| View previous topic :: View next topic |
| Author |
Message |
Zaladine
Expert Cheater
 Reputation: 3
Joined: 14 Oct 2012
Posts: 129
Location: Djokdja, Indonesia
|
 Posted: Mon Dec 16, 2013 10:33 pm Post subject: How to copy a CE table entry into a register in AA script ? |
 |
|
So i have this entry in my CE table: MyPointer, and i want to use it to
compare a shared code (which decreases everyone HP), so i can prevent it
from decreasing mine...
I'm aware a little about registersymbol, yet what i need is something
that works the opposite way (getting value from CE table instead of creating
an entry from AA script). So, what do i have to do?
Thank you very much in advance for any help.
By the way, where can i obtain complete reference regard CE's AA Script
and LUA? I can't find it in CE help anyway...
_________________
... to boldly go where no eagle has gone before ... |
|
| Back to top |
|
 |
AbrasiveZealot
Newbie cheater
![]() Reputation: 0
Joined: 02 Jan 2011
Posts: 21
|
| Posted: Mon Dec 16, 2013 11:15 pm Post subject: |
|
|
If you really want you use your pointer for the comparison you can just set it up manually in the code. This is pretty inefficient, but it gets the job done.
| Code: |
push ebx
push ebp
mov ebx,["BaseAddress"]
mov ebp,dword [ebx+"Offset"]
add ebp,"Offset"
cmp esi,ebp
je SkipExec
pop ebp
pop ebx
|
|
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Tue Dec 17, 2013 12:36 am Post subject: |
|
|
If you prefer to do it this way, the easiest approach would be to set up a hotkey that will enable the script (and) set your hero health to some value that is really high...a value that the enemy health never reaches. That way, you can simply compare against the register that is handling all health values at that particular instruction.
However, you can compare against pointer values:
Double-click on your pointer address in your cheat table:
Write it out like so in your script (as an example):
| Code: | | cmp edi,[[[[[[[["AC4BFSP.exe"+009EE858]+1a4]+ec]+60]+5c]+98]+18]+30] |
In your case, I would not recommend this approach.
|
|
| Back to top |
|
|
Zaladine
Expert Cheater
Reputation: 3
Joined: 14 Oct 2012
Posts: 129
Location: Djokdja, Indonesia
|
| Posted: Tue Dec 17, 2013 1:50 am Post subject: |
|
|
Thanks for your replies...
Actually, i'm making my own zero recoil for Mass Effect 1. Just revisited it for past few days, and decided to create my own table for it...
The code snippet that i want to override is:
| Code: | fsub st(0),st(1)
fstp dword ptr [esp+0C]
fld dword ptr [esp+0C]
fld dword ptr [esp+10]
fld1
fsubrp st(1),st(0)
fmulp st(1),st(0)
faddp
fstp dword ptr [esi+000004A8] <--- the point of code injection
|
I want it so that the code injection will be executed only if [ESI] = [MyPointer].
So, Jamesc00ls0x, though i'm sure your solution could work well, i want to use my table entries optimally for the injection while learning other method as well. Nevertheless, much appreciate for your input...
Since there are lots of float pops involved, i'm kind of hesitate to inject even one push-pop between them. So, i prefer to use the example from ++METHOS, which my code injection snippet is something like this:
| Code: | newmem:
cmp esi, [[[[[[["MassEffect.exe"+offset]+bc]+48c]+1f4]+0]+48]+0] // like what ++METHOS suggested...
je originalcode
fmul dword ptr ["MassEffect.exe"+ED6404]
originalcode:
bla bla |
The injection is working perfectly up until now. Thanks...
If only there is much simpler like:
| Code: | | cmp esi, CTEntry_MyPointer |
...would be great.
Anyway, what did it mean by:
| ++METHOS wrote: | | In your case, I would not recommend this approach. |
Is there any specific risk or drawback on this?
_________________
... to boldly go where no eagle has gone before ... |
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Tue Dec 17, 2013 2:05 am Post subject: |
|
|
No drawbacks other than the obvious updates/patches that might shift your code and render your pointers useless.
I recommended not using this approach because I assumed you were trying to do something different. However, what you are doing is perfectly okay assuming your pointers are reliable.
|
|
| Back to top |
|
|
Zaladine
Expert Cheater
Reputation: 3
Joined: 14 Oct 2012
Posts: 129
Location: Djokdja, Indonesia
|
| Posted: Tue Dec 17, 2013 3:40 am Post subject: |
|
|
Thank you for your advice...
Having the game patched is out of my thinking, since it's quite old already.
And then there is well known bug at which the game crashed at the Galaxy Map
on Normandy. Up until now, i'm using the fix *crckd* executable which
eliminate the problem, and will assume the table will run on the same exe...
I guess the code injections should occupies AoB Scan in them...
And about the pointer(s), there were some of them of which were selected
from several pointer paths. The ones i'm using have been through some
tests include restarting the game in different states, etc. So, they should be
reliable yet i wouldn't dare to guarantee it will work 100% on other PCs...
_________________
... to boldly go where no eagle has gone before ... |
|
| Back to top |
|
|
pellik
Advanced Cheater
![]() Reputation: 0
Joined: 14 Jun 2013
Posts: 93
|
|
| Back to top |
|
|
Xathan
Advanced Cheater
![]() Reputation: 1
Joined: 19 Jun 2014
Posts: 72
|
| Posted: Sun Apr 26, 2015 6:49 pm Post subject: |
|
|
I know this is an old thread but it perfectly fits my needs 
The info here doesn't seem to work so far for me. Is there now a simple solution to compare against a pointer from my table?
If still not, then is there a way to do the following?
I want to compare like
| Code: | | cmp esi, [[[[[[["MassEffect.exe"+offset]+bc]+48c]+1f4]+0]+48]+0] |
but with eax because there is the pointer to my health. I tried
| Code: | originalcode:
cmp eax, [[[[[["THREADSTACK0"-00000734]+30]+80]+30]+228]+2fc]
je jumpover
mov [eax],ecx
jumpover:
mov esp,ebp
pop ebp |
but it seems like I compare the pointer address in eax with the value of the pointer. Do I need to copy the pointer address to edi/esi to make it work? The pointer is reliable and that would be a really useful solution to make a god mode work way better.
|
|
| Back to top |
|
|
Zanzer
I post too much
![]() Reputation: 126
Joined: 09 Jun 2013
Posts: 3278
|
| Posted: Sun Apr 26, 2015 6:54 pm Post subject: |
|
|
| Code: | push ecx
mov ecx,["THREADSTACK0"-00000734]
mov ecx,[ecx+30]
mov ecx,[ecx+80]
mov ecx,[ecx+30]
mov ecx,[ecx+228]
cmp eax,[ecx+2FC]
pop ecx
je is_player
|
|
|
| Back to top |
|
|
Xathan
Advanced Cheater
![]() Reputation: 1
Joined: 19 Jun 2014
Posts: 72
|
| Posted: Sun Apr 26, 2015 7:25 pm Post subject: |
|
|
Thanks for your fast response. Have debugged it and checked the correct offsets twice. The calculation is correct. But still it is not working.
Posting the code for complete information:
| Code: | [ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
label(jumpover)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
originalcode:
push ecx
mov ecx,["THREADSTACK0"-00000734]
mov ecx,[ecx+30]
mov ecx,[ecx+80]
mov ecx,[ecx+30]
mov ecx,[ecx+228]
cmp eax,[ecx+2FC]
pop ecx
je jumpover
mov [eax],ecx // overwrite health with calculated health
jumpover:
mov esp,ebp
pop ebp
exit:
jmp returnhere
"Core.dll"+4CE41:
jmp newmem
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
"Core.dll"+4CE41:
mov [eax],ecx
mov esp,ebp
pop ebp
//Alt: db 89 08 8B E5 5D |
Am I missing something? Also attached a screenshot of what writes to health address when getting hit. The assembler works but it seems like my comparison does not.
| Description: |
|
| Filesize: |
49.67 KB |
| Viewed: |
13687 Time(s) |
|
|
|
| Back to top |
|
|
panraven
Grandmaster Cheater
![]() Reputation: 61
Joined: 01 Oct 2008
Posts: 958
|
| Posted: Mon Apr 27, 2015 6:11 am Post subject: |
 |
|
Should it be?
| Code: |
...
mov ecx,[ecx+228]
lea ecx,[ecx+2FC]
cmp eax,ecx
pop ecx
je jumpover
...
|
|
|
| Back to top |
|
|
Xathan
Advanced Cheater
![]() Reputation: 1
Joined: 19 Jun 2014
Posts: 72
|
| Posted: Mon Apr 27, 2015 7:18 am Post subject: |
|
|
| That's the solution. Now it works fine. Thank you =)
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
