Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


lengh 128 string can use in Compare in share code?

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
etioplmld
Advanced Cheater
Reputation: 0

Joined: 09 Feb 2021
Posts: 72

PostPosted: Mon Sep 05, 2022 9:14 pm    Post subject: lengh 128 string can use in Compare in share code? Reply with quote

Got a result with address analysis,a string lengh 128 is c# function access address variable name,how use it to Compare

to deal with share code?



cmp.jpg
 Description:
 Filesize:  117.77 KB
 Viewed:  1422 Time(s)

cmp.jpg


Back to top
View user's profile Send private message
ParkourPenguin
I post too much
Reputation: 138

Joined: 06 Jul 2014
Posts: 4275

PostPosted: Mon Sep 05, 2022 10:11 pm    Post subject: Reply with quote

Invoke a strncmp routine or make your own. Be weary of small string optimizations.

Example in step 9 of the CE tutorial:
Code:
define(address,"Tutorial-x86_64.exe"+2F25D)
define(bytes,F3 0F 11 43 08)

[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,"Tutorial-x86_64.exe"+2F25D)
label(return)

{$c}
#include <string.h>

struct Player {
  void *vtable;
  float health;
  char unknown1[8];
  int  team;
  unsigned char name_length;
  char name[12]; // unknown max length...
};

int is_good_player(const struct Player *addr) {
  const char *name = addr->name;
  const size_t sz = addr->name_length;
  return strncmp(name, "Dave", sz) == 0 || strncmp(name, "Eric", sz) == 0;
}
{$asm}

newmem:
{$ccode addr=rbx newval=xmm0.0F}
struct Player *p = (struct Player *)addr;
if (is_good_player(p))
  newval = p->health;
{$asm}
  movss [rbx+08],xmm0
  jmp return

address:
  jmp newmem
return:

[DISABLE]

address:
  db bytes
  // movss [rbx+08],xmm0

dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: Tutorial-x86_64.exe+2F25D

Tutorial-x86_64.exe+2F233: E9 97 00 00 00           - jmp Tutorial-x86_64.exe+2F2CF
Tutorial-x86_64.exe+2F238: F3 0F 2A C6              - cvtsi2ss xmm0,esi
Tutorial-x86_64.exe+2F23C: F3 0F 10 4B 08           - movss xmm1,[rbx+08]
Tutorial-x86_64.exe+2F241: F3 0F 5C C8              - subss xmm1,xmm0
Tutorial-x86_64.exe+2F245: 0F 2F 0D 8C 87 20 00     - comiss xmm1,[Tutorial-x86_64.exe+2379D8]
Tutorial-x86_64.exe+2F24C: 7A 0C                    - jp Tutorial-x86_64.exe+2F25A
Tutorial-x86_64.exe+2F24E: 73 0A                    - jae Tutorial-x86_64.exe+2F25A
Tutorial-x86_64.exe+2F250: F3 0F 10 05 80 87 20 00  - movss xmm0,[Tutorial-x86_64.exe+2379D8]
Tutorial-x86_64.exe+2F258: EB 03                    - jmp Tutorial-x86_64.exe+2F25D
Tutorial-x86_64.exe+2F25A: 0F 28 C1                 - movaps xmm0,xmm1
// ---------- INJECTING HERE ----------
Tutorial-x86_64.exe+2F25D: F3 0F 11 43 08           - movss [rbx+08],xmm0
// ---------- DONE INJECTING  ----------
Tutorial-x86_64.exe+2F262: 0F 2F 05 6F 87 20 00     - comiss xmm0,[Tutorial-x86_64.exe+2379D8]
Tutorial-x86_64.exe+2F269: 7A 14                    - jp Tutorial-x86_64.exe+2F27F
Tutorial-x86_64.exe+2F26B: 75 12                    - jne Tutorial-x86_64.exe+2F27F
Tutorial-x86_64.exe+2F26D: 48 8B 4B 60              - mov rcx,[rbx+60]
Tutorial-x86_64.exe+2F271: 48 8B 15 C0 B9 18 00     - mov rdx,[Tutorial-x86_64.exe+1BAC38]
Tutorial-x86_64.exe+2F278: E8 E3 D7 07 00           - call Tutorial-x86_64.exe+ACA60
Tutorial-x86_64.exe+2F27D: EB 42                    - jmp Tutorial-x86_64.exe+2F2C1
Tutorial-x86_64.exe+2F27F: F3 0F 10 4B 08           - movss xmm1,[rbx+08]
Tutorial-x86_64.exe+2F284: 48 8D 4D E0              - lea rcx,[rbp-20]
Tutorial-x86_64.exe+2F288: E8 63 BD 01 00           - call Tutorial-x86_64.exe+4AFF0
}
(I still don't fully understand {$c} / {$ccode}, there might be mistakes)
_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
etioplmld
Advanced Cheater
Reputation: 0

Joined: 09 Feb 2021
Posts: 72

PostPosted: Thu Sep 08, 2022 12:51 am    Post subject: Reply with quote

The code seems to be tested, Replication cannot be activated,display a compilation error 。

Is it caused by ce settings?



cmp2.jpg
 Description:
 Filesize:  120.4 KB
 Viewed:  1249 Time(s)

cmp2.jpg


Back to top
View user's profile Send private message
ParkourPenguin
I post too much
Reputation: 138

Joined: 06 Jul 2014
Posts: 4275

PostPosted: Thu Sep 08, 2022 10:39 am    Post subject: Reply with quote

I'm not sure. Copy / pasting it works fine for me.

Those symbols should be in ucrtbase.dll. Try going to the address "_strnicmp" in the disassembler. If that fails, see if ucrtbase.dll is even loaded in that process (Memory Viewer -> View -> Enumerate DLLs and symbols)

If it's not loaded, do you even have the dll on your system? Should be in system32

_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
etioplmld
Advanced Cheater
Reputation: 0

Joined: 09 Feb 2021
Posts: 72

PostPosted: Thu Sep 08, 2022 8:43 pm    Post subject: Reply with quote

There is this dll in the system,but ce doesn't load it,Is it a mysterious bug?

00400000 - cheatengine-x86_64.exe
77360000 - ntdll.dll
77240000 - kernel32.dll
7FEFD1D0000 - KERNELBASE.dll
7FEFDAE0000 - oleaut32.dll
7FEFDF20000 - ole32.dll
7FEFF5A0000 - msvcrt.dll
7FEFE240000 - GDI32.dll
77140000 - USER32.dll
7FEFDA40000 - LPK.dll
7FEFF2F0000 - USP10.dll
7FEFF1C0000 - RPCRT4.dll
7FEFE2B0000 - advapi32.dll
7FEFDF00000 - sechost.dll
7FEFC250000 - version.dll
7FEFE390000 - shell32.dll
7FEFDA50000 - SHLWAPI.dll
7FEE2370000 - opengl32.dll
7FEE2340000 - GLU32.dll
7FEE2240000 - DDRAW.dll
7FEE2230000 - DCIMAN32.dll
7FEFF3C0000 - SETUPAPI.dll
7FEFD2B0000 - CFGMGR32.dll
7FEFD520000 - DEVOBJ.dll
7FEFC200000 - dwmapi.dll
7FEFBD00000 - comctl32.dll
7FEFF120000 - comdlg32.dll
7FEFD7F0000 - ws2_32.dll
7FEFDAD0000 - NSI.dll
7FED17D0000 - wsock32.dll
7FEFDE80000 - imagehlp.dll
7FEFBB20000 - uxtheme.dll
77530000 - psapi.dll
7FECC600000 - hhctrl.ocx
7FEFF640000 - imm32.dll
7FEFE130000 - MSCTF.dll
7FED3F90000 - lua53-64.dll
7FEFDC40000 - wininet.dll
7FEFD290000 - api-ms-win-downlevel-user32-l1-1-0.dll
7FEFD280000 - api-ms-win-downlevel-shlwapi-l1-1-0.dll
7FEFD1C0000 - api-ms-win-downlevel-version-l1-1-0.dll
7FEFD470000 - api-ms-win-downlevel-normaliz-l1-1-0.dll
77520000 - normaliz.DLL
7FEFD540000 - iertutil.dll
7FEFD2A0000 - api-ms-win-downlevel-advapi32-l1-1-0.dll
7FEFC1F0000 - api-ms-win-core-synch-l1-2-0.DLL
7FEFB150000 - msimg32.dll
7FEFD040000 - CRYPTBASE.dll
7FED3E50000 - tcc64-32.dll
7FED24F0000 - tcc64-64.dll
7FEFD9A0000 - CLBCatQ.DLL
7FEF9450000 - explorerframe.dll
7FEFB7B0000 - DUser.dll
7FEFB800000 - DUI70.dll
7FED3F80000 - shfolder.dll
7FEFD110000 - profapi.dll
7FEFBB80000 - propsys.dll
7FEFAF80000 - ntmarta.dll
7FEFDEA0000 - WLDAP32.dll
7FECB5F0000 - dbghelp.dll
00320000 - Xinput1_3.dll
7FEFD240000 - WINTRUST.dll
7FEFD2F0000 - CRYPT32.dll
7FEFD1B0000 - MSASN1.dll
7FED3E20000 - lfs.dll
7FECB4A0000 - sqlite3.dll
----------------------------------

100000000 - Tutorial-x86_64.exe
77360000 - ntdll.dll
77240000 - kernel32.dll
7FEFD1D0000 - KERNELBASE.dll
7FEFDAE0000 - oleaut32.dll
7FEFDF20000 - ole32.dll
7FEFF5A0000 - msvcrt.dll
7FEFE240000 - GDI32.dll
77140000 - USER32.dll
7FEFDA40000 - LPK.dll
7FEFF2F0000 - USP10.dll
7FEFF1C0000 - RPCRT4.dll
7FEFE2B0000 - advapi32.dll
7FEFDF00000 - sechost.dll
7FEFC250000 - version.dll
7FEFE390000 - shell32.dll
7FEFDA50000 - SHLWAPI.dll
7FEFBD00000 - comctl32.dll
7FEFBB20000 - uxtheme.dll
7FEFF640000 - IMM32.DLL
7FEFE130000 - MSCTF.dll
7FEFB150000 - msimg32.dll
7FEFD040000 - CRYPTBASE.dll
7FEFC200000 - dwmapi.dll



dll.JPG
 Description:
 Filesize:  15.16 KB
 Viewed:  1178 Time(s)

dll.JPG


Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Fri Sep 09, 2022 3:30 am    Post subject: Reply with quote

you can always add the command
Code:

loadlibrary(ucrtbase.dll)

to the autoassembler

including string.h requires all the other string functions to be present as well. But if you only want strncmp then you can just use the one provided by ntdll.dll


replace
Code:

#include <string.h>

with
Code:

typedef long size_t;
int strncmp(char *a, char *b, size_t size);

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
etioplmld
Advanced Cheater
Reputation: 0

Joined: 09 Feb 2021
Posts: 72

PostPosted: Fri Sep 09, 2022 10:24 am    Post subject: Reply with quote

Code for a pointer, got it from someone else,although it doesn't work, it doesn't give an error, maybe someone who familiar with c language can use it.

Code:

alloc(gravity,8)
registersymbol(gravity)

{$c}
typedef long size_t;
int strncmp(char *a, char *b, size_t size);
struct Player {
  char unknown1[0x10];
  struct {
    char unknown2[0x14];
    char name[sizeof("DEFAULT_GRAVITY_MAXVEL")];
  }* info;
};

int is_good_player(const struct Player* addr) {
  const char* name = (void*) addr->info->name;
  return strcmp(name,"DEFAULT_GRAVITY_MAXVEL") == 0;
}
{$asm}

newmem:

{$ccode addr=rsi gravity=gravity}
struct Player* p = (struct Player *)addr;
if (is_good_player(p)) *(void**)gravity = (void*) addr;
{$asm}



someone made a verified ringt {$c} register pointer code example :

Code:

register a symbol

{$c}
extern int MesssgeBoxA(int,char*,char*,int); //for the author's hobby
extern void cheat7_store() //put a {$asm} symbol to {$c} {$ccode}

{$asm}
{$ccode  refR15=r15  }
long long *adr1=cheat7_store
*adr1=refR15;


Code:

call shlwapi.StrStrIA

is Call system functions,if game load this system dll,the call can be use in aascript.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites