Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


[Help]Translate AA script to C++

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
7urtle
How do I cheat?
Reputation: 0

Joined: 15 Feb 2024
Posts: 2

PostPosted: Thu Feb 15, 2024 4:38 am    Post subject: [Help]Translate AA script to C++ Reply with quote

Hi and I am trying to rewrite an AA script into a Cpp.
I am currently using writeProcessMemroy to directly writing opcodes into memorys. For most of the script it works well(a bit boring and tired though) but for below kind of script, how can I implement the same functionality in C++? (acceptable if need to learn inline asm or anything to reduce workload)

script :


Code:

alloc(newmem,$1000)
label(max)
newmem:
  cmp [esi-C],40AF4000
  jne check2
  movq xmm1,[max]
  movsd [esi],xmm1
  jmp "games.exe"+1E124
  jmp return


max:
  dq (double)4000



I am specifically talking about

"movq xmm1,[max]" and "max : dq (double)4000 " part of the script
The address of max changed every time so you can't just copy the opcodes.

I've come up with an idea of virtualalloc a new memory for max.....but in the script it has 6 different "max1 to max6" value so it will be so complicated and tired.
Is there any easier ways?
Thanks in advance Very Happy I am newbie to CE and sorry for my English

_________________
I came and i died.
Back to top
View user's profile Send private message
ParkourPenguin
I post too much
Reputation: 140

Joined: 06 Jul 2014
Posts: 4299

PostPosted: Thu Feb 15, 2024 11:22 am    Post subject: Reply with quote

If that's a 32-bit process, you just need to specify the literal address as a 32-bit offset.
For 64-bit processes, you'd have to worry about RIP-relative addressing.

`dq (double)4000` just writes the double value 4000 into memory at that address.

Steps:
  1. Allocate a page of memory
  2. Write the double value 4000 somewhere later on in that memory (e.g. newmem+0x800)
  3. Start writing the machine code (i.e. bytes) of your injected code
  4. When you get partway through `movq xmm1,[max]` (i.e. F3 0F 7E 0D ?? ?? ?? ??), write the 4-byte address of the double value in place of the 32-bit displacement
  5. Write the rest of the machine code
  6. Write the jmp to your code at the injection point

You can put more values later on in memory too. Just don't overlap them. Doubles take up 8 bytes, so if you write a double to newmem+0x800, the next value could go at newmem+0x808.

_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
7urtle
How do I cheat?
Reputation: 0

Joined: 15 Feb 2024
Posts: 2

PostPosted: Fri Feb 16, 2024 4:41 am    Post subject: Reply with quote

ParkourPenguin wrote:
If that's a 32-bit process, you just need to specify the literal address as a 32-bit offset.
For 64-bit processes, you'd have to worry about RIP-relative addressing.

`dq (double)4000` just writes the double value 4000 into memory at that address.

Steps:
  1. Allocate a page of memory
  2. Write the double value 4000 somewhere later on in that memory (e.g. newmem+0x800)
  3. Start writing the machine code (i.e. bytes) of your injected code
  4. When you get partway through `movq xmm1,[max]` (i.e. F3 0F 7E 0D ?? ?? ?? ??), write the 4-byte address of the double value in place of the 32-bit displacement
  5. Write the rest of the machine code
  6. Write the jmp to your code at the injection point

You can put more values later on in memory too. Just don't overlap them. Doubles take up 8 bytes, so if you write a double to newmem+0x800, the next value could go at newmem+0x808.


Thank you for your help! Still debugging my code but I managed to do what you said Smile

_________________
I came and i died.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites