Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


The mgr.inz.Player challenge

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting
View previous topic :: View next topic  
Author Message
Csimbi
I post too much
Reputation: 92

Joined: 14 Jul 2007
Posts: 3102

PostPosted: Sun Oct 03, 2021 12:41 pm    Post subject: The mgr.inz.Player challenge This post has 1 review(s) Reply with quote

Hi all,
in absence of mgr.inz.Player, our resident LUA expert, I am not sure who could I turn to for help.

Are you may know, mgr.inz.Player built a LUA-based extention for custom templates. You can find my latest edits of his work here.

I would like to add jmp14 variants of them, so the injection code need to be tweaked as follows:
- look at the instruction and instead of replacing 5+ bytes worth of instructions, we'd need to replace 14+ bytes of instructions (to make sure there's always at least 14 byte for the extended jump we need to "round up" to the next complete instruction).
- No NOPs because when CE assembles a jmp14 by default, it will cause a crash.
- the return jump must point to the instruction behind the last instruction replaced.

Here's a sample of the original:
Code:
lblMoveSpeedCalc:
push rbx
//Alt: movss xmm1,[rsi+00000290]
//db F3 0F 10 8E 90 02 00 00
readmem(aobMoveSpeedCalc,8)
mov rbx,pCharComp
mov rbx,[rbx]
cmp rbx,rsi
jne short lblMoveSpeedCalcSkip
cmp dword ptr [bEnableMoveSpeedMod],1
jne short lblMoveSpeedCalcSkip
mulss xmm1,[fMoveSpeedMod]
lblMoveSpeedCalcSkip:
pop rbx
jmp lblMoveSpeedCalcRet
aobMoveSpeedCalc_i:
readmem(aobMoveSpeedCalc,8)

//CharacterComponent:UpdateMovement+1b03:
aobMoveSpeedCalc:
aobMoveSpeedCalc_r:
jmp lblMoveSpeedCalc
nop 3
lblMoveSpeedCalcRet:


And here's the manually created jmp14 version of it (ignore the fact I broken up the 16bytes into 2 pieces, a single 16byte array is just fine):
Code:
lblMoveSpeedCalc:
push rbx
//Alt: movss xmm1,[rsi+00000290]
//db F3 0F 10 8E 90 02 00 00
readmem(aobMoveSpeedCalc,8)
mov rbx,pCharComp
mov rbx,[rbx]
cmp rbx,rsi
jne short lblMoveSpeedCalcSkip
cmp dword ptr [bEnableMoveSpeedMod],1
jne short lblMoveSpeedCalcSkip
mulss xmm1,[fMoveSpeedMod]
lblMoveSpeedCalcSkip:
pop rbx
readmem(aobMoveSpeedCalc+08,8)
jmp lblMoveSpeedCalcRet
aobMoveSpeedCalc_i:
readmem(aobMoveSpeedCalc,16)

//CharacterComponent:UpdateMovement+1b03:
aobMoveSpeedCalc:
aobMoveSpeedCalc_r:
jmp lblMoveSpeedCalc
//nop 3
aobMoveSpeedCalc+10:
lblMoveSpeedCalcRet:


I there any among you who are up for the challlenge?
If you could update just one of the custom injection templates, I guess I could apply the same logic to the others.

Thank you!

PS.
In case you know what's up with mgr.inz.Player, please let me know.
Cheers!
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Sun Oct 03, 2021 1:07 pm    Post subject: Reply with quote

jmp far
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Csimbi
I post too much
Reputation: 92

Joined: 14 Jul 2007
Posts: 3102

PostPosted: Mon Oct 04, 2021 3:38 am    Post subject: Reply with quote

Dark Byte wrote:
jmp far

Hi DB,
replacing jmp with jmp far may force a JMP14, but the rest of the template remains the same (everything else remains JMP5 in the generated AOB script, meaning I would still have to manually do all the adjustments).

Try Csimbi's AOB Injection Templates -> Csimbi's AOB; targets process, you will see what I mean.
Back to top
View user's profile Send private message
Csimbi
I post too much
Reputation: 92

Joined: 14 Jul 2007
Posts: 3102

PostPosted: Sun Oct 17, 2021 6:56 am    Post subject: Reply with quote

Took some time to understand mgr.inz.Player's magic and some tinkering of my own, but I managed to do it in the end.
I attached LUA script in the original thread.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites