peddroelm Advanced Cheater Reputation: 0
Joined: 03 Oct 2014 Posts: 84
|
Posted: Sun Oct 24, 2021 12:29 am Post subject: createMemScan.firstScan AOB doesn't find[solved] |
|
|
Using the UI search for AOB signature finds it !
Attempting "the same"? scan from lua fails to find the result
This also finds it:
Code: | aobscanmodule(UI_CCbt_Monster_Name,StarTradersFrontiersMods.exe,50 53 68 A0 EE xx xx E8) // should be unique |
problem is:
Code: | [DISABLE]
UI_CCbt_Monster_Name:
db 50 53 68 A0 EE E0 01
|
Since the code I'm trying to replace is VARIABLE between game restarts ( 50 53 68 A0 EE xx xx ) I'm thinking of doing a scan before replacing, saving the correct variation of 50 53 68 A0 EE xx xx and use that saved value on the[DISABLE] portion ...
[/img]
EDIT:
this worked
Code: | --Fetch result
local addr=scan.Result;
print(string.format("found addr %x", addr));
|
Code: | local zbytes ={}; local str ="";
zbytes = readBytes(addr,7,true);
for i=1,#zbytes
do
str = string.format("%s%x ",str,zbytes[i]);
end
print(string.format("found addr %x %s", addr, str )); |
gives
Code: | found addr 325693 50 53 68 a0 ee 8e 0 |
now I need to find an easier way to save this byte array and write it back on disable
EDIT2:
this post by Zanzer seems to cover/solve exactly my bigger issue and does it without Lua
https://www.cheatengine.org/forum/viewtopic.php?t=583935&sid=6a37b87e8d272b38c4797a7bd56e1e8d
https://wiki.cheatengine.org/index.php?title=Auto_Assembler:readMem
EDIT3
what I ended up using:
saved the original bytes in the code memory area AFTER the jmp return
(its not there to be executed. its there to plug back on [disable])
Code: |
...
label(bytes_save)
registersymbol(bytes_save)
...
code:
...
push eax // orig // Lvl
// push ebx // orig // addr Name ?
lea eax, [myBigString2]
push eax
push StarTradersFrontiersMods.exe+6BEEA0 // orig "%s Level %d)"
jmp return
bytes_save:
readmem(UI_CCbt_Monster_Name,7)
UI_CCbt_Monster_Name:
jmp newmem
nop 2
return:
registersymbol(UI_CCbt_Monster_Name)
[DISABLE]
UI_CCbt_Monster_Name:
readmem(bytes_save,7)
...
unregisterSymbol(bytes_save)
...
|
|
|