... but thanks for the help anyways [
| Quote: | | You can't just decide you will stick something into a register and hope for the best |
Well with this script you can just store something in eax and does what it's told....
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
