| View previous topic :: View next topic |
| Author |
Message |
teddyman
How do I cheat?
![]() Reputation: 0
Joined: 15 Feb 2019
Posts: 3
|
 Posted: Fri Feb 15, 2019 6:08 am Post subject: Does code injection size matter |
 |
|
Hi,
I'm not sure exactly how to word this but ill try my best.
I've been following some tutorials and using the code injection template on the auto assembler. Some of the tutorials mentioned to keep the same byte size or something similar to that.
The YouTube tutorial I was following (with time):
How to Solve Cheat Engine 6.8's New Game Tutorial! (time 9:20)
(Sorry i cannot post links yet)
If someone could let me know if this is an important thing i need to learn that would be nice (also what its called / links to information would be appreciated)
Thanks
|
|
| Back to top |
|
 |
FreeER
Grandmaster Cheater Supreme
![]() Reputation: 53
Joined: 09 Aug 2013
Posts: 1091
|
| Posted: Fri Feb 15, 2019 8:01 am Post subject: |
|
|
yes. If you're writing fewer bytes then you're going to leave behind partial instructions that get misinterpreted as other instructions and can cause a crash, however this is easy to fix simply by using "nop" which is a single byte of value 0x90 and stands for "no operation" (and the same opcode as xchg eax,eax in 32bit code. Exchange something with itself and there's no obvious change). So you can easily fill in extra bytes from an old instruction you don't want to run with that.
If you write too many bytes, then there's more stuff not being done that probably needs to happen, and you may have partial instructions left behind. Now days this is also pretty easy to fix, CE can allocate a large chunk of memory for you and you just write a jump to it, this generally only takes 5 bytes and so it's usually pretty easy to manage, once you've jumped to that new memory you can write any new code you want and rewrite any original code you had to overwrite to get the jump done so they still run, then jump back to the instruction after the original code to let it continue executing as normal.
This can get a bit harder in x64 since jmp only takes a 4 byte value and addresses can be more than +-2 billion bytes apart in virtual memory and so may require a 14 byte pseudo-jump that involves storing the address in a register and jumping with that, but often you can avoid that since alloc takes a 3rd argument which you can set to indicate where to allocate memory near, getting you back to a 5 byte jump. While CE supports using symbols (like the one an aobscan creates) for alloc's third argument, it doesn't seem to use it by default in templates so you have to remember to change it yourself.
_________________
|
|
| Back to top |
|
|
teddyman
How do I cheat?
![]() Reputation: 0
Joined: 15 Feb 2019
Posts: 3
|
| Posted: Fri Feb 15, 2019 9:13 am Post subject: |
|
|
| Thank you. This makes sense.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
