 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Should Dark Byte increase the priority of the MAC version? |
| yes |
|
75% |
[ 99 ] |
| no |
|
24% |
[ 32 ] |
|
| Total Votes : 131 |
|
| Author |
Message |
Dark Byte
Site Admin
 Reputation: 467
Joined: 09 May 2003
Posts: 25700
Location: The netherlands
|
 Posted: Mon May 08, 2017 3:47 am Post subject: |
 |
|
pointerscan will be added in future releases
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
 |
javier13javier
How do I cheat?
![]() Reputation: 0
Joined: 23 Aug 2017
Posts: 1
|
| Posted: Wed Aug 23, 2017 7:10 am Post subject: |
|
|
| hitmanex wrote: | | Dark Byte wrote: | | what is the exact error you get when you run the script using the auto assembler window (including typos) so i can see exactly why it fails. (it's based on 6.2 with some small things missing) |
i'm sorry it took this long i dont have access to my macbook now ill let you know all the info
i also would like to add that pointer scan for this address does nothing.. seems not functional at all
i have ran it as root and disabled system integrity checking..pointer scan does absolutely nothing |
I would like this feature too, i really need it xD
|
|
| Back to top |
|
|
DEF
How do I cheat?
![]() Reputation: 0
Joined: 07 Sep 2017
Posts: 2
|
| Posted: Thu Sep 07, 2017 12:54 pm Post subject: |
|
|
same 
|
|
| Back to top |
|
|
ignat980
Newbie cheater
![]() Reputation: 0
Joined: 08 Dec 2013
Posts: 10
Location: Russia
|
| Posted: Sat Sep 16, 2017 10:30 pm Post subject: |
|
|
What would be the best way to convert a windows auto-assemble script to a mac script? Like, first thing that is stumping me is things like | Code: | | define(address,"Game.exe"+124BDA) |
Removing the .exe extension does nothing, gives me a "This address specifier is not valid". Although I think it should be, I'm not exactly knowledgeable on how processes are named. Definitely without an exe extension though.
Fun fact, there's something out very similar called github[.]com/zorgiepoo/Bit-Slicer. I would recommend looking at its source. On macs there's process ID's which most terminal commands use (look up all processes with the command `ps aux`), which bit slicer uses as well. I'm not sure what the number cheat engine specifies next to the process is exactly, except some kind of memory address. It is sadly not the same address value as "Game.exe", at least I don't think it is. Another thing is that Bit Slicer scripts are written in python, which makes them more legible than assembly scripts. I'm no script expert, but I really want to learn how to convert windows scripts into mac scripts, be it from CE to CE or to this other program. I'm just not sure how the values correlate exactly.
Also I would be happy to test any new features out, I have both mac and windows machines.
|
|
| Back to top |
|
|
FreeER
Grandmaster Cheater Supreme
![]() Reputation: 53
Joined: 09 Aug 2013
Posts: 1091
|
| Posted: Sun Sep 17, 2017 6:20 am Post subject: |
|
|
@ignat980
This isn't really a question that relates to the source of CE... but anyways  edit: it's been moved lol kind of amazing that my post went to the correct place since I hadn't actually submitted it lol edit2: or was it always in Port To Mac in the Source area... idk I'd just woke up lol
define(address,"Game.exe"+124BDA) I'm not sure... can't seem to see anyone else creating auto assembler scripts on mac and I don't own one..... essentially that's just a nice syntax for CE to find the address of the Game.exe module and add 124BDA to it.
| ignat980 wrote: | | On macs there's process ID's |
windows has them too and I wouldn't be surprised if there were also some kind of numeric id for libraries (other than addresses), names are easier for humans which is why we have them.
| ignat980 wrote: | | Another thing is that Bit Slicer scripts are written in python, which makes them more legible than assembly scripts. |
I don't find
| Code: | #Inject our code from bitslicer
import VirtualMemoryError, DebuggerError
class Script(object):
def __init__(self):
ADDRESS_TO_HOOK_INTO = vm.base() + 0x12EA0 #pointing to some instruction in
memory self.destinationAddress = vm.allocatc()
self.originalBytes = debug.bytesBeforelnjection(ADDRESS_TO_HOOK_IKTO, self.destinationAddress)
debug.injectCode(ADDRESS_TO_HOOK_INTO, self.destinationAddress, debug.assemble("\n".join(('addss xmnO, (rbp-0xl8c)',"))))
del finish(self):
debug.writeBytes(ADDRESS_TO_HOOK_INTO, self.originalBytes)
vm.deallocate(self.destinationAddress)
|
(ocr and a few manual corrections)
https://youtu.be/z7L7XaG9rjs?t=8m52s
to be more readable than
| Code: | [ENABLE]
alloc(newmem,1024)
label(return)
newmem:
addss xmm0, [rbp-18C]
jmp return
"Game.exe"+12EA0:
jmp newmem
return:
[DISABLE]
"Game.exe"+12EA0:
xx xx xxx // the original bytes
|
In fact, it seems to have a bunch of long unnecessary words and class/OOP boilerplate garbage that clutter the meaning of the code but hey, CE has both templates and lua as well as a C-based plugin API, you can create a nice setup that lets you do hook("Game.exe+12EA0",{"addss xmm0, [rbp-18C]"}) if you want and share it with everyone. Just think of it as the difference between creating a library for someone to use in another programming language (bit slicer) vs creating a Domain Specific Language for use within your application (CE).
Last edited by FreeER on Sun Sep 17, 2017 8:25 am; edited 1 time in total |
|
| Back to top |
|
|
ignat980
Newbie cheater
![]() Reputation: 0
Joined: 08 Dec 2013
Posts: 10
Location: Russia
|
| Posted: Sun Sep 17, 2017 8:09 am Post subject: |
|
|
@FreeER
I just couldn't find the mac-specific Cheat Engine category, thought this was the best place to figure out how addresses change between windows and mac machines.
The reason I say it's more easy to read is because I still don't know assembly all too well, like I know what mov and jmp and alloc does, but then there's stuff like `cvtsi2ss xmm0, dword [ebx+0x321a97]` and `xor eax, [ebx+0x3d73a7]` and I'm like what does that do?? I think xor is like comparing. I (think) I can change them to read like python, which get changed to assembly. Maybe. Actually that sounds wrong... again I haven't been doing much memory scripting.
But I have been programming with python for two years now and I can easily write code for it. It becomes like you're almost reading english. Sure, you can argue that `debug.injectCode(ADDRESS_TO_HOOK_INTO, self.destinationAddress, debug.assemble("\n".join(('addss xmnO, (rbp-0xl8c)',"))))` is more wordy than `newmem: addss xmm0, [rbp-18C]`, but that's just the boilerplate. It can easily be extended to better suit your needs. Actually, I like the wordy-ness. Because then, I am exactly sure I know what is going on in that line.
Sucks that there's no auto assemble scripts that you can find for mac, I'm in the same boat :p guess there's always time for firsts! I really wish there was an auto-assembly tutorial for mac though... really difficult figuring this out through trial and error. Thanks for the reply.
|
|
| Back to top |
|
|
FreeER
Grandmaster Cheater Supreme
![]() Reputation: 53
Joined: 09 Aug 2013
Posts: 1091
|
| Posted: Sun Sep 17, 2017 8:45 am Post subject: |
|
|
Don't want to get too involved in this, just wanted to give an opinion
| ignat980 wrote: | | The reason I say it's more easy to read is because I still don't know assembly all too well |
wrapping it in more code isn't going to teach you assembly nor is it going to replace the need to learn assembly... xor is binary "exclusive or" (the ^ operator in many languages including C and python) whether that's used as a small/fast way to set something to 0 or encryption or swapping values without a third temporary location or binary logic depends on how the programmer chooses to use it. cvtsi2ss is the SSE instruction to convert a scalar integer to a scalar single precision float eg. a 4 byte value to a float. Take an assembly course for the basic instruction set (of which mov,xor,add,sub,nop,and,cmp,neq ... are part of) and use reference guides and google for the others, at least that's how I've learned over the years
| ignat980 wrote: | | Actually, I like the wordy-ness. Because then, I am exactly sure I know what is going on in that line. |
Having good function and variables names can make it read more like a sentence so if you're not sure what's going on then you can sit there reading it until you have a high level idea but it's unnecessary once you _do_ understand (and when there are relatively few things _to_ understand) and isn't going to ever teach you how it's actually implemented (WriteProcessMemory, dll injections etc. not that it needs to, CE really doesn't either lol). Prior to understanding it, that's what tutorials are for lol Though it is a completely fair point to make.
| ignat980 wrote: | | really difficult figuring this out through trial and error. Thanks for the reply. |
Indeed, that's why I'm grateful to people like Rydian, Geri, Sn34kyMofo, Chris Fayte (CheatTheGame) etc. who took the time to create tutorials for others after figuring things out
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
