 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
GaiaOrochi
How do I cheat?
![]() Reputation: 0
Joined: 08 Nov 2015
Posts: 7
|
 Posted: Sat Mar 19, 2016 8:03 pm Post subject: Whats Wrong With My AOB Script? |
 |
|
| Code: | { Game : Broforce_beta.exe
Version:
Date : 2016-03-20
Author : Messiah
This script does blah blah blah
}
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscan(INJECT,D9 9F 64 03 00 00 D9 87) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
mov [edi+00000364],#1133658112
code:
fstp dword ptr [edi+00000364]
jmp return
INJECT:
jmp newmem
nop
return:
registersymbol(INJECT)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
INJECT:
db D9 9F 64 03 00 00
unregistersymbol(INJECT)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 06DD8FB7
06DD8F9B: 83 EC 04 - sub esp,04
06DD8F9E: D9 1C 24 - fstp dword ptr [esp]
06DD8FA1: E8 0A EC 2F FF - call 060D7BB0
06DD8FA6: 83 C4 10 - add esp,10
06DD8FA9: DD 45 D8 - fld qword ptr [ebp-28]
06DD8FAC: DD 45 D0 - fld qword ptr [ebp-30]
06DD8FAF: D9 C9 - fxch st(1)
06DD8FB1: D9 CA - fxch st(2)
06DD8FB3: DE C1 - faddp
06DD8FB5: DE C9 - fmulp st(1),st(0)
// ---------- INJECTING HERE ----------
06DD8FB7: D9 9F 64 03 00 00 - fstp dword ptr [edi+00000364]
// ---------- DONE INJECTING ----------
06DD8FBD: D9 87 28 07 00 00 - fld dword ptr [edi+00000728]
06DD8FC3: DD 5D E8 - fstp qword ptr [ebp-18]
06DD8FC6: D9 05 70 24 CA 43 - fld dword ptr [43CA2470]
06DD8FCC: DD 5D E0 - fstp qword ptr [ebp-20]
06DD8FCF: D9 05 78 24 CA 43 - fld dword ptr [43CA2478]
06DD8FD5: 56 - push esi
06DD8FD6: DB 04 24 - fild dword ptr [esp]
06DD8FD9: D9 1C 24 - fstp dword ptr [esp]
06DD8FDC: D9 04 24 - fld dword ptr [esp]
06DD8FDF: 83 C4 04 - add esp,04
} |
The thing that I want to change is | Code: | | fstp dword ptr [edi+00000364] |
because it writes to 4299F364 thats the value i want to change.
It will still give me the original value no matter what i do?
Edit: Another script now
| Code: | { Game : Broforce_beta.exe
Version:
Date : 2016-03-20
Author : Messiah
This script does blah blah blah
}
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscan(INJECT,89 86 0C 04 00 00 8B 05) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
mov eax,#6
code:
mov [esi+0000040C],eax
jmp return
INJECT:
jmp code
nop
return:
registersymbol(INJECT)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
INJECT:
db 89 86 0C 04 00 00
unregistersymbol(INJECT)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 1B197041
1B197023: 56 - push esi
1B197024: 83 EC 04 - sub esp,04
1B197027: 8B 75 08 - mov esi,[ebp+08]
1B19702A: 83 EC 0C - sub esp,0C
1B19702D: 56 - push esi
1B19702E: E8 CD 2D FB FF - call 1B149E00
1B197033: 83 C4 10 - add esp,10
1B197036: 85 C0 - test eax,eax
1B197038: 0F 84 5A 00 00 00 - je 1B197098
1B19703E: 8B 45 0C - mov eax,[ebp+0C]
// ---------- INJECTING HERE ----------
1B197041: 89 86 0C 04 00 00 - mov [esi+0000040C],eax
// ---------- DONE INJECTING ----------
1B197047: 8B 05 0C 7F B2 05 - mov eax,[05B27F0C]
1B19704D: 89 45 F8 - mov [ebp-08],eax
1B197050: 85 F6 - test esi,esi
1B197052: 0F 84 46 00 00 00 - je 1B19709E
1B197058: 83 EC 0C - sub esp,0C
1B19705B: 68 AC 11 68 11 - push 116811AC
1B197060: E8 43 9B F0 EA - call 060A0BA8
1B197065: 83 C4 10 - add esp,10
1B197068: 8B C8 - mov ecx,eax
1B19706A: 8B 45 F8 - mov eax,[ebp-08]
} |
Last edited by GaiaOrochi on Sun Mar 20, 2016 3:32 am; edited 1 time in total |
|
| Back to top |
|
 |
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Sat Mar 19, 2016 8:35 pm Post subject: |
|
|
| From your cheat table, right-click on the address 4299F364 and check to see what is 'writing' to it. In the new window that pops up, you'll see which instructions are writing to your address. If there are any, this may tell you why your value is changing back. Either that, or, you've found the wrong address (e.g. the visual representation of the value that you're looking to alter).
|
|
| Back to top |
|
|
GaiaOrochi
How do I cheat?
![]() Reputation: 0
Joined: 08 Nov 2015
Posts: 7
|
| Posted: Sun Mar 20, 2016 11:13 am Post subject: |
|
|
| ++METHOS wrote: | | From your cheat table, right-click on the address 4299F364 and check to see what is 'writing' to it. In the new window that pops up, you'll see which instructions are writing to your address. If there are any, this may tell you why your value is changing back. Either that, or, you've found the wrong address (e.g. the visual representation of the value that you're looking to alter). |
well the 2nd script idk how to change it, do i have to nop the original code?
|
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Sun Mar 20, 2016 9:25 pm Post subject: |
|
|
| How many instructions are writing to your address? If more than one, you may have to NOP one of the instructions. Just be sure to check if the instruction that you plan on NOP'ing is not accessing other addresses...if it is, you may need to filter them out.
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
