Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


mono static fields

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting
View previous topic :: View next topic  
Author Message
salumor
Advanced Cheater
Reputation: 0

Joined: 14 Jan 2019
Posts: 81

PostPosted: Wed Dec 08, 2021 5:56 pm    Post subject: mono static fields Reply with quote

I do want to read vaules of a "public const int" from a unity game but whatever i tried I fail.

https://www.cheatengine.org/forum/viewtopic.php?t=608437
mono_class_findInstancesOfClassListOnly returns nothing

https://www.cheatengine.org/forum/viewtopic.php?t=608923
finds the values but returns simply 0 (base and offset)

I tried playing with many suff I found like f.e. on naming most promising "mono_class_getStaticFieldValue" but I never got to any result that would provide me with the int value i'm looking for. Is this still impossible or am I missing s.t. or ...?
Back to top
View user's profile Send private message
panraven
Grandmaster Cheater
Reputation: 40

Joined: 01 Oct 2008
Posts: 860

PostPosted: Wed Dec 08, 2021 8:12 pm    Post subject: Reply with quote

const does not have a memory location, it is compiled into the instruction that use the value.
For example, for a non const variable, like a instance mutable variable, it may be read as in such instruction:
mov rax,[rcx+140] /// rcx is the object base, +140 is offset for the variable, it has a memory location
for a const value, the instruction is like
mov rax,#1000 /// it has no memory location!!

So to modifier the const, one has to find what instructions use that const value, and modified the instruction.

_________________
- Retarded.
Back to top
View user's profile Send private message
salumor
Advanced Cheater
Reputation: 0

Joined: 14 Jan 2019
Posts: 81

PostPosted: Thu Dec 09, 2021 2:41 pm    Post subject: Reply with quote

Dang, I thought it would be more if the likes: mov rax,[12345678]
But the const is just jit compiled?

On that a question. [preinfo] the closest i got yet is mono_class_enumFields (with field addr etc) and cycling through array comparing ".name" (which I found but no way and addr. of a value). I am yet not that clear how these monofunctions work, took a look into monoscript.lua but it makes use of the monopipe so yeah ... [/preinfo]
My question: How do these functions get that information - some mono jit compilation? If so why shouldn't it also be possible to get the value?
Back to top
View user's profile Send private message
Csimbi
I post too much
Reputation: 82

Joined: 14 Jul 2007
Posts: 2870

PostPosted: Thu Dec 09, 2021 3:25 pm    Post subject: Reply with quote

panraven wrote:
const does not have a memory location, it is compiled into the instruction that use the value.

Actually, in mono, it does. Contants like zero, float 1, float 100, etc. are optimized to be in just one place, but they are stored somewhere.
In mono, only a very few constants are baked into the instruction.
Well, at least, the ones I saw thus far, anyhore.

Constants related to a class are usually near the class template itself - or the base class - and they are indeed accessed as mov rax,[1234567890].
They are just hard to find because they don't change.
Find a constant related to a class (only to that class), debug a function that uses such a constant, and then browse the memory at that address, they are all nearby.
Back to top
View user's profile Send private message
salumor
Advanced Cheater
Reputation: 0

Joined: 14 Jan 2019
Posts: 81

PostPosted: Thu Dec 09, 2021 5:21 pm    Post subject: Reply with quote

@Csimbi Oh , well thanks. Shocked I mean great ... just when Razz I found some ... other place with technically another value (though storing same info) just ... hardcoded text I can easily read. But it's still interesting Cool and may be usefull, esp on some other dynamic mono fnc I try to create. Exclamation

I tried to find some code I could check on, but the problem is that on that class all constants are read VERY early on gamestart only. So I thought mono features could help me. (There is one supposed to be runtime fnc, but it hasn't been called yet AND is very long so i dunno if i'll find the const there.)

Well maybe some high frequently attach & debug code could allow me checking on that, but it wont help me on the table. And well your method won't help me in lua code (or do you mean i should hook function x, read addr of const y and add offset z to wanted const?)

For now I guess I'll try to find another class with constants that I can check on to get the idea behind - as soon as I find the time for that. Rolling Eyes Embarassed

EDIT: Well that did work out, found s.t. but .... it won't help me with what I did want to achieve (lua script using a value from any unity game constant).


Last edited by salumor on Thu Dec 16, 2021 6:11 pm; edited 2 times in total
Back to top
View user's profile Send private message
panraven
Grandmaster Cheater
Reputation: 40

Joined: 01 Oct 2008
Posts: 860

PostPosted: Fri Dec 10, 2021 12:20 am    Post subject: Reply with quote

Csimbi wrote:
panraven wrote:
const does not have a memory location, it is compiled into the instruction that use the value.

Actually, in mono, it does. Contants like zero, float 1, float 100, etc. are optimized to be in just one place, but they are stored somewhere.
In mono, only a very few constants are baked into the instruction.
Well, at least, the ones I saw thus far, anyhore.

Constants related to a class are usually near the class template itself - or the base class - and they are indeed accessed as mov rax,[1234567890].
They are just hard to find because they don't change.
Find a constant related to a class (only to that class), debug a function that uses such a constant, and then browse the memory at that address, they are all nearby.


oh, you are right, I'm wrong.
Tho not totally wrong Smile
On Arm cpu it does encode at least some float into instruction too.

To try answer again, the const variable lack information where it used in the assembly, so it cannot be 'located' by mono-function or via 'usage' from a de-compiler. 'Where' the const use is a compiler (AOT/il2cpp or JIT) thing, whether it encoded in instruction or nearby memory of the used function.

_________________
- Retarded.
Back to top
View user's profile Send private message
Csimbi
I post too much
Reputation: 82

Joined: 14 Jul 2007
Posts: 2870

PostPosted: Sat Dec 11, 2021 4:56 pm    Post subject: Reply with quote

salumor wrote:
And well your method won't help me in lua code

Yeah, LUA code is a completely different beast.
I thought we were talking mono.

panraven wrote:

oh, you are right, I'm wrong.
Tho not totally wrong Smile
On Arm cpu it does encode at least some float into instruction too.

To be fair, it's all generated code - depending how how the current version of the Unity engine runs, it can go both ways. That said, it could change between different versions of the same game.
So, we are both right.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites