 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
GoreGrindGeek
Newbie cheater
![]() Reputation: 0
Joined: 30 Apr 2017
Posts: 14
|
 Posted: Sun Nov 03, 2024 12:06 pm Post subject: Attempting to hack health in One Deck Dungeon |
 |
|
Good day.
I've always wanted to learn advanced Cheat Engine functionality, beyond simple "finding a value and changing/locking it", so I've decided to try to develop a cheat table for a game called One Deck Dungeon. Namely, a cheat table that would let me prevent damage to heroes in the game.
Unfortunately, the game mechanics are a bit convoluted, in that there's no real "health minus damage" tracker. Every character is represented with a card that contains original health plus any item bonuses, and the damage is added to it in the form of damage tokens (since this is a board game replica). I've first tried finding a pointer to that damage tokens number, both through pointer scans and AOB searches, to no avail.
Then I tried leveraging Mono functionality from within Cheat Engine and found the following class (?):
| Code: | 19e7c7db5f8 : Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction
static fields
fields
48 : <HeroTakingDamage>k__BackingField (type: Handelabra.OneDeckDungeon.Engine.Controller.HeroCardController)
50 : <BossTakingDamage>k__BackingField (type: Handelabra.OneDeckDungeon.Engine.Controller.BossController)
58 : <OriginalAmountOfDamage>k__BackingField (type: System.Int32)
5c : <AmountOfDamage>k__BackingField (type: System.Int32)
60 : <TakeDamageReason>k__BackingField (type: Handelabra.OneDeckDungeon.Engine.TakeDamageReason)
64 : <HeroCurrentHealthBeforeAction>k__BackingField (type: System.Nullable<System.Int32>)
6c : <HeroCurrentHealthAfterAction>k__BackingField (type: System.Nullable<System.Int32>)
74 : <BossCurrentHealthAfterAction>k__BackingField (type: System.Nullable<System.Int32>)
methods
19ed6b9b6d8 : .ctor (gameController: Handelabra.OneDeckDungeon.Engine.Controller.GameController; game: Handelabra.OneDeckDungeon.Engine.Model.Game; source: Handelabra.OneDeckDungeon.Engine.Controller.BaseController; boss: Handelabra.OneDeckDungeon.Engine.Controller.BossController; amountOfDamage: int; reason: Handelabra.OneDeckDungeon.Engine.TakeDamageReason):System.Void
19ed6b9b6b0 : .ctor (gameController: Handelabra.OneDeckDungeon.Engine.Controller.GameController; game: Handelabra.OneDeckDungeon.Engine.Model.Game; source: Handelabra.OneDeckDungeon.Engine.Controller.BaseController; hero: Handelabra.OneDeckDungeon.Engine.Controller.HeroCardController; amountOfDamage: int; reason: Handelabra.OneDeckDungeon.Engine.TakeDamageReason):System.Void
19ed6b9b750 : AdjustDamageAmount (adjustment: int):System.Void
19ed6b9b700 : DoAction ():System.Void
19ed6b9b778 : SetAmountOfDamage (amountOfDamage: int):System.Void
19ed6b9b728 : ToFriendlyString ():System.String
19ed6b9b7a0 : ToString ():System.String
19ed6b9b4f8 : get_AmountOfDamage ():System.Int32
19ed6b9b660 : get_BossCurrentHealthAfterAction ():System.Nullable<System.Int32>
19ed6b9b458 : get_BossTakingDamage ():Handelabra.OneDeckDungeon.Engine.Controller.BossController
19ed6b9b610 : get_HeroCurrentHealthAfterAction ():System.Nullable<System.Int32>
19ed6b9b5c0 : get_HeroCurrentHealthBeforeAction ():System.Nullable<System.Int32>
19ed6b9b408 : get_HeroTakingDamage ():Handelabra.OneDeckDungeon.Engine.Controller.HeroCardController
19ed6b9b598 : get_IsSufferingConsequences ():System.Boolean
19ed6b9b4a8 : get_OriginalAmountOfDamage ():System.Int32
19ed6b9b548 : get_TakeDamageReason ():Handelabra.OneDeckDungeon.Engine.TakeDamageReason
19ed6b9b520 : set_AmountOfDamage (value: int):System.Void
19ed6b9b688 : set_BossCurrentHealthAfterAction (value: System.Nullable`1<int>):System.Void
19ed6b9b480 : set_BossTakingDamage (value: Handelabra.OneDeckDungeon.Engine.Controller.BossController):System.Void
19ed6b9b638 : set_HeroCurrentHealthAfterAction (value: System.Nullable`1<int>):System.Void
19ed6b9b5e8 : set_HeroCurrentHealthBeforeAction (value: System.Nullable`1<int>):System.Void
19ed6b9b430 : set_HeroTakingDamage (value: Handelabra.OneDeckDungeon.Engine.Controller.HeroCardController):System.Void
19ed6b9b4d0 : set_OriginalAmountOfDamage (value: int):System.Void
19ed6b9b570 : set_TakeDamageReason (value: Handelabra.OneDeckDungeon.Engine.TakeDamageReason):System.Void |
And this is what the DoAction function from this class looks like in memory view:
| Code: | 55 - push rbp
48 8B EC - mov rbp,rsp
48 81 EC 90000000 - sub rsp,00000090 { 144 }
48 89 5D C8 - mov [rbp-38],rbx
48 89 75 D0 - mov [rbp-30],rsi
48 89 7D D8 - mov [rbp-28],rdi
4C 89 65 E0 - mov [rbp-20],r12
4C 89 6D E8 - mov [rbp-18],r13
4C 89 75 F0 - mov [rbp-10],r14
4C 89 7D F8 - mov [rbp-08],r15
48 8B F1 - mov rsi,rcx
48 8B 46 48 - mov rax,[rsi+48]
48 85 C0 - test rax,rax
0F84 31010000 - je Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+168
48 8B 56 48 - mov rdx,[rsi+48]
48 8B CE - mov rcx,rsi
49 BB 618A40543A020000 - mov r11,0000023A54408A61 { (73) }
41 FF D3 - call r11
48 8B F8 - mov rdi,rax
48 85 C0 - test rax,rax
0F84 B9000000 - je Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+110
48 63 4E 5C - movsxd rcx,dword ptr [rsi+5C]
83 3F 00 - cmp dword ptr [rdi],00 { 0 }
48 63 87 B0000000 - movsxd rax,dword ptr [rdi+000000B0]
03 C1 - add eax,ecx
89 87 B0000000 - mov [rdi+000000B0],eax
48 63 46 5C - movsxd rax,dword ptr [rsi+5C]
85 C0 - test eax,eax
0F8E 0A020000 - jng Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+283
48 8B 46 10 - mov rax,[rsi+10]
48 8B C8 - mov rcx,rax
83 39 00 - cmp dword ptr [rcx],00 { 0 }
48 8B 40 10 - mov rax,[rax+10]
48 8B C8 - mov rcx,rax
83 39 00 - cmp dword ptr [rcx],00 { 0 }
4C 8B 90 A0000000 - mov r10,[rax+000000A0]
4C 8B 4E 28 - mov r9,[rsi+28]
4C 63 46 5C - movsxd r8,dword ptr [rsi+5C]
48 63 56 60 - movsxd rdx,dword ptr [rsi+60]
48 8B 46 30 - mov rax,[rsi+30]
48 8B C8 - mov rcx,rax
4D 8B F2 - mov r14,r10
4D 8B E9 - mov r13,r9
4C 8B FF - mov r15,rdi
4D 8B E0 - mov r12,r8
48 8B DA - mov rbx,rdx
48 89 4D A0 - mov [rbp-60],rcx
48 85 C0 - test rax,rax
75 0A - jne Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+c9
48 C7 45 A0 00000000 - mov qword ptr [rbp-60],00000000 { 0 }
EB 11 - jmp Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+da
48 8B 4D A0 - mov rcx,[rbp-60]
48 8B C1 - mov rax,rcx
48 8B 00 - mov rax,[rax]
FF 50 70 - call qword ptr [rax+70]
48 89 45 A0 - mov [rbp-60],rax
48 89 5C 24 20 - mov [rsp+20],rbx
48 8B 45 A0 - mov rax,[rbp-60]
48 89 44 24 28 - mov [rsp+28],rax
49 8B CE - mov rcx,r14
49 8B D5 - mov rdx,r13
4D 8B C7 - mov r8,r15
4D 8B CC - mov r9,r12
41 83 3E 00 - cmp dword ptr [r14],00 { 0 }
48 8D 64 24 00 - lea rsp,[rsp+00]
90 - nop
49 BB 358A40543A020000 - mov r11,0000023A54408A35 { (73) }
41 FF D3 - call r11
E9 73010000 - jmp Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+283
48 8B 46 48 - mov rax,[rsi+48]
48 8B C8 - mov rcx,rax
49 BE 30BF03543A020000 - mov r14,0000023A5403BF30 { (239912312A8) }
4C 8B E9 - mov r13,rcx
48 85 C0 - test rax,rax
75 05 - jne Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+12e
45 33 ED - xor r13d,r13d
EB 0D - jmp Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+13b
49 8B CD - mov rcx,r13
49 8B 45 00 - mov rax,[r13+00]
FF 50 48 - call qword ptr [rax+48]
4C 8B E8 - mov r13,rax
49 8B CE - mov rcx,r14
49 8B D5 - mov rdx,r13
48 8D 64 24 00 - lea rsp,[rsp+00]
49 BB 157DD79139020000 - mov r11,0000023991D77D15 { (73) }
41 FF D3 - call r11
48 8B C8 - mov rcx,rax
49 BB B18940543A020000 - mov r11,0000023A544089B1 { (73) }
41 FF D3 - call r11
E9 1B010000 - jmp Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+283
48 8B 46 50 - mov rax,[rsi+50]
48 85 C0 - test rax,rax
0F84 F0000000 - je Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+265
48 8B 56 50 - mov rdx,[rsi+50]
48 8B CE - mov rcx,rsi
66 90 - nop 2
49 BB 098A40543A020000 - mov r11,0000023A54408A09 { (73) }
41 FF D3 - call r11
4C 8B F8 - mov r15,rax
48 85 C0 - test rax,rax
0F84 AE000000 - je Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+245
48 63 4E 5C - movsxd rcx,dword ptr [rsi+5C]
41 83 3F 00 - cmp dword ptr [r15],00 { 0 }
49 63 47 68 - movsxd rax,dword ptr [r15+68]
03 C1 - add eax,ecx
41 89 47 68 - mov [r15+68],eax
48 63 46 5C - movsxd rax,dword ptr [rsi+5C]
85 C0 - test eax,eax
0F8E CE000000 - jng Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+283
48 8B 46 10 - mov rax,[rsi+10]
48 8B C8 - mov rcx,rax
83 39 00 - cmp dword ptr [rcx],00 { 0 }
48 8B 40 10 - mov rax,[rax+10]
48 8B C8 - mov rcx,rax
83 39 00 - cmp dword ptr [rcx],00 { 0 }
4C 8B 90 A0000000 - mov r10,[rax+000000A0]
4C 8B 4E 28 - mov r9,[rsi+28]
4C 63 46 5C - movsxd r8,dword ptr [rsi+5C]
48 63 56 60 - movsxd rdx,dword ptr [rsi+60]
48 8B 46 30 - mov rax,[rsi+30]
48 8B C8 - mov rcx,rax
4D 8B F2 - mov r14,r10
4D 8B E9 - mov r13,r9
4D 8B E0 - mov r12,r8
48 8B DA - mov rbx,rdx
48 89 4D A0 - mov [rbp-60],rcx
48 85 C0 - test rax,rax
75 0A - jne Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+202
48 C7 45 A0 00000000 - mov qword ptr [rbp-60],00000000 { 0 }
EB 11 - jmp Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+213
48 8B 4D A0 - mov rcx,[rbp-60]
48 8B C1 - mov rax,rcx
48 8B 00 - mov rax,[rax]
FF 50 70 - call qword ptr [rax+70]
48 89 45 A0 - mov [rbp-60],rax
48 89 5C 24 20 - mov [rsp+20],rbx
48 8B 45 A0 - mov rax,[rbp-60]
48 89 44 24 28 - mov [rsp+28],rax
49 8B CE - mov rcx,r14
49 8B D5 - mov rdx,r13
4D 8B C7 - mov r8,r15
4D 8B CC - mov r9,r12
41 83 3E 00 - cmp dword ptr [r14],00 { 0 }
48 8D 64 24 00 - lea rsp,[rsp+00]
49 BB DD8940543A020000 - mov r11,0000023A544089DD { (73) }
41 FF D3 - call r11
EB 3E - jmp Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+283
48 B9 A0BE03543A020000 - mov rcx,0000023A5403BEA0 { (239912312A8) }
48 8D AD 00000000 - lea rbp,[rbp+00000000]
49 BB B18940543A020000 - mov r11,0000023A544089B1 { (73) }
41 FF D3 - call r11
EB 1E - jmp Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+283
48 B9 606E1D543A020000 - mov rcx,0000023A541D6E60 { (239912312A8) }
48 8D AD 00000000 - lea rbp,[rbp+00000000]
49 BB 858940543A020000 - mov r11,0000023A54408985 { (73) }
41 FF D3 - call r11
48 8B 46 48 - mov rax,[rsi+48]
48 85 C0 - test rax,rax
0F84 54000000 - je Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+2e4
48 8B 46 48 - mov rax,[rsi+48]
48 8B C8 - mov rcx,rax
83 38 00 - cmp dword ptr [rax],00 { 0 }
48 8D 6D 00 - lea rbp,[rbp+00]
49 BB 598940543A020000 - mov r11,0000023A54408959 { (73) }
41 FF D3 - call r11
C7 45 A8 00000000 - mov [rbp-58],00000000 { 0 }
C7 45 AC 00000000 - mov [rbp-54],00000000 { 0 }
89 45 AC - mov [rbp-54],eax
C6 45 A8 01 - mov byte ptr [rbp-58],01 { 1 }
48 63 45 A8 - movsxd rax,dword ptr [rbp-58]
89 45 B8 - mov [rbp-48],eax
48 63 45 AC - movsxd rax,dword ptr [rbp-54]
89 45 BC - mov [rbp-44],eax
48 8D 46 6C - lea rax,[rsi+6C]
48 63 4D B8 - movsxd rcx,dword ptr [rbp-48]
89 08 - mov [rax],ecx
48 63 4D BC - movsxd rcx,dword ptr [rbp-44]
89 48 04 - mov [rax+04],ecx
E9 99000000 - jmp Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+37d
48 8B 46 50 - mov rax,[rsi+50]
48 85 C0 - test rax,rax
0F84 8C000000 - je Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+37d
4C 8B 76 50 - mov r14,[rsi+50]
49 8B C6 - mov rax,r14
83 38 00 - cmp dword ptr [rax],00 { 0 }
49 8B 46 38 - mov rax,[r14+38]
48 8B C8 - mov rcx,rax
83 39 00 - cmp dword ptr [rcx],00 { 0 }
4C 8B 68 48 - mov r13,[rax+48]
4D 85 ED - test r13,r13
74 22 - je Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+330
49 8B 45 00 - mov rax,[r13+00]
48 8B 00 - mov rax,[rax]
48 8B 40 10 - mov rax,[rax+10]
48 8B 40 18 - mov rax,[rax+18]
48 B9 98AF36453A020000 - mov rcx,0000023A4536AF98 { (23A4536AF98) }
48 3B C1 - cmp rax,rcx
0F85 6F000000 - jne Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+39f
41 83 7D 00 00 - cmp dword ptr [r13+00],00 { 0 }
49 63 45 60 - movsxd rax,dword ptr [r13+60]
49 8B 4E 38 - mov rcx,[r14+38]
48 8B D1 - mov rdx,rcx
83 3A 00 - cmp dword ptr [rdx],00 { 0 }
48 63 49 68 - movsxd rcx,dword ptr [rcx+68]
2B C1 - sub eax,ecx
C7 45 B0 00000000 - mov [rbp-50],00000000 { 0 }
C7 45 B4 00000000 - mov [rbp-4C],00000000 { 0 }
89 45 B4 - mov [rbp-4C],eax
C6 45 B0 01 - mov byte ptr [rbp-50],01 { 1 }
48 63 45 B0 - movsxd rax,dword ptr [rbp-50]
89 45 C0 - mov [rbp-40],eax
48 63 45 B4 - movsxd rax,dword ptr [rbp-4C]
89 45 C4 - mov [rbp-3C],eax
48 8D 46 74 - lea rax,[rsi+74]
48 63 4D C0 - movsxd rcx,dword ptr [rbp-40]
89 08 - mov [rax],ecx
48 63 4D C4 - movsxd rcx,dword ptr [rbp-3C]
89 48 04 - mov [rax+04],ecx
48 8B 5D C8 - mov rbx,[rbp-38]
48 8B 75 D0 - mov rsi,[rbp-30]
48 8B 7D D8 - mov rdi,[rbp-28]
4C 8B 65 E0 - mov r12,[rbp-20]
4C 8B 6D E8 - mov r13,[rbp-18]
4C 8B 75 F0 - mov r14,[rbp-10]
4C 8B 7D F8 - mov r15,[rbp-08]
48 8D 65 00 - lea rsp,[rbp+00]
5D - pop rbp
C3 - ret
BA 91000000 - mov edx,00000091 { 145 }
B9 4B010000 - mov ecx,0000014B { 331 }
48 8D 64 24 00 - lea rsp,[rsp+00]
49 BB 601F07F138020000 - mov r11,00000238F1071F60 { (149717320) }
41 FF D3 - call r11
|
From what I can see, the same class is dealing both with damage to heroes and to bosses. This is a problem. Because I somehow need to find the function and rewrite it so that it ignores damage to heroes while not ignoring boss damage. Not to mention the function address changes every time the game is restarted, so it's a major pain to find an AOB or any other sort of reference to target it for rewriting. In the assembly code above, rsi+48 and rsi+50 appear to be pointers to hero health and boss health, respectively.
At this point, I've spent a total of 24 hours trying to figure out how to do it, but I haven't been able to find a solution. Maybe someone more experienced can at least point me in the right direction?
Thank you very much in advance.
P.S. I cannot find any instances of this class via Mono either. They are probably created upon heroes/bosses taking damage and immediately destroyed thereafter, so this kind of built-in functionality is out of my reach as well 
|
|
| Back to top |
|
 |
ParkourPenguin
I post too much
 Reputation: 152
Joined: 06 Jul 2014
Posts: 4706
|
| Posted: Sun Nov 03, 2024 1:49 pm Post subject: |
|
|
| Code: | fields
48 : <HeroTakingDamage>...
50 : <BossTakingDamage>... |
I'd guess these values are used to determine if the hero or boss are taking damage. Take note of these offsets (i.e. 48 & 50).
| Code: | mov rax,[rsi+48]
test rax,rax
je ... |
This checks if the pointer at [rsi+48] is null. If it is, jump to a certain address. The code immediately after `je` is executed if the hero is taking damage; the code at the jump target is executed if the hero isn't taking damage (i.e. presumably the enemy is taking damage).
I'd try an early return here and see what happens.
| Code: | findmonomethod(damageDoAction,:Handleabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction)
[ENABLE]
assert(damageDoAction+37,48 8B 56 48 48 8B CE)
assert(damageDoAction+37D,48 8B 5D C8)
damageDoAction+37:
jmp damageDoAction+37D
nop 2
[DISABLE]
damageDoAction+37:
db 48 8B 56 48 48 8B CE
{
// ORIGINAL CODE - damageDoAction+37
damageDoAction+27: 48 8B F1 - mov rsi,rcx
damageDoAction+2A: 48 8B 46 48 - mov rax,[rsi+48]
damageDoAction+2E: 48 85 C0 - test rax,rax
damageDoAction+31: 0F 84 31 01 00 00 - je damageDoAction+168
// ---------- INJECTING HERE ----------
damageDoAction+37: 48 8B 56 48 - mov rdx,[rsi+48]
damageDoAction+3B: 48 8B CE - mov rcx,rsi
// ---------- DONE INJECTING ----------
damageDoAction+3E: 49 BB 61 8A 40 54 3A 02 00 00 - mov r11,0000023A54408A61
damageDoAction+48: 41 FF D3 - call r11
damageDoAction+4B: 48 8B F8 - mov rdi,rax
damageDoAction+4E: 48 85 C0 - test rax,rax
damageDoAction+51: 0F 84 B9 00 00 00 - je damageDoAction+110
damageDoAction+57: 48 63 4E 5C - movsxd rcx,dword ptr [rsi+5C]
damageDoAction+5B: 83 3F 00 - cmp dword ptr [rdi],00
damageDoAction+5E: 48 63 87 B0 00 00 00 - movsxd rax,dword ptr [rdi+000000B0]
...
damageDoAction+369: 89 45 C4 - mov [rbp-3C],eax
damageDoAction+36C: 48 8D 46 74 - lea rax,[rsi+74]
damageDoAction+370: 48 63 4D C0 - movsxd rcx,dword ptr [rbp-40]
damageDoAction+374: 89 08 - mov [rax],ecx
damageDoAction+376: 48 63 4D C4 - movsxd rcx,dword ptr [rbp-3C]
damageDoAction+37A: 89 48 04 - mov [rax+04],ecx
damageDoAction+37D: 48 8B 5D C8 - mov rbx,[rbp-38]
damageDoAction+381: 48 8B 75 D0 - mov rsi,[rbp-30]
damageDoAction+385: 48 8B 7D D8 - mov rdi,[rbp-28]
damageDoAction+389: 4C 8B 65 E0 - mov r12,[rbp-20]
damageDoAction+38D: 4C 8B 6D E8 - mov r13,[rbp-18]
damageDoAction+391: 4C 8B 75 F0 - mov r14,[rbp-10]
damageDoAction+395: 4C 8B 7D F8 - mov r15,[rbp-08]
damageDoAction+399: 48 8D 65 00 - lea rsp,[rbp+00]
damageDoAction+39D: 5D - pop rbp
damageDoAction+39E: C3 - ret
} |
I think the offsets are correct (i.e. +37, +37D); double check that
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
GoreGrindGeek
Newbie cheater
![]() Reputation: 0
Joined: 30 Apr 2017
Posts: 14
|
| Posted: Sun Nov 03, 2024 2:38 pm Post subject: |
|
|
| ParkourPenguin wrote: | | I'd try an early return here and see what happens. |
Thank you!
| ParkourPenguin wrote: | | I think the offsets are correct (i.e. +37, +37D); double check that |
How would I do that?
Haven't been able to check the functionality in-game, unfortunately, because I'm already stuck at the path-to-function part... "OneDeckDungeonEngine:Handelabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction" should be correct, as the function seems to come from OneDeckDungeonEngine.dll. The .dll is also present in the game files, but it is not listed in "Enumerate DLLs and symbols", so no clue how to figure this out 
|
|
| Back to top |
|
|
ParkourPenguin
I post too much
Reputation: 152
Joined: 06 Jul 2014
Posts: 4706
|
| Posted: Sun Nov 03, 2024 7:17 pm Post subject: |
|
|
Oh, that's statically compiled mono. Forget that `findmonomethod` line, just use this:
| Code: | usemono()
define(damageDoAction,Handleabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction)
[ENABLE]
... |
| GoreGrindGeek wrote: | | How would I do that? |
In the disassembler, go to the address Handleabra.OneDeckDungeon.Engine.Controller.TakeDamageAction:DoAction+37 and make sure the instructions there are the same as the ones written in the comment at the bottom of the code I wrote. (the `assert` statements also verify that)
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
GoreGrindGeek
Newbie cheater
![]() Reputation: 0
Joined: 30 Apr 2017
Posts: 14
|
| Posted: Mon Nov 04, 2024 2:46 am Post subject: |
|
|
Thank you!
It didn't work at first, complaining about the address (and yes, I did change "Handleabra" to the "Handelabra" it should expect), but then it agreed to add the script to the list.
Sadly, heroes still take damage, even though your code and logic seem more than sound.
Update: it does work! It's just that damage tokens still get added to heroes' sheets, so that got me confused. Not too much of an issue. How do I give you reputation for your excellent help?
|
|
| Back to top |
|
|
ParkourPenguin
I post too much
Reputation: 152
Joined: 06 Jul 2014
Posts: 4706
|
| Posted: Mon Nov 04, 2024 3:28 am Post subject: |
|
|
I'm glad it's working.
Rep is locked by something to do with your account being too new. Maybe not enough time has passed or there aren't enough posts. It's fine.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
