| View previous topic :: View next topic |
| Author |
Message |
Drivium
Advanced Cheater
 Reputation: 0
Joined: 16 Apr 2013
Posts: 97
|
 Posted: Sat Mar 05, 2022 1:39 pm Post subject: r/w script to auto refresh when values move |
 |
|
Is there any way to make a +r+w aob keep refreshing?
For example, a script like this
| Code: | [ENABLE]
{$lua}
if syntaxcheck then return end
function aob_register(sym, pat)
instr = AOBScan(pat, "+r+w")
addy = instr[0]
instr.destroy()
addy = tonumber(addy, 16)
unregisterSymbol(sym)
registerSymbol(sym, addy)
end
aob_register("pPos1","2E BD BB B3 ?? ?? ?? ?? C0 CC 4C 3E ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? 33 33 33 40 EF EE EE 3F")
{$asm}
[DISABLE]
unregistersymbol(pPos1) |
I'd like it to refind this aob on its own
As it stands, I have to disable and reenable when values move
|
|
| Back to top |
|
 |
ParkourPenguin
I post too much
 Reputation: 152
Joined: 06 Jul 2014
Posts: 4706
|
| Posted: Sat Mar 05, 2022 1:59 pm Post subject: |
|
|
There is no r flag in the protections string.
Constantly scanning the process's entire address space just to update a single value seems like a ridiculous waste of resources to me. Code injection (search "injection copy") and/or pointers would be far better.
But if you must, use a timer. Search the forums (e.g. "createTimer") for examples.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
Drivium
Advanced Cheater
Reputation: 0
Joined: 16 Apr 2013
Posts: 97
|
| Posted: Sat Mar 05, 2022 5:21 pm Post subject: |
|
|
For context - this is for Bluestacks (an android emulator). Finding the coords of a character. Currently no way to hook instructions. So, all has to be done in memory. I tried a create time method, but maybe not doing it right. Here is what I tried:
| Code: | [ENABLE]
{$lua}
if syntaxcheck then return end
function aob_register(sym, pat)
instr = AOBScan(pat, "+r+w")
addy = instr[0]
instr.destroy()
addy = tonumber(addy, 16)
unregisterSymbol(sym)
registerSymbol(sym, addy)
end
if tm then tm.destroy() end
tm = createTimer()
tm.Interval = 1
tm.onTimer = function()
aob_register("pPos1","2E BD BB B3 ?? ?? ?? ?? C0 CC 4C 3E ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? 33 33 33 40 EF EE EE 3F")
end
{$asm}
[DISABLE]
unregistersymbol(pPos1)
{$lua}
tm.destroy()
|
It enables, but doesn't seem to update as I move my character as they normally do.
**EDIT: Started working, but yea - I can hear my PC working hard and values are a little sluggish to change. Is there any less resource intensive way to achieve this?
|
|
| Back to top |
|
|
ParkourPenguin
I post too much
Reputation: 152
Joined: 06 Jul 2014
Posts: 4706
|
| Posted: Sat Mar 05, 2022 7:36 pm Post subject: |
|
|
You might be able to install ceserver on the emulator and do something with that.
I don't have any experience with bluestacks, so I can't help you much. Maybe look at other people's tables (not necessarily for the same game) and see what they do.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
Drivium
Advanced Cheater
Reputation: 0
Joined: 16 Apr 2013
Posts: 97
|
| Posted: Sun Mar 06, 2022 3:11 pm Post subject: |
|
|
| I might not have explained well. This approach is not exclusive to Bluestacks. I'm just trying to understand if there's a good way to make it keep searching for the aob automatically.
|
|
| Back to top |
|
|
ParkourPenguin
I post too much
Reputation: 152
Joined: 06 Jul 2014
Posts: 4706
|
| Posted: Sun Mar 06, 2022 3:59 pm Post subject: |
|
|
No. I stand by my previous statement: it's ridiculous to constantly scan a process's entire address space just to update a single value.
I think it's a bad idea to do aobscans for mutable data regardless, but so many people do it that I don't find much meaning in talking about it.
Code injection (search "injection copy") and/or pointers are far better for automatically updating a value if it changes locations. (regardless of when this change occurs)
Emulators make that harder for obvious reasons. Approaching it from the same level as the emulated architecture might be easier (i.e. ceserver, or modify the rom directly).
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
Drivium
Advanced Cheater
Reputation: 0
Joined: 16 Apr 2013
Posts: 97
|
| Posted: Sun Mar 06, 2022 4:51 pm Post subject: |
|
|
| I've tried CE Server in bluestacks and DB himself says it's not quite there yet. I can make scripts via ce server, but enabling them always crashes. Bluestacks is the only emulator I've encountered this with. Console emulators all work fine with using instructions, so I don't know what makes android emulation different. That's beyond the scope of my question tho. Just know that I've thoroughly explored other avenues and I'm with you - I wouldn't use this method if it wasn't the only working method I've found. Was just hoping to improve on it by automating the refresh.
|
|
| Back to top |
|
|
AylinCE
Grandmaster Cheater Supreme
 Reputation: 37
Joined: 16 Feb 2017
Posts: 1528
|
| Posted: Sun Mar 06, 2022 6:01 pm Post subject: |
|
|
| Drivium wrote: | | I might not have explained well. This approach is not exclusive to Bluestacks. I'm just trying to understand if there's a good way to make it keep searching for the aob automatically. |
Don't always call Aob automatically.
Call aob once, (assign local to note the first found result) save it to the address list with a description and code a timer into Lua Script and signal it to read your aob code continuously.
If the value you set for it changes (the local you assigned), add something to the code.
If the above explanation helps you, I can suggest a suitable code for it.
_________________
|
|
| Back to top |
|
|
Drivium
Advanced Cheater
Reputation: 0
Joined: 16 Apr 2013
Posts: 97
|
| Posted: Sun Mar 06, 2022 6:10 pm Post subject: |
|
|
| Yes, I love that idea. How would I go about it?
|
|
| Back to top |
|
|
ParkourPenguin
I post too much
Reputation: 152
Joined: 06 Jul 2014
Posts: 4706
|
| Posted: Sun Mar 06, 2022 7:08 pm Post subject: |
|
|
You can add a hotkey to make it easier to run.
As AylinCE said, if you can identify when the value becomes invalid, you can automatically trigger an aobscan then.
Data will usually be aligned to some amount. You can use the fast scan options to speed up scans somewhat.
Assuming the aob signature is unique, you can use that to exit a scan early. (AOBScanUnique, MemScan.IsUnique)
If you know it's going to be in a particular memory region, you can enumerate the memory regions (enumMemoryRegions) and only scan in certain regions (MemScan class). Maybe look at the memory regions' sizes and/or reuse the region the previous result was in.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
AylinCE
Grandmaster Cheater Supreme
Reputation: 37
Joined: 16 Feb 2017
Posts: 1528
|
| Posted: Sun Mar 06, 2022 10:07 pm Post subject: |
|
|
Define new replacement code for "orgValue" in Timer.
When you activate the CheckBox, the code will be ready in the address list and the timer will check if the code has changed.
If the aob code changes, "orgValue" will fix it over and over.
Disable CheckBox to turn off the timer.
To activate it again, the Address list will be cleared.
| Code: |
if form then form.destroy() form=nil end
form = createForm()
form.Position = poDesktopCenter
form.Popupmode = 0;
form.Width = 320
form.Height = 240
local MtvChk2 = createCheckBox(form)
MtvChk2.setPosition(50,50) MtvChk2.caption="Code deActive"
if codeTim then codeTim.Destroy() codeTim=nil end
codeTim=createTimer() codeTim.Interval=50 codeTim.Enabled=false
function getByteString(address, bytecount)
local bytes = readBytes(address, bytecount, true)
if bytes then
local result = ""
for i = 1, #bytes do
if #result > 0 then result = result .. " " end
result = result .. string.format("%02X", bytes[i]) end
return result end
end
local addressList = getAddressList()
local mr1
local orgValue=""
local newValue=""
function addAddres1(adrr,adrr1)
local memRec = addressList.createMemoryRecord()
memRec.Type=8
memRec.ShowAsHex=true
memRec.Description= 'MyDescription'
memRec.Address=adrr
memRec.Value=adrr1
end
MtvChk2.OnChange=function()
local search=tostring("2E BD BB B3 ?? ?? ?? ?? C0 CC 4C 3E ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? 33 33 33 40 EF EE EE 3F")
if MtvChk2.checked==true then
local aobs1=AOBScan(search)
if aobs1~=nil then
aobs2=(getByteString(stringlist_getString(aobs1,1-1), 24))
addAddres1(stringlist_getString(aobs1,1-1),aobs2)
mr1 = addressList.getMemoryRecordByDescription("MyDescription")
if mr1 then
MtvChk2.caption="Code Active"
codeTim.Enabled=true
end
end
else -- hack deactive -- address delete ..
codeTim.Enabled=false
addrCnt = addresslist_getCount(addressList)
if addrCnt>0 then
memoryrecord_delete(addresslist_getMemoryRecord(addressList,"MyDescription"))
end
MtvChk2.caption="Code deActive"
end
end
codeTim.OnTimer=function()
--your search result value:
orgValue="" --your replace aob code
newValue=mr1.Value
if newValue~=orgValue then
mr1.Value=orgValue
newValue=mr1.Value
end
end |
_________________
|
|
| Back to top |
|
|
Drivium
Advanced Cheater
Reputation: 0
Joined: 16 Apr 2013
Posts: 97
|
| Posted: Mon Mar 07, 2022 9:45 am Post subject: |
|
|
I'm not sure how to implement this. Does this replace my existing cheat or go with it?
I put your script in Table > Show Cheat Table Lua Script. Then executed it. I activated the box in the form that came up. I'm not clear what's supposed to happen or how to prep my existing code to work with this.
Edit: Just noticed it added a cheat with my aob to the list. Not sure what to do with that.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
