Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


How to copy a CE table entry into a register in AA script ?

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
Zaladine
Expert Cheater
Reputation: 3

Joined: 14 Oct 2012
Posts: 130
Location: Djokdja, Indonesia

PostPosted: Mon Dec 16, 2013 10:33 pm    Post subject: How to copy a CE table entry into a register in AA script ? Reply with quote

So i have this entry in my CE table: MyPointer, and i want to use it to
compare a shared code (which decreases everyone HP), so i can prevent it
from decreasing mine...

I'm aware a little about registersymbol, yet what i need is something
that works the opposite way (getting value from CE table instead of creating
an entry from AA script). So, what do i have to do?

Thank you very much in advance for any help.

By the way, where can i obtain complete reference regard CE's AA Script
and LUA? I can't find it in CE help anyway...

_________________
... to boldly go where no eagle has gone before ...
Back to top
View user's profile Send private message
AbrasiveZealot
Newbie cheater
Reputation: 0

Joined: 02 Jan 2011
Posts: 21

PostPosted: Mon Dec 16, 2013 11:15 pm    Post subject: Reply with quote

If you really want you use your pointer for the comparison you can just set it up manually in the code. This is pretty inefficient, but it gets the job done.
Code:

push ebx
push ebp

mov ebx,["BaseAddress"]
mov ebp,dword [ebx+"Offset"]
add ebp,"Offset"

cmp esi,ebp
je SkipExec

pop ebp
pop ebx
Back to top
View user's profile Send private message
++METHOS
I post too much
Reputation: 92

Joined: 29 Oct 2010
Posts: 4197

PostPosted: Tue Dec 17, 2013 12:36 am    Post subject: Reply with quote

If you prefer to do it this way, the easiest approach would be to set up a hotkey that will enable the script (and) set your hero health to some value that is really high...a value that the enemy health never reaches. That way, you can simply compare against the register that is handling all health values at that particular instruction.

However, you can compare against pointer values:

Double-click on your pointer address in your cheat table:


Write it out like so in your script (as an example):
Code:
cmp edi,[[[[[[[["AC4BFSP.exe"+009EE858]+1a4]+ec]+60]+5c]+98]+18]+30]


In your case, I would not recommend this approach.
Back to top
View user's profile Send private message
Zaladine
Expert Cheater
Reputation: 3

Joined: 14 Oct 2012
Posts: 130
Location: Djokdja, Indonesia

PostPosted: Tue Dec 17, 2013 1:50 am    Post subject: Reply with quote

Thanks for your replies...

Actually, i'm making my own zero recoil for Mass Effect 1. Just revisited it for past few days, and decided to create my own table for it...

The code snippet that i want to override is:
Code:
fsub st(0),st(1)
fstp dword ptr [esp+0C]
fld dword ptr [esp+0C]
fld dword ptr [esp+10]
fld1
fsubrp st(1),st(0)
fmulp st(1),st(0)
faddp
fstp dword ptr [esi+000004A8] <--- the point of code injection

I want it so that the code injection will be executed only if [ESI] = [MyPointer].

So, Jamesc00ls0x, though i'm sure your solution could work well, i want to use my table entries optimally for the injection while learning other method as well. Nevertheless, much appreciate for your input...

Since there are lots of float pops involved, i'm kind of hesitate to inject even one push-pop between them. So, i prefer to use the example from ++METHOS, which my code injection snippet is something like this:

Code:
newmem:
cmp esi, [[[[[[["MassEffect.exe"+offset]+bc]+48c]+1f4]+0]+48]+0] // like what ++METHOS suggested...
je originalcode
fmul dword ptr ["MassEffect.exe"+ED6404]

originalcode:
bla bla

The injection is working perfectly up until now. Thanks...


If only there is much simpler like:
Code:
cmp esi, CTEntry_MyPointer

...would be great.


Anyway, what did it mean by:
++METHOS wrote:
In your case, I would not recommend this approach.

Is there any specific risk or drawback on this?

_________________
... to boldly go where no eagle has gone before ...
Back to top
View user's profile Send private message
++METHOS
I post too much
Reputation: 92

Joined: 29 Oct 2010
Posts: 4197

PostPosted: Tue Dec 17, 2013 2:05 am    Post subject: Reply with quote

No drawbacks other than the obvious updates/patches that might shift your code and render your pointers useless.

I recommended not using this approach because I assumed you were trying to do something different. However, what you are doing is perfectly okay assuming your pointers are reliable.
Back to top
View user's profile Send private message
Zaladine
Expert Cheater
Reputation: 3

Joined: 14 Oct 2012
Posts: 130
Location: Djokdja, Indonesia

PostPosted: Tue Dec 17, 2013 3:40 am    Post subject: Reply with quote

Thank you for your advice...

Having the game patched is out of my thinking, since it's quite old already.
And then there is well known bug at which the game crashed at the Galaxy Map
on Normandy. Up until now, i'm using the fix *crckd* executable which
eliminate the problem, and will assume the table will run on the same exe...

I guess the code injections should occupies AoB Scan in them...

And about the pointer(s), there were some of them of which were selected
from several pointer paths. The ones i'm using have been through some
tests include restarting the game in different states, etc. So, they should be
reliable yet i wouldn't dare to guarantee it will work 100% on other PCs...

_________________
... to boldly go where no eagle has gone before ...
Back to top
View user's profile Send private message
pellik
Advanced Cheater
Reputation: 0

Joined: 14 Jun 2013
Posts: 93

PostPosted: Sun Dec 22, 2013 11:03 am    Post subject: Reply with quote

http://wiki.cheatengine.org/index.php?title=Addresslist
Back to top
View user's profile Send private message
Xathan
Advanced Cheater
Reputation: 1

Joined: 19 Jun 2014
Posts: 72

PostPosted: Sun Apr 26, 2015 6:49 pm    Post subject: Reply with quote

I know this is an old thread but it perfectly fits my needs Wink

The info here doesn't seem to work so far for me. Is there now a simple solution to compare against a pointer from my table?

If still not, then is there a way to do the following?
I want to compare like
Code:
cmp esi, [[[[[[["MassEffect.exe"+offset]+bc]+48c]+1f4]+0]+48]+0]
but with eax because there is the pointer to my health. I tried
Code:
originalcode:
cmp eax, [[[[[["THREADSTACK0"-00000734]+30]+80]+30]+228]+2fc]
je jumpover
mov [eax],ecx
jumpover:
mov esp,ebp
pop ebp
but it seems like I compare the pointer address in eax with the value of the pointer. Do I need to copy the pointer address to edi/esi to make it work? The pointer is reliable and that would be a really useful solution to make a god mode work way better.
Back to top
View user's profile Send private message
Zanzer
I post too much
Reputation: 126

Joined: 09 Jun 2013
Posts: 3278

PostPosted: Sun Apr 26, 2015 6:54 pm    Post subject: Reply with quote

Code:
push ecx
mov ecx,["THREADSTACK0"-00000734]
mov ecx,[ecx+30]
mov ecx,[ecx+80]
mov ecx,[ecx+30]
mov ecx,[ecx+228]
cmp eax,[ecx+2FC]
pop ecx
je is_player
Back to top
View user's profile Send private message
Xathan
Advanced Cheater
Reputation: 1

Joined: 19 Jun 2014
Posts: 72

PostPosted: Sun Apr 26, 2015 7:25 pm    Post subject: Reply with quote

Thanks for your fast response. Have debugged it and checked the correct offsets twice. The calculation is correct. But still it is not working.

Posting the code for complete information:
Code:
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
label(jumpover)

newmem: //this is allocated memory, you have read,write,execute access
//place your code here

originalcode:
push ecx
mov ecx,["THREADSTACK0"-00000734]
mov ecx,[ecx+30]
mov ecx,[ecx+80]
mov ecx,[ecx+30]
mov ecx,[ecx+228]
cmp eax,[ecx+2FC]
pop ecx
je jumpover
mov [eax],ecx // overwrite health with calculated health
jumpover:
mov esp,ebp
pop ebp

exit:
jmp returnhere

"Core.dll"+4CE41:
jmp newmem
returnhere:


[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
"Core.dll"+4CE41:
mov [eax],ecx
mov esp,ebp
pop ebp
//Alt: db 89 08 8B E5 5D


Am I missing something? Also attached a screenshot of what writes to health address when getting hit. The assembler works but it seems like my comparison does not.
Back to top
View user's profile Send private message
panraven
Grandmaster Cheater
Reputation: 54

Joined: 01 Oct 2008
Posts: 941

PostPosted: Mon Apr 27, 2015 6:11 am    Post subject: This post has 1 review(s) Reply with quote

Should it be?

Code:

...
mov ecx,[ecx+228]
lea ecx,[ecx+2FC]
cmp eax,ecx
pop ecx
je jumpover
...
Back to top
View user's profile Send private message
Xathan
Advanced Cheater
Reputation: 1

Joined: 19 Jun 2014
Posts: 72

PostPosted: Mon Apr 27, 2015 7:18 am    Post subject: Reply with quote

That's the solution. Now it works fine. Thank you =)
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites