| View previous topic :: View next topic |
| Author |
Message |
ZeroAinz
How do I cheat?
![]() Reputation: 0
Joined: 03 Sep 2021
Posts: 7
|
 Posted: Sun Dec 10, 2023 3:50 am Post subject: Mono Features - error with address and symbols while try AA |
 |
|
hi, i already tried to find something on forum about this, maybe there is something but i don't understand it because my english is bad  ... sorry
the problem is when i try code inject : | Code: | | System.Collections.Generic.Dictionary`2[Verse.ResearchProjectDef,System.Single]:TryInsert+14d |
in the AA i get an error, image in attach
tried with find this address with aob... with a long array of bytes but it always get from 7 to 15 results
I know the symbols in the address are the problem... but i can't figure put how to solve it
| Description: |
|
| Filesize: |
32.53 KB |
| Viewed: |
3256 Time(s) |
|
| Description: |
|
| Filesize: |
6.82 KB |
| Viewed: |
3256 Time(s) |
|
Last edited by ZeroAinz on Sun Dec 10, 2023 6:52 am; edited 1 time in total |
|
| Back to top |
|
 |
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Sun Dec 10, 2023 4:04 am Post subject: |
|
|
| You can try turning off 'Show symbols' before creating your script, then turning it back on.
|
|
| Back to top |
|
|
ZeroAinz
How do I cheat?
![]() Reputation: 0
Joined: 03 Sep 2021
Posts: 7
|
| Posted: Sun Dec 10, 2023 4:11 am Post subject: |
|
|
| yes this works, but at first restart the address of instruction change, the AA do not work and in this case there is no advantage of mono
|
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Sun Dec 10, 2023 4:20 am Post subject: |
|
|
I'm not sure how to bypass the problem symbols so that CE will compile for you. I have always just expanded AOB signature and included wildcard entries as needed in order to get a unique result. You can also restrict the scan region. Could be something basic that I am not aware of, though.
You can still use the mono data to determine what/where stuff is. Hopefully, someone can chime in with a better solution for you.
|
|
| Back to top |
|
|
ZeroAinz
How do I cheat?
![]() Reputation: 0
Joined: 03 Sep 2021
Posts: 7
|
| Posted: Sun Dec 10, 2023 4:26 am Post subject: |
|
|
thanks .... with aob like this it get 7-15 results :
| Code: | | F3 0F 11 68 10 49 63 47 44 FF C0 41 89 47 44 B8 01 00 00 00 E9 ** ** ** ** 0F B6 45 90 83 F8 02 0F 84 ** ** ** ** 33 C0 E9 ** ** ** ** 41 FF C4 49 8B 47 18 48 63 CE 39 48 18 0F 86 ** ** ** ** 48 6B C9 18 48 03 C1 48 83 C0 20 48 63 70 04 85 F6 0F 8D ** ** ** ** 49 63 47 4C 85 C0 0F 8E ** ** ** ** 49 63 5F 48 49 8B 47 18 48 63 CB 39 48 18 0F 86 ** ** ** ** 48 6B C9 18 48 03 C1 48 83 C0 20 48 63 40 04 41 89 47 48 49 63 47 4C FF C8 41 89 47 4C E9 ** ** ** ** 49 63 47 40 49 8B 4F 18 48 63 49 18 3B C1 75 26 49 8B CF 48 8D 64 24 00 49 BB ** ** ** ** ** ** ** ** 41 FF D3 49 8B 47 10 48 63 48 18 49 8B C6 99 F7 F9 4C 8B EA 49 63 5F 40 |
|
|
| Back to top |
|
|
Bloodybone
Newbie cheater
![]() Reputation: 0
Joined: 07 Dec 2016
Posts: 21
Location: Germany
|
| Posted: Sun Dec 10, 2023 6:56 am Post subject: |
|
|
You could try putting the symbol into quotes and see if that works:
| Code: | | "System.Collections.Generic.Dictionary`2[Verse.ResearchProjectDef,System.Single]:TryInsert+14d" |
|
|
| Back to top |
|
|
ZeroAinz
How do I cheat?
![]() Reputation: 0
Joined: 03 Sep 2021
Posts: 7
|
| Posted: Sun Dec 10, 2023 7:50 am Post subject: |
|
|
| Bloodybone wrote: | You could try putting the symbol into quotes and see if that works:
| Code: | | "System.Collections.Generic.Dictionary`2[Verse.ResearchProjectDef,System.Single]:TryInsert+14d" |
|
do not work.... i found that my error come out using lua engine too
| Code: | local adr = getAddress('System.Collections.Generic.Dictionary`2[Verse.ResearchProjectDef,System.Single]:TryInsert+14d')
print(adr) |
| Code: | local adr1 = getAddress('RimWorld.SkillRecord:Learn+12c')
print(adr1) |
but this work...no strange symbol like `[] and it works in AA too
it seems the problem is how ce get this symbols
|
|
| Back to top |
|
|
ParkourPenguin
I post too much
 Reputation: 150
Joined: 06 Jul 2014
Posts: 4651
|
| Posted: Sun Dec 10, 2023 12:20 pm Post subject: |
|
|
I don't know how to solve this problem (maybe `findmonomethod` AA call in monoscript.lua), but I wouldn't try to inject there to begin with. A dictionary insert is a pretty generic injection point. I'd go up the callstack and either change arguments to a call or replace a call with nops.
Right click instruction, break and trace, step over instead of single step, max count 500, do action in game that triggers breakpoint, and expand all. Go up the callstack until you get to something that's not generic.
The injection point can't be called to run by several different things. If it is, there's no guarantee the trace will be relevant. Instead, use a data breakpoint on the value you want. Go to the address of the value in the data view (bottom half of memory viewer), view memory as the relevant value type (right click menu -> Display Type), right click on the value -> data breakpoint -> break and trace, file -> new trace, then continue with the previous options. You might also need to set a condition on the breakpoint so that it only starts when you want it to. e.g. RIP = address of the instruction after the instruction that accesses it (data breakpoints trigger after the instruction has executed).
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
ZeroAinz
How do I cheat?
![]() Reputation: 0
Joined: 03 Sep 2021
Posts: 7
|
| Posted: Sun Dec 10, 2023 1:46 pm Post subject: |
|
|
| ParkourPenguin wrote: | | I don't know how to solve this problem (maybe `findmonomethod` AA call in monoscript.lua), but I wouldn't try to inject there to begin with. A dictionary insert is a pretty generic injection point. I'd go up the callstack and either change arguments to a call or replace a call with nops. |
In this case the game call it just for only research progress and nothing else pass througt this instructions.... i think unity jit this method only for one single function....
in my case i would like to have access to this progress, because i like to do something like 1.5x,5x,10x faster research....
ps. sorry for my english
|
|
| Back to top |
|
|
ZeroAinz
How do I cheat?
![]() Reputation: 0
Joined: 03 Sep 2021
Posts: 7
|
| Posted: Mon Dec 11, 2023 3:30 pm Post subject: |
|
|
for now...i tried to do somthing in the monoscript.lua.... but nothing help, it's somthing wrong when lua get nesting info from monopipe... i think  , found a bug for ages
....
replicate :
get RimWorld, my version is : 1.4.3682
find one of this results :
| Code: | | F3 0F 11 68 10 49 63 47 44 FF C0 41 89 47 44 B8 01 00 00 00 E9 ** ** ** ** 0F B6 45 90 83 F8 02 0F 84 ** ** ** ** 33 C0 E9 ** ** ** ** 41 FF C4 49 8B 47 18 48 63 CE 39 48 18 0F 86 ** ** ** ** 48 6B C9 18 48 03 C1 48 83 C0 20 48 63 70 04 85 F6 0F 8D ** ** ** ** 49 63 47 4C 85 C0 0F 8E ** ** ** ** 49 63 5F 48 49 8B 47 18 48 63 CB 39 48 18 0F 86 ** ** ** ** 48 6B C9 18 48 03 C1 48 83 C0 20 48 63 40 04 41 89 47 48 49 63 47 4C FF C8 41 89 47 4C E9 ** ** ** ** 49 63 47 40 49 8B 4F 18 48 63 49 18 3B C1 75 26 49 8B CF 48 8D 64 24 00 49 BB ** ** ** ** ** ** ** ** 41 FF D3 49 8B 47 10 48 63 48 18 49 8B C6 99 F7 F9 4C 8B EA 49 63 5F 40 |
try to do some AA, booom the error
or
start a research(need of a wooden research bench), the progress is stored in a float value, this value is 1/2 of the visual value
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
