View previous topic :: View next topic |
Author |
Message |
NeoJesus How do I cheat? Reputation: 0
Joined: 30 May 2018 Posts: 5
|
Posted: Thu May 31, 2018 1:23 pm Post subject: Error .. (dq (double) 1): This instruction can't be compiled |
|
|
Greetings,
This code:
Code: | { Game : BoringManGame.exe
Version:
Date : 2018-05-31
Author : NeoJesus
This script does blah blah blah
}
// Defines address of to-be-replaced instructions
define(aAddrBase, "BoringManGame.exe" + 14C0F8)
// Defines bytes of to-be-replaced instructions
define(aBytes, 89 1F 8B 46 0C)
// Defines address of where instructions continue
// AFTER: jmp ... (replacement)
define(aAddrCont, "BoringManGame.exe" + 14C0FD)
[ENABLE]
// Terminates if the address of to-be-replaced
// instructions do not match the original bytes
assert(aAddrBase, aBytes)
// Allocates a fair amount of memory for
alloc(nMem, $1000)
label(aCode)
label(aData)
registersymbol(aCode)
registersymbol(aData)
// Registers symbol so it can be accessed in cheat-table
nMem:
// Sets the data to the double repr. of decimal 1.
aData:
dq (double) 1
// 1st 'mov' instruction + original instruction chain
// + 'jmp' instruction to continue with remaining code.
aCode:
mov aData,ebx
mov [edi],ebx
mov eax,[esi+0C]
jmp aAddrCont
// Changes the bytes at the address to jump to
// modified instruction chain
address:
jmp aCode
[DISABLE]
// Changes the bytes at the address to the original
// instruction pair
address:
db aBytes
// De-allocates the additional memory
dealloc(nMem)
unregistersymbol(aCode)
unregistersymbol(aData)
// Un-registers the symbol such that disabling
// the script sets cheat table value to '??' (I think) |
In Auto-Assembly gives me error (when I try to 'Execute'):
"Error in line 37 (dq (double) 1) :This instruction can't be compiled"
Note: I'm relatively new to this auto-assembly scripting.
I can't figure out why the "dq (double) 1" can't compile... and if there are any other problems with the code I'd highly appreciate learning of them.
Kind Regards,
NeoJ.
|
|
Back to top |
|
|
FreeER Grandmaster Cheater Supreme Reputation: 53
Joined: 09 Aug 2013 Posts: 1091
|
Posted: Thu May 31, 2018 1:47 pm Post subject: |
|
|
Code: | [ENABLE]
alloc(nMem, $1000)
nMem:
dq (double) 1
[DISABLE] | fails
Code: | [ENABLE]
alloc(nMem, $1000)
nMem:
dq (double)1
[DISABLE] | works
so.... apparently CE dislikes having whitespace ¯\_(ツ)_/¯
_________________
|
|
Back to top |
|
|
NeoJesus How do I cheat? Reputation: 0
Joined: 30 May 2018 Posts: 5
|
Posted: Thu May 31, 2018 3:10 pm Post subject: |
|
|
How to find base address in auto assembler script so I can `jmp` to `base address + offset + 6`? because `jmp aAddrCont` doesn't compile either. Thank you for the previous response btw, it fixed it!
P.S.: I've tried using globalAlloc instead of define, and it doesn't understand "BoringManGame.exe + 14C0FD"
Kind Regards,
NeoJ.
|
|
Back to top |
|
|
FreeER Grandmaster Cheater Supreme Reputation: 53
Joined: 09 Aug 2013 Posts: 1091
|
Posted: Thu May 31, 2018 3:23 pm Post subject: |
|
|
Try just jmp "BoringManGame.exe" + 14C0FD?
_________________
|
|
Back to top |
|
|
NeoJesus How do I cheat? Reputation: 0
Joined: 30 May 2018 Posts: 5
|
Posted: Thu May 31, 2018 4:00 pm Post subject: |
|
|
Attached image:
Error in line 45 (jmp "BoringManGame.exe" + 14C0FD) :This instruction can't be compiled
Description: |
|
Filesize: |
5.94 KB |
Viewed: |
3803 Time(s) |
|
|
|
Back to top |
|
|
FreeER Grandmaster Cheater Supreme Reputation: 53
Joined: 09 Aug 2013 Posts: 1091
|
Posted: Thu May 31, 2018 4:33 pm Post subject: |
|
|
are you attached to the game? also, try removing the spaces.
_________________
|
|
Back to top |
|
|
NeoJesus How do I cheat? Reputation: 0
Joined: 30 May 2018 Posts: 5
|
Posted: Thu May 31, 2018 6:24 pm Post subject: |
|
|
Removing the spaces solved it, I'll keep it in mind from now on thank you. I had to change part of my code however, the replacement code and it targets a new segment of the game now, but it accesses the same address.
Code: |
BoringManGame.exe+14B708 - DD 45 00 - fld qword ptr [ebp+00]
|
How can I go about (mov)ing [ebp+00] to [aData]?
I tried replacing:
Code: |
fld qword ptr [ebp+00]
pop edi
fstp qword ptr [esi]
pop esi
...
|
With:
Code: |
fld qword ptr [ebp+00]
pop edi
fst qword ptr [aData]
fstp qword ptr [esi]
pop esi
...
|
But the 'aData' variable stays at 0 and sometimes goes to unexpected high values despite that the original address (what is being accessed by "fld qword ptr [ebp+00]") stays as expected (so for example 5).
Note: I've attached screenshot of all sub-windows of the attempt.
Any idea how I can retrieve and store the value of the address being accessed by "fld qword ptr [ebp+00]" to symbol/variable 'aData'?
Kind Regards,
NeoJ.
Description: |
|
Filesize: |
278.28 KB |
Viewed: |
3783 Time(s) |
|
|
|
Back to top |
|
|
FreeER Grandmaster Cheater Supreme Reputation: 53
Joined: 09 Aug 2013 Posts: 1091
|
Posted: Thu May 31, 2018 6:28 pm Post subject: |
|
|
That seems like it should work... maybe check that it's not loading multiple values some of which are 0 and overwriting it?
_________________
|
|
Back to top |
|
|
|