| View previous topic :: View next topic |
| Author |
Message |
Zaladine
Expert Cheater
 Reputation: 3
Joined: 14 Oct 2012
Posts: 129
Location: Djokdja, Indonesia
|
 Posted: Sun Jan 05, 2014 12:35 pm Post subject: Q: Only one toggle of my script is working - [solved] |
 |
|
In Game.exe module, the original code snippet in disassemble window was:
| Code: | Game.exe+345591 - D9 96 90020000 - fst dword ptr [esi+00000290]
Game.exe+345597 - D9 44 24 20 - fld dword ptr [esp+20]
Game.exe+34559B - D9C9 - fxch st(1)
Game.exe+34559D - DFF1 - fcomip st(0),st(1)
Game.exe+34559F - DDD8 - fstp st(0)
Game.exe+3455A1 - 72 16 - jb Game.exe+3455B9 |
So i created a script which meant to act as a cheat toggle to alter both Game.exe+345591 and Game.exe+3455A1. My script was:
| Code: | [ENABLE]
"Game.exe"+39295F:
nop
nop
nop
nop
nop
nop
"Game.exe"+3455A1:
jmp Game.exe+3455B9
[DISABLE]
"Game.exe"+39295F:
fst dword ptr [esi+00000290]
"Game.exe"+3455A1:
jb Game.exe+3455B9 |
As i toggled the script on, only the first target code was altered. The disassembler was like this:
| Code: | Game.exe+345591 - 90 - nop <-- successfully modified
Game.exe+345592 - 90 - nop
Game.exe+345593 - 90 - nop
Game.exe+345594 - 90 - nop
Game.exe+345595 - 90 - nop
Game.exe+345596 - 90 - nop
Game.exe+345597 - D9 44 24 20 - fld dword ptr [esp+20]
Game.exe+34559B - D9C9 - fxch st(1)
Game.exe+34559D - DFF1 - fcomip st(0),st(1)
Game.exe+34559F - DDD8 - fstp st(0)
Game.exe+3455A1 - 72 16 - jb Game.exe+3455B9 <-- this one was somehow kept intact |
I should have made mistake because when i rewrote my script to throw away the first modification part to this:
| Code: | [ENABLE]
"Game.exe"+3455A1:
jmp Game.exe+3455B9
[DISABLE]
"Game.exe"+3455A1:
jb Game.exe+3455B9 |
still, the code remained intact. The code at "Game.exe"+3455A1 didn't change from JB to JMP.
What did i do wrong? How to solve this? Thank you very much in advance for replies.
_________________
... to boldly go where no eagle has gone before ...
Last edited by Zaladine on Mon Jan 06, 2014 5:25 am; edited 1 time in total |
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 471
Joined: 09 May 2003
Posts: 25819
Location: The netherlands
|
| Posted: Sun Jan 05, 2014 1:41 pm Post subject: |
|
|
In cheat engine disassembler press ctrl+g and go to "Game.exe"+3455A1
Confirm that the address is what you expect
Also, the first script address is wrong and should never have worked for the first part
And i doubt it helps but instead of jmp Game.exe+3455B9 try jmp "Game.exe"+3455B9
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Zaladine
Expert Cheater
Reputation: 3
Joined: 14 Oct 2012
Posts: 129
Location: Djokdja, Indonesia
|
|
| Back to top |
|
|
justa_dude
Grandmaster Cheater
 Reputation: 23
Joined: 29 Jun 2010
Posts: 893
|
| Posted: Sun Jan 05, 2014 5:12 pm Post subject: |
|
|
| Zaladine wrote: | | It was the 'Show Symbol' option in the disassembler view menu which screwed up my addresses interpretation and script... |
I've had some problems lately, too, with symbols not resolving with the locations I expect. I can highlight a line of code, start the code injection macro, and find that the symbol for the address it picks up doesn't match the address I have selected. It's weird.
|
|
| Back to top |
|
|
Zaladine
Expert Cheater
Reputation: 3
Joined: 14 Oct 2012
Posts: 129
Location: Djokdja, Indonesia
|
| Posted: Mon Jan 06, 2014 5:36 am Post subject: |
|
|
When 'Show Symbol' turned off, the target address was like:
Game.exe+123456
but when it turned on (it was unintentionally), the target address changed
to something like:
Game.System::blabla+21321
Anyhow, both of them pointed at the exactly same address... that's when
i got confused...
_________________
... to boldly go where no eagle has gone before ... |
|
| Back to top |
|
|
justa_dude
Grandmaster Cheater
Reputation: 23
Joined: 29 Jun 2010
Posts: 893
|
| Posted: Mon Jan 06, 2014 10:42 pm Post subject: |
|
|
| Zaladine wrote: | When 'Show Symbol' turned off, the target address was like:
Game.exe+123456
but when it turned on (it was unintentionally), the target address changed
to something like:
Game.System::blabla+21321
Anyhow, both of them pointed at the exactly same address... that's when
i got confused... |
Yeah, they are supposed to point at the same address. In most cases, it's useful to use the symbols instead of the base+offset pair because if the game gets patched, your code will likely still work unless the specific function or perhaps module you're hacking has also been altered.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
