Hollow Knight Script Issue

Memory scanning, code injection, debugger internals and other gamemodding related discussion
Post Reply
User avatar
Kalas
Expert Cheater
Expert Cheater
Posts: 130
Joined: Fri Mar 03, 2017 9:49 am
Reputation: 6

Hollow Knight Script Issue

Post by Kalas » Tue Mar 07, 2017 9:47 pm

So I made a script, doesn't really matter the code inside, a code that's simply nop the Health.

But my issue is when I restart my game the script is not working, what could cause that, I'm using an aobScan template on my Script, does anyone know?

FreeER
Novice Cheater
Novice Cheater
Posts: 17
Joined: Fri Mar 10, 2017 7:11 pm
Reputation: 0
Contact:

Re: Hollow Knight Script Issue

Post by FreeER » Fri Mar 10, 2017 7:18 pm

If it uses Just-In-Time aka JIT code (C#/Unity almost always does) then you may have to get hit before the game actually loads the code that you want to change, and of course you can't change it until it is loaded.

There might be a way to use CE's mono features to force load the function at the start and then modify it, but I honestly don't know what CE allows you to do very well when it comes to that...

panraven
Noobzor
Noobzor
Posts: 12
Joined: Fri Mar 03, 2017 12:03 am
Reputation: 2

Re: Hollow Knight Script Issue

Post by panraven » Fri Mar 10, 2017 8:20 pm

If it is a mono game, the function if its class name, function name, and may be its namespace name known, it can be force compiled by CE by referencing the said function's symbolic form in AA or Lua script, as FreeER said.

eg a function TakeDamage at the class HeroController,
the symbolic form is : HeroController:TakeDamage
in AA, this can be force compiled the said function like:

Code: Select all

useMono() //     -- activate CE Mono Feature, Lua equipvaent : LaunchMonoDataCollector()
assert("HeroController:TakeDamage",55) //  <- the bytes should check at the actual address
The symbolic "HeroController:TakeDamage" is actually the address of starting address of the function, usually in 32bit game, it is a push ebp, which is 55 in hex.

Next time located the script address, try activate mono feature (by menu MONO/activate etc.), note the function name show in disassembler, so that next time yet the function can be force compiled like above script~

User avatar
++METHOS
Administration
Administration
Posts: 152
Joined: Thu Mar 02, 2017 9:02 pm
Reputation: 16

Re: Hollow Knight Script Issue

Post by ++METHOS » Sat Mar 11, 2017 4:00 am

Be sure to make use of wildcard variables in your AOB signature to account for any dynamic bytes. You also want to ensure that the signature is still unique on subsequent runs.

Post Reply

Who is online

Users browsing this forum: No registered users