Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Calling a function through CE debugger

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
Rapunzel
How do I cheat?
Reputation: 0

Joined: 18 May 2015
Posts: 4
PostPosted: Tue May 19, 2015 1:21 am    Post subject: Calling a function through CE debugger Reply with quote
Ok, so I saw this video in which this guy calls a function from the pinball game using CE ("Finding ASM functions with Cheat Engine's Ultimap" on youtube; wish i could post URLs Sad). Ive been trying to learn how to do this so to help me practice I coded a simple vb6 application with a command button that adds +1 to an integer and then pops a msgbox showing the value of that integer. I managed to find the function that adds the +1 to the integer using "find out whats writes this address" I was also able to edit the function and make it sum any other number to the integer so Im positive thats the function I need to call but I can't call it without crashing the exe.

Is this possible at all? And if so how should I do it so that it doesn't crash the exe?

Untitleda.png
 Description:
Heres the function im trying to call
 Filesize:  93.9 KB
 Viewed:  7495 Time(s)

Untitleda.png
Untitled2.png
 Description:
Heres the function thats calling my function
 Filesize:  87.71 KB
 Viewed:  7495 Time(s)

Untitled2.png
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 471

Joined: 09 May 2003
Posts: 25823
Location: The netherlands
PostPosted: Tue May 19, 2015 3:39 am    Post subject: Reply with quote
you need to use call to call functions, not jmp
are you giving the correct number of parameters?
if it's cdecl, you need to pop the parameters from the stack yourself
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Rapunzel
How do I cheat?
Reputation: 0

Joined: 18 May 2015
Posts: 4
PostPosted: Tue May 19, 2015 9:01 pm    Post subject: Reply with quote
Wow dark byte himself Very Happy So i traced back the caller (its the one in the IMG below) thats calling that JMP (EAX is holding the addr of the JMP). I think vb6 uses stdcall which should be similar to cdecl so as you said i might have to pop the parameters from the stack myself. Im pretty sure im not doing this right since i keep crashing every time i try to make the call. Which are exactly the parameters that i need to push? I tried copying the whole caller function but im still crashing, any ideas on what to do now?

Untitled3.png
 Description:
Caller function
 Filesize:  61.3 KB
 Viewed:  7379 Time(s)

Untitled3.png
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 471

Joined: 09 May 2003
Posts: 25823
Location: The netherlands
PostPosted: Wed May 20, 2015 4:17 am    Post subject: Reply with quote
the function takes 3 parameters, where the first one is the address of the function to call
second one is a pointer to the stack to call the function
third looks like the size of the stack
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Rapunzel
How do I cheat?
Reputation: 0

Joined: 18 May 2015
Posts: 4
PostPosted: Wed May 20, 2015 7:14 pm    Post subject: Reply with quote
Still crashing using this code:
Code:
003E0000:
push 00000002
push 0019F458
push BASIC.exe+19E4
call 66051D15
retn


The disassembler makes a breakpoint in the function that adds the +1 so apparently it is working fine up to there but crashes somewhere else far ahead for some reason. I attached an IMG showing a breakpoint in the caller function (up to that point it appears to be working fine; afterwards [im not sure where] it crashes). Is there a quick way of finding what is the last line that the exe ran before crashing? Am I calling the function wrong?

Untitled4.png
 Description:
Caller function somewhere before crash occurs
 Filesize:  61.92 KB
 Viewed:  7287 Time(s)

Untitled4.png
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites