 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
mgr.inz.Player
I post too much
 Reputation: 220
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
 Posted: Mon Oct 21, 2019 7:30 am Post subject: aobscan Nth result |
 |
|
Installation:
Add below function to autorun folder to existing or new .lua file
You can also copy it to main memory record (AA script with {$Lua} section).
| Code: | function find_Nth_Result_AOB(symbol,N,start,pattern)
if start==' 00000000' then return end
if N<=1 then registerSymbol(symbol,start) return end
local script='aobscanregion('..symbol..','..start..'+1,7fffffffffffffff,'..pattern..')\r\nregistersymbol('..symbol..')'
local success=autoAssemble(script)
if success and (N>2) then find_Nth_Result_AOB(symbol,N-1,string.format('%08X',getAddress(symbol)),pattern) end
if not success then unregisterSymbol(symbol); error() end
end |
Usage:
Example, if you need second result just use this AA script:
| Code: | [ENABLE]
aobscan(myPtr,48 8b 05 * * * * 48 85 c0 0f 85)
LuaCall(find_Nth_Result_AOB('myPtr',2,[=[myPtr]=],"48 8b 05 * * * * 48 85 c0 0f 85"))
...
...
...
[DISABLE]
unregistersymbol(myPtr)
...
...
...
|
if you need third result from module:
| Code: | [ENABLE]
aobscanmodule(myPtr,modulename,48 8b 05 * * * * 48 85 c0 0f 85)
LuaCall(find_Nth_Result_AOB('myPtr',3,[=[myPtr]=],"48 8b 05 * * * * 48 85 c0 0f 85"))
...
...
...
[DISABLE]
unregistersymbol(myPtr)
...
...
...
|
Tip:
Be sure to check "execute asynchronous"
Notes:
You probably notice this [=[myPtr]=] thing in my code. Everything inside parenthesis of LuaCall is executed by Lua. And Lua treats [=[ and ]=] more or less the same way as quotation marks "
_________________
|
|
| Back to top |
|
 |
Csimbi
I post too much
 Reputation: 97
Joined: 14 Jul 2007
Posts: 3282
|
| Posted: Wed Nov 20, 2019 8:37 am Post subject: |
|
|
This would have been useful in the past, now I can't recall which game it was anymore.
I'll take a mental note that this problem has also been solved and come back for it later.
|
|
| Back to top |
|
|
Csimbi
I post too much
Reputation: 97
Joined: 14 Jul 2007
Posts: 3282
|
| Posted: Sat Dec 14, 2019 6:42 pm Post subject: |
|
|
As it happens, there is a game where I could use this.
Any chance to add a second variant that supports aobscanmodule?
| Code: | | aobscanmodule(myPtr,process.exe,48 8b 05 * * * * 48 85 c0 0f 85) |
I tried stealing your code to do this myself, but I keep getting an error when I try to enable the script (unknown LUA error).
Also, I guess the start address is no longer needed, but I get an error when I replace start with moduleAddress.
Thank you!
| Description: |
|
Download |
| Filename: |
FindNthAOBResult.lua |
| Filesize: |
2.05 KB |
| Downloaded: |
2220 Time(s) |
|
|
| Back to top |
|
|
mgr.inz.Player
I post too much
Reputation: 220
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Sun Dec 15, 2019 6:56 am Post subject: |
|
|
It already works with aobscanmodule and aobscanregion.
| Code: | [ENABLE]
whatever_build-in_aob_scan_method(symbolName, [[modulename,] | [startaddress, endaddress,]] ThePattern)
LuaCall(find_Nth_Result_AOB('symbolName',ResultsIndex,[=[symbolName]=],"ThePattern"))
...
...
...
[DISABLE]
unregistersymbol(symbolName)
...
...
... |
You do not like the 7fffffffffffffff part of my script?
You probably want the most efficient value right? OK. Here's how:
Do array of byte scan:
1. in main CE window
2. inside "memory scan options" choose the module from combobox
3. right click on any "memory scan options" checkbox and choose: "preset: scan all memory" (autoassemble aobscan also do this)
4. run this code
| Code: | iwantthisresultindex = 3 -- third result
redundancy = 0.05 -- increase max distance by 5% to get optimal
memscan = getCurrentMemscan()
maxdistance = 0
for i=2, iwantthisresultindex do
address1 = tonumber(memscan.FoundList[i-2],16)
address2 = tonumber(memscan.FoundList[i-1],16)
distance = address2-address1
print(string.format("distance: %X",distance))
if maxdistance<distance then maxdistance=distance end
end
print(string.format("max distance is: %X", maxdistance))
print(string.format("optimal distance is: %X", (maxdistance*(redundancy+1))//1 )) |
And you got, for example, optimal distance: 1234
then change line:
| Code: | | local script='aobscanregion('..symbol..','..start..'+1,7fffffffffffffff,'..pattern..')\r\nregistersymbol('..symbol..')' |
to
| Code: | | local script='aobscanregion('..symbol..','..start..'+1,'..start..'+1234,'..pattern..')\r\nregistersymbol('..symbol..')' |
edit: a typo.
_________________
Last edited by mgr.inz.Player on Sun Dec 15, 2019 10:41 am; edited 1 time in total |
|
| Back to top |
|
|
Csimbi
I post too much
Reputation: 97
Joined: 14 Jul 2007
Posts: 3282
|
| Posted: Sun Dec 15, 2019 9:18 am Post subject: |
|
|
| mgr.inz.Player wrote: | It already works with aobscanmodule and aobscanregion.
|
Oh. Ignore my nonsense then, thanks!
Good tips right there thought, thanks!
The end address does not matter - I just want the second and I know there'll be one "fairly soon".
But the thing is, I want use both the first and the second 
Edit.
No error, but both symbols point to the same address (the first: Weapon):
| Code: | aobscanmodule(aobWeaponCountReader,MechWarrior-Win64-Shipping.exe,8B ...)
aobscanmodule(aobEquipmentCountReader,MechWarrior-Win64-Shipping.exe,8B ...)
LuaCall(find_Nth_Result_AOB('aobEquipmentCountReader',2,[=[aobEquipmentCountReader]=],"8B ..."))
|
I would expect this to happen:
1. CE searches for aobWeaponCountReader and it takes address.
2. CE searches for aobEquipmentCountReader and it takes address (same AOB as Weapon, so same address).
3. find_Nth_Result_AOB bumps aobEquipmentCountReader to the address where the signature is found the second time.
But, instead I got:
- aobEquipmentCountReader has address of the 2nd AOB signature (correct).
- aobWeaponCountReader_r and aobEquipmentCountReader_r are equal, they both have address of the 1st AOB signature.
Here are the hooks, based on these the _r symbols should be different:
| Code: |
...
aobWeaponCountReader:
aobWeaponCountReader_r:
jmp lblWeaponCountReader
nop 2
lblWeaponCountReaderRet:
aobEquipmentCountReader:
aobEquipmentCountReader_r:
...
|
Edit2
Ok, figured it out.
The first symbol I pass in LUACall must be different from the one in the AA template. I.e.
| Code: | aobscanmodule(aobWeaponCountReader,MechWarrior-Win64-Shipping.exe,8B ...)
aobscanmodule(aobEquipmentCountReader,MechWarrior-Win64-Shipping.exe,8B ...)
LuaCall(find_Nth_Result_AOB('aobEquipmentCountReader1',2,[=[aobEquipmentCountReader]=],"8B ..."))
|
and
| Code: | aobWeaponCountReader:
aobWeaponCountReader_r:
jmp lblWeaponCountReader
nop 2
lblWeaponCountReaderRet:
aobEquipmentCountReader1:
aobEquipmentCountReader_r:
|
Even better:
| Code: | aobscanmodule(aobWeaponCountReader,MechWarrior-Win64-Shipping.exe,8B ...)
LuaCall(find_Nth_Result_AOB('aobEquipmentCountReader',2,[=[aobWeaponCountReader]=],"8B ..."))
|
|
|
| Back to top |
|
|
mgr.inz.Player
I post too much
Reputation: 220
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Sun Dec 15, 2019 10:01 am Post subject: |
|
|
Yes, aobscans are replaced with defines.
So this
| Code: | aobscanmodule(aobWeaponCountReader,MechWarrior-Win64-Shipping.exe,8B ...)
aobscanmodule(aobEquipmentCountReader,MechWarrior-Win64-Shipping.exe,8B ...)
LuaCall(find_Nth_Result_AOB('aobEquipmentCountReader1',2,[=[aobEquipmentCountReader]=],"8B ..."))
|
Will become:
| Code: | define(aobWeaponCountReader, address1)
define(aobEquipmentCountReader, address2) |
aobEquipmentCountReader1 will be added to symbolhandler.
I thought you will have only aobscans in main script. Yes, if you want "all-in-one" main script, you have to use different name for registered symbol if you do not want it to be concealed by defined word.
By the way, if you have the same pattern. You can use only one aobscan:
| Code: | aobscanmodule(aobWeaponCountReader,MechWarrior-Win64-Shipping.exe,8B ...)
LuaCall(find_Nth_Result_AOB('aobEquipmentCountReader',2,[=[aobWeaponCountReader]=],"8B ..."))
LuaCall(find_Nth_Result_AOB('aobWhateverCountReader',3,[=[aobWeaponCountReader]=],"8B ..."))
|
By the way. You can use different pattern for find_Nth_Result_AOB, if you know it is after the first pattern. Keep in mind to use correct N value.
e.g. first occurrence of pattern2 after pattern1, (N = first + 1 = 2)
| Code: | aobscan(name1, pattern1)
LuaCall(find_Nth_Result_AOB('name2',2,[=[name1]=],"pattern2")) |
e.g. third occurrence of pattern2 after pattern1, (N = third + 1 = 4)
| Code: | aobscan(name1, pattern1)
LuaCall(find_Nth_Result_AOB('name2',4,[=[name1]=],"pattern2")) |
_________________
Last edited by mgr.inz.Player on Sun Feb 09, 2020 1:15 pm; edited 1 time in total |
|
| Back to top |
|
|
jgoemat
Master Cheater
![]() Reputation: 22
Joined: 25 Sep 2011
Posts: 259
|
| Posted: Fri Jan 31, 2020 3:08 am Post subject: |
|
|
| I think it would be handy to have something that could take a series of AOBs and find the address of the first where the next several were close by...
|
|
| Back to top |
|
|
Csimbi
I post too much
Reputation: 97
Joined: 14 Jul 2007
Posts: 3282
|
| Posted: Fri Jan 31, 2020 6:09 am Post subject: |
|
|
| jgoemat wrote: | | I think it would be handy to have something that could take a series of AOBs and find the address of the first where the next several were close by... |
Well, that's sort of what this does: you scan once and continue scanning from there (or any other AOB scan you did before).
You just need to chain them up.
|
|
| Back to top |
|
|
maskelihileci
Cheater
![]() Reputation: 0
Joined: 08 Oct 2016
Posts: 43
|
| Posted: Sun Feb 09, 2020 12:43 pm Post subject: There is a problem |
|
|
| Code: |
aobscan(myPtr,8b 10 8b 48)
LuaCall(find_Nth_Result_AOB('myPtr',3,[=[myPtr]=],"8b 10 8b 48"))
myPtr:
db C3
|
I do it this way, organizes the first one
|
|
| Back to top |
|
|
Argaricolm
How do I cheat?
![]() Reputation: 0
Joined: 06 Mar 2016
Posts: 4
|
| Posted: Sat Jan 27, 2024 2:03 pm Post subject: |
|
|
Tried all combinations written here. All return only first address.
Looks like it is because luacall is executed before any aobscan.
|
|
| Back to top |
|
|
Csimbi
I post too much
Reputation: 97
Joined: 14 Jul 2007
Posts: 3282
|
| Posted: Sun Jan 28, 2024 10:22 am Post subject: |
|
|
| Works for me every time. Maybe your code is wrong?
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
