 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
zuheltzer
How do I cheat?
![]() Reputation: 0
Joined: 28 Oct 2023
Posts: 4
|
 Posted: Sat Oct 28, 2023 10:50 am Post subject: CE game tutorial and auto assemble script questions |
 |
|
So I'm trying to learn more about assembly and auto-assemble by writing more advanced scripts. I've been able to accomplish most of what I could think of, but I'm on the last goal I have for the cheat engine game tutorial.
I want to make it so the character's position is set to the mouse location in the game, and my questions are related to that.
The mouse positions seem to be stored as a 4-byte integer that ranges from a value of about 0 to 1,200, and the player's position is stored as a float ranging from -1.00000000000 to +1.00000000000. I also believe I've found the part of the code that moves a value into the address that sets the player's position.
My questions are
1: How do I fetch the value from the mouse address for the auto-assemble script?
Would it just be ["gtutorial-i386.exe"+1F71C0+234]? Would that be the proper formatting?
2: How do I convert the 4-byte integer to a float that would correlate to the character's position in the game?
3: Unrelated, but if I wanted to just write a float value in auto assemble like add eax, -0.8 would the correct way to do this just write out the value in hex, like 0xbf4ccccd? How do I differentiate between values and addresses in auto-assemble? Looking through other people's scripts I saw you can use (float)value to write a floating value but is that still a preferred method? |
|
| Back to top |
|
 |
Famine
Cheater
![]() Reputation: 0
Joined: 23 Oct 2023
Posts: 27
Location: A club where people wee on each other.
|
| Posted: Sat Oct 28, 2023 8:25 pm Post subject: Re: CE game tutorial and auto assemble script questions |
|
|
| zuheltzer wrote: | So I'm trying to learn more about assembly and auto-assemble by writing more advanced scripts. I've been able to accomplish most of what I could think of, but I'm on the last goal I have for the cheat engine game tutorial.
I want to make it so the character's position is set to the mouse location in the game, and my questions are related to that.
The mouse positions seem to be stored as a 4-byte integer that ranges from a value of about 0 to 1,200, and the player's position is stored as a float ranging from -1.00000000000 to +1.00000000000. I also believe I've found the part of the code that moves a value into the address that sets the player's position.
My questions are
1: How do I fetch the value from the mouse address for the auto-assemble script?
Would it just be ["gtutorial-i386.exe"+1F71C0+234]? Would that be the proper formatting?
2: How do I convert the 4-byte integer to a float that would correlate to the character's position in the game?
3: Unrelated, but if I wanted to just write a float value in auto assemble like add eax, -0.8 would the correct way to do this just write out the value in hex, like 0xbf4ccccd? How do I differentiate between values and addresses in auto-assemble? Looking through other people's scripts I saw you can use (float)value to write a floating value but is that still a preferred method? |
1. To fetch the value from the mouse address in an auto-assemble script, you need to specify the address correctly. The address you provided, ["gtutorial-i386.exe"+1F71C0+234], looks fine, assuming it points to the correct memory location where the mouse position is stored.
| Code: | [ENABLE]
alloc(mousePos, 4)
registersymbol(mousePos)
gtutorial-i386.exe+1F71C0+234:
// Copy the value at this address to our allocated variable
dd mousePos
[DISABLE]
dealloc(mousePos)
|
2.To convert the 4-byte integer representing the mouse position to a float, you can use Cheat Engine's readFloat function. Assuming you've stored the mouse position in the mousePos variable: | Code: | [ENABLE]
alloc(mousePos, 4)
registersymbol(mousePos)
gtutorial-i386.exe+1F71C0+234:
dd mousePos
// Convert the 4-byte integer to a float and store it in a different variable
newmem:
mov eax, [mousePos]
call ConvertIntegerToFloat // Your conversion routine
movss [playerPosition], xmm0
[DISABLE]
dealloc(mousePos)
|
You would need to implement the ConvertIntegerToFloat function in your script, which takes the integer value in EAX and returns the float in XMM0.
3.To write a float value in auto-assemble, you can use the following syntax: | Code: | [ENABLE]
// Write a float value to an address
alloc(newFloat, 4)
newFloat:
dd 0x3F4CCCCD // This is the hexadecimal representation of -0.8 as a float
...
// Writing the float value to an address
playerPosition:
dd newFloat
[DISABLE]
dealloc(newFloat)
|
In this example, we allocate a 4-byte variable newFloat, which is used to store the float value you want to write. You can then reference newFloat to set the player's position.
The (float)value syntax is used for reading floating-point values from addresses. When writing values, you typically use hexadecimal notation or specify them directly as floating-point constants like in the example above. |
|
| Back to top |
|
|
zuheltzer
How do I cheat?
![]() Reputation: 0
Joined: 28 Oct 2023
Posts: 4
|
| Posted: Sun Oct 29, 2023 12:27 pm Post subject: |
|
|
First, thanks for the extremely helpful reply!
This is how far I've gotten writing a script hoping to accomplish my goal... If you have a suggestion on resources that cover this specific part of auto assemble that would be great so I don't have to bother with questions I'm sure have been answered
updated code, it compiles but immediately crashes the game.
| Code: | [ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
alloc(mousePos,4) //creating memory for variable
gtutorial-i386.exe+1F71C0+234:
dd mousePos {declaring mousePos
with value from mouse position y address}
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
myMathOperation:
push ebp
mov ebp, esp
fld qword ptr [ebp+8] // Load the value x from the stack
fild dword ptr [500] // Load the divisor 500 as an integer
fdiv dword ptr [500] // Divide x by 500
fmul qword ptr [2] // Multiply the result by 2
fsub qword ptr [1] // Subtract 1
fstp qword ptr [ebp+8] // Store the result back on the stack
pop ebp
ret
mov [edx+20], mousePos
push [edx+20]
call myMathOperation
jmp exit
originalcode:
mov [edx+20],eax
exit:
fldz
jmp returnhere
"gtutorial-i386.exe"+3C472:
jmp newmem
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
dealloc(mousePos) //destroying memory position
"gtutorial-i386.exe"+3C472:
db 89 42 20 D9 EE
//mov [edx+20],eax
//fldz |
|
|
| Back to top |
|
|
ParkourPenguin
I post too much
 Reputation: 150
Joined: 06 Jul 2014
Posts: 4652
|
| Posted: Sun Oct 29, 2023 4:34 pm Post subject: |
|
|
| Quote: | | gtutorial-i386.exe+1F71C0+234 |
This is just gtutorial-i386.exe+1F73F4; you probably meant [gtutorial-i386.exe+1F71C0]+234
You'd need to get that value at runtime anyway. There's no point doing it only once when the script is assembled.
Both the mouse position and the player's location have two coordinates associated with them: an x and a y. Changing a single value won't affect the other.
You also need to take into account the window's size for the mouse position.
`jmp newmem` jumps to newmem. At newmem is the function `myMathOperation`. This is effectively a tail call to that function- something you surely don't want to be doing.
`fild dword ptr [500]` - square brackets = addresses. This doesn't load "500"; it tries to read the value at the address 0x500 and segfaults.
In order to do this "correctly," you'd hook some mouseMove event (ultimap or code filter; may get lucky w/ threadstack mouse values), get the mouse's location in the window (probably need some API call), transform it to the game's coordinate system (need window's size; an API call is probably more appropriate than pointers), and write it to the player's position (use pointers here).
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
zuheltzer
How do I cheat?
![]() Reputation: 0
Joined: 28 Oct 2023
Posts: 4
|
| Posted: Sun Oct 29, 2023 4:50 pm Post subject: |
|
|
That's unfortunate, I figured I could accomplish this within the assemble script. I'm also still trying to figure out the proper syntax for auto assemble.
as for the jmp newmem that was an error I put in by mistake.
I thought that on the point where the game sets the value for the player's position instead of the position it should normally be I would set the player's y position to the mouse's modified y position. Is there a reason why that wouldn't work?
How do I divide by 500 properly and use the correct opcode formatting?
I was only trying to update the y axis of the character's position for now as I figured I could do pretty much the same thing for the x axis afterwards. I also know I need the min and max boundary of the window to get an accurate conversation for a proper floating point value to convert for later. I'd also have to remove the "gravity/downward velocity" for the character later for an even cleaner version. I figured if the character was flying around some what close enough to the mouse I'd be happy enough. |
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Sun Oct 29, 2023 5:10 pm Post subject: |
|
|
| ParkourPenguin wrote: | | You also need to take into account the window's size for the mouse position. |
-Yes.
And you would need to be able to convert the mouse position (screen) coordinates so that they are relative to character (in-game) coordinates, which may not be easy, especially since they can change, depending on screen size.
In my opinion, instead of using mouse coordinates to determine character coordinates, it would be easier to simply use the mouse coordinates as a driver. For example, when mouse X increases, character X increases and so forth, in lieu of having them match. It wouldn't be ideal, though.
I think, there are probably better targets to practice such a script on, in order to accomplish the task of matching mouse with character coordinates.
In terms of the game tutorial, it would probably be easier to use the keyboard, and simply create a fly-mode script that will allow you to move the character, based on which keys are pressed etc.. It's the same thing as using the mouse as a driver, but it would be cleaner and easier to work with. |
|
| Back to top |
|
|
ParkourPenguin
I post too much
Reputation: 150
Joined: 06 Jul 2014
Posts: 4652
|
| Posted: Sun Oct 29, 2023 7:40 pm Post subject: |
|
|
| zuheltzer wrote: | | I figured I could accomplish this within the assemble script. |
Such an auto assembler script will be more complicated than you expected it to be. It's still possible.
| zuheltzer wrote: | I thought that on the point where the game sets the value for the player's position instead of the position it should normally be I would set the player's y position to the mouse's modified y position. Is there a reason why that wouldn't work?
|
That would work if you also changed the player's x position. However, saying it is a lot easier than actually doing it.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
zuheltzer
How do I cheat?
![]() Reputation: 0
Joined: 28 Oct 2023
Posts: 4
|
| Posted: Sun Oct 29, 2023 9:11 pm Post subject: |
|
|
I just want to say thanks again for the responses, and I've learned a lot already! For example I knew about recursion but this is my first time hearing what a tail call is.
I should add that I'm picking something harder to force me to learn more advanced scripting and assembly for the goal of creating hacks that are more "creative". I know I could add in a hotkey that increases the Y position in the cheat engine every time I press the spacebar and create a "fly-hack," but then I wouldn't advance with assembly, and that's kind of my goal. If I'm only changing a single axis and not getting a fully mapped 1 to 1 mouse flying hack for the character, and it's off center, I'm also fine with that for now. I have a really poor understanding of what registers/flags actually do because I could just get away with treating them as if they're unspecialized temporary CPU caches that aren't much different than addresses. I also have no idea when and how to manage registers/flags without it crashing my program or knowing when they'll be updated properly.
Would it really just be a way better method to create a program in a higher-level language that just manipulates these values the way I want and hooks into the program? |
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Sun Oct 29, 2023 9:49 pm Post subject: |
|
|
| zuheltzer wrote: | | If I'm only changing a single axis and not getting a fully mapped 1 to 1 mouse flying hack for the character, and it's off center, I'm also fine with that for now. |
-You can create a script that will respond to both axes easily enough. You can do this with assembly. I think that the difficult part will be trying to figure out how the two coordinate systems are related and then performing the necessary calculations and conversions.
As mentioned, probably easier said than done. But I think that it should be doable so long as a relationship can be found between the two coordinate systems and it remains consistent.
Otherwise, as mentioned, you can create a script that will use the mouse coordinates as a guiding system, where when the mouse X coordinate increases, then the character X coordinate increases and so forth. Not as sophisticated, though.
Last edited by ++METHOS on Sun Oct 29, 2023 9:52 pm; edited 1 time in total |
|
| Back to top |
|
|
ParkourPenguin
I post too much
Reputation: 150
Joined: 06 Jul 2014
Posts: 4652
|
| Posted: Sun Oct 29, 2023 9:51 pm Post subject: |
|
|
| zuheltzer wrote: | | Would it really just be a way better method to create a program in a higher-level language that just manipulates these values the way I want and hooks into the program? |
No. It's "easy" to do what you want in assembly, as long as you know assembly. The hard part is getting the information to do it- i.e. window size, mouse position, and address of / pointer to character position. Doing that in another language is only easier if you're more familiar with that other language than you are with assembly.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
