Save register address to a variable in Auto Assemble to revert the values when disabling

Memory scanning, code injection, debugger internals and other gamemodding related discussion
Post Reply
mdnpascual
What is cheating?
What is cheating?
Posts: 4
Joined: Mon Jan 22, 2018 11:27 am
Reputation: 0

Save register address to a variable in Auto Assemble to revert the values when disabling

Post by mdnpascual » Mon Jan 22, 2018 12:08 pm

How do I get a register address in auto assemble to a variable so I can properly revert the values I've modified?

I have a code that looks like these:

Code: Select all

code:
code:
  mov [edi+40], 0x3c23d70a  //orig: 0.4
  mov [edi+50], 0x41400000  //orig: 6
  fstp dword ptr [edi+60]
  mov [edi+60], 0 //orig: 1.6
  fld dword ptr [edi+60]
  lea eax,[ebp-00000160]
  jmp return
The original auto assembled one was only meant to change [edi+60], but since I found found some relevant values around [edi+60], I also modified them here.

How do I store the value of [edi] so I can disable the cheat properly by reverting those values previously(edi+40 and +50)?

User avatar
Blayde
Expert Cheater
Expert Cheater
Posts: 229
Joined: Fri Aug 25, 2017 2:37 pm
Reputation: 39
Contact:

Re: Save register address to a variable in Auto Assemble to revert the values when disabling

Post by Blayde » Mon Jan 22, 2018 1:59 pm

mdnpascual wrote:
Mon Jan 22, 2018 12:08 pm
How do I store the value of [edi] so I can disable the cheat properly by reverting those values previously(edi+40 and +50)?
Can you post your script with original values ?
You can also just find poiter to [edi+40].

mdnpascual
What is cheating?
What is cheating?
Posts: 4
Joined: Mon Jan 22, 2018 11:27 am
Reputation: 0

Re: Save register address to a variable in Auto Assemble to revert the values when disabling

Post by mdnpascual » Mon Jan 22, 2018 2:19 pm

I found a thread on the old cheat engine forums where apparently I can create a variable dynamically and use it as long I allocate memory for it. I removed all but one address where I want to revert its value but when I tried it, it still won't disable
Blayde wrote:
Mon Jan 22, 2018 1:59 pm
mdnpascual wrote:
Mon Jan 22, 2018 12:08 pm
How do I store the value of [edi] so I can disable the cheat properly by reverting those values previously(edi+40 and +50)?
Can you post your script with original values ?

Code: Select all

[ENABLE]

registersymbol(edipointer)

aobscan(AccANDrange,D9 47 60 8D 85 A0 FE FF FF 83 EC 04 D9 1C 24 83 EC 08) // should be unique
alloc(newmem,$2048)
alloc(edipointer,$4)

label(code)
label(return)

newmem:

code:
  mov [edipointer],edi
  ////////
  mov [edi+50], 0x41400000  //orig: 6
  mov [edi+60], 0 //orig 1.6
  fld dword ptr [edi+60]
  lea eax,[ebp-00000160]
  jmp return

AccANDrange:
  jmp newmem
  nop
  nop
  nop
  nop
return:
registersymbol(AccANDrange)

[DISABLE]

mov [edipointer+50], 0x40c00000
AccANDrange:

  db D9 47 60 8D 85 A0 FE FF FF


unregistersymbol(edipointer)
unregistersymbol(AccANDrange)
dealloc(newmem)
dealloc(edipointer)

{
// ORIGINAL CODE - INJECTION POINT: 1CDB45BD

""+1CDB4597: 89 08                          -  mov [eax],ecx
""+1CDB4599: 8B 8D DC FE FF FF              -  mov ecx,[ebp-00000124]
""+1CDB459F: 89 48 04                       -  mov [eax+04],ecx
""+1CDB45A2: 8B 8D E0 FE FF FF              -  mov ecx,[ebp-00000120]
""+1CDB45A8: 89 48 08                       -  mov [eax+08],ecx
""+1CDB45AB: 8D 85 E4 FE FF FF              -  lea eax,[ebp-0000011C]
""+1CDB45B1: 83 EC 0C                       -  sub esp,0C
""+1CDB45B4: 50                             -  push eax
""+1CDB45B5: E8 66 12 FF FF                 -  call 1CDA5820
""+1CDB45BA: 83 C4 0C                       -  add esp,0C
// ---------- INJECTING HERE ----------
""+1CDB45BD: D9 47 60                       -  fld dword ptr [edi+60]
""+1CDB45C0: 8D 85 A0 FE FF FF              -  lea eax,[ebp-00000160]
// ---------- DONE INJECTING  ----------
""+1CDB45C6: 83 EC 04                       -  sub esp,04
""+1CDB45C9: D9 1C 24                       -  fstp dword ptr [esp]
""+1CDB45CC: 83 EC 08                       -  sub esp,08
""+1CDB45CF: 8B 8D E4 FE FF FF              -  mov ecx,[ebp-0000011C]
""+1CDB45D5: 89 0C 24                       -  mov [esp],ecx
""+1CDB45D8: 8B 8D E8 FE FF FF              -  mov ecx,[ebp-00000118]
""+1CDB45DE: 89 4C 24 04                    -  mov [esp+04],ecx
""+1CDB45E2: 50                             -  push eax
""+1CDB45E3: E8 A8 C2 85 E9                 -  call 06610890
""+1CDB45E8: 83 C4 0C                       -  add esp,0C
}

User avatar
Blayde
Expert Cheater
Expert Cheater
Posts: 229
Joined: Fri Aug 25, 2017 2:37 pm
Reputation: 39
Contact:

Re: Save register address to a variable in Auto Assemble to revert the values when disabling

Post by Blayde » Mon Jan 22, 2018 2:28 pm

I'm not sure if this will work. :?
If you find pointer to "original value 0.4" (mov [edi+40], 0x3c23d70a //orig: 0.4) i think i can help you.
Btw is this (0.4) the same every time you start/restart the game ?

mdnpascual
What is cheating?
What is cheating?
Posts: 4
Joined: Mon Jan 22, 2018 11:27 am
Reputation: 0

Re: Save register address to a variable in Auto Assemble to revert the values when disabling

Post by mdnpascual » Mon Jan 22, 2018 2:47 pm

ye, those values are always the same. It's just different addresses and same offset against edi found on that aobscan

User avatar
Blayde
Expert Cheater
Expert Cheater
Posts: 229
Joined: Fri Aug 25, 2017 2:37 pm
Reputation: 39
Contact:

Re: Save register address to a variable in Auto Assemble to revert the values when disabling

Post by Blayde » Mon Jan 22, 2018 2:53 pm

Ok. Now search for this value (0.4) and find pointer to it (instead of what writes).

User avatar
TheyCallMeTim13
Fearless Donors
Fearless Donors
Posts: 139
Joined: Fri Mar 03, 2017 12:31 am
Reputation: 21

Re: Save register address to a variable in Auto Assemble to revert the values when disabling

Post by TheyCallMeTim13 » Mon Jan 22, 2018 4:41 pm

You could use readMem for this.
Example:

Code: Select all

define(oldBytes, 5C 0A 00 00)
	// 00000A64
		// mov edx,[ecx+00000A5C]
define(newBytes, 60 0A 00 00)
	// 00000A60
		// mov edx,[ecx+00000A60]
define(byteLenght, 4)
////
//// ------------------------------ ENABLE ------------------------------
[ENABLE]
aobScanModule(aobManaChargeHook, game.exe, ...)
define(injManaChargeHook, aobManaChargeHook+12)
registerSymbol(injManaChargeHook)

alloc(memManaChargeHook, byteLenght)
registerSymbol(memManaChargeHook)

memManaChargeHook:
	readMem(injManaChargeHook, byteLenght) // save the bytes some where for later.

////
//// ---------- Injection Point ----------
injManaChargeHook:
	db newBytes // write new bytes for hook.


////
//// ------------------------------ DISABLE ------------------------------
[DISABLE]
////
//// ---------- Injection Point ----------
injManaChargeHook:
	readMem(memManaChargeHook, byteLenght) // restore old bytes that where saved.

dealloc(memManaChargeHook)
unregisterSymbol(injManaChargeHook)
unregisterSymbol(memManaChargeHook)
Just change the address from injection points to the values address and set the byte length to the size of your values.

EDIT:
Or you could use a luaCall for this:

Code: Select all

...
[DISABLE]
...
luaCall(readInteger('[SomeSymbolToTheValue]', writeInteger('[SomeSymbolItWasSavedTo]')))
Or for a float:

Code: Select all

...
[DISABLE]
...
luaCall(readFloat('[SomeSymbolToTheValue]', writeFloat('[SomeSymbolItWasSavedTo]')))
Just know that the Lua code will always run first in a Cheat Engine memory record.
Code Happy, Code Freely, Be Awesome.

sbryzl
Expert Cheater
Expert Cheater
Posts: 92
Joined: Sat Mar 04, 2017 4:47 am
Reputation: 19

Re: Save register address to a variable in Auto Assemble to revert the values when disabling

Post by sbryzl » Mon Jan 22, 2018 6:15 pm

If you don't know the original address you can record it within your codecave.

Code: Select all

[ENABLE]

label(edipointer)
registersymbol(edipointer)

aobscan(AccANDrange,D9 47 60 8D 85 A0 FE FF FF 83 EC 04 D9 1C 24 83 EC 08)
registersymbol(AccANDrange)

alloc(newmem,$204)
//alloc(edipointer,$4)

label(code)
label(return)

newmem:
edipointer:
dq 0

code:
  mov [edipointer],edi
  mov [edipointer+4],1
  ////////
  mov [edi+50], 0x41400000  //orig: 6
  mov [edi+60], 0 //orig 1.6
  fld dword ptr [edi+60]
  lea eax,[ebp-00000160]
  jmp return

AccANDrange:
  jmp code
  nop
  nop
  nop
  nop
return:

[DISABLE]
assert(edipointer+4,1)

[edipointer]+50:
dd (float)6
[edipointer]+60:
dd (float)1.6

//mov [edipointer+50], 0x40c00000
AccANDrange:

  db D9 47 60 8D 85 A0 FE FF FF


unregistersymbol(edipointer)
unregistersymbol(AccANDrange)
dealloc(newmem)
edit: needed to comment this: mov [edipointer+50], 0x40c00000

User avatar
Blayde
Expert Cheater
Expert Cheater
Posts: 229
Joined: Fri Aug 25, 2017 2:37 pm
Reputation: 39
Contact:

Re: Save register address to a variable in Auto Assemble to revert the values when disabling

Post by Blayde » Mon Jan 22, 2018 8:57 pm

Why you gays read this?
Hi/she just need one timer. So?
STN please i just want ot help.
Can i just hack this gays ? (not misspelled)


Codecave?
Readmem?
Simple and stupid.

User avatar
TheyCallMeTim13
Fearless Donors
Fearless Donors
Posts: 139
Joined: Fri Mar 03, 2017 12:31 am
Reputation: 21

Re: Save register address to a variable in Auto Assemble to revert the values when disabling

Post by TheyCallMeTim13 » Mon Jan 22, 2018 9:52 pm

Blayde wrote:
Mon Jan 22, 2018 8:57 pm
Why you gays read this?
Hi/she just need one timer. So?
STN please i just want ot help.
Can i just hack this gays ? (not misspelled)
...
Are you sure, because with the miss use of the your singulars and plurals kinda make it seem like misspelling would make more sense?

So just to conform, you're just homophobic, not misspelling?
Code Happy, Code Freely, Be Awesome.

User avatar
Blayde
Expert Cheater
Expert Cheater
Posts: 229
Joined: Fri Aug 25, 2017 2:37 pm
Reputation: 39
Contact:

Re: Save register address to a variable in Auto Assemble to revert the values when disabling

Post by Blayde » Mon Jan 22, 2018 10:23 pm

TheyCallMeTim13 wrote:
Mon Jan 22, 2018 9:52 pm
Blayde wrote:
Mon Jan 22, 2018 8:57 pm
Why you gays read this?
Hi/she just need one timer. So?
STN please i just want ot help.
Can i just hack this gays ? (not misspelled)
...
Are you sure, because with the miss use of the your singulars and plurals kinda make it seem like misspelling would make more sense?

So just to conform, you're just homophobic, not misspelling?
Try your luck in trainer / table section if you are that smart sir. ;)
Peace

mdnpascual
What is cheating?
What is cheating?
Posts: 4
Joined: Mon Jan 22, 2018 11:27 am
Reputation: 0

Re: Save register address to a variable in Auto Assemble to revert the values when disabling

Post by mdnpascual » Mon Jan 22, 2018 10:53 pm

sbryzl wrote:
Mon Jan 22, 2018 6:15 pm
If you don't know the original address you can record it within your codecave.

Code: Select all

[ENABLE]

label(edipointer)
registersymbol(edipointer)

aobscan(AccANDrange,D9 47 60 8D 85 A0 FE FF FF 83 EC 04 D9 1C 24 83 EC 08)
registersymbol(AccANDrange)

alloc(newmem,$204)
//alloc(edipointer,$4)

label(code)
label(return)

newmem:
edipointer:
dq 0

code:
  mov [edipointer],edi
  mov [edipointer+4],1
  ////////
  mov [edi+50], 0x41400000  //orig: 6
  mov [edi+60], 0 //orig 1.6
  fld dword ptr [edi+60]
  lea eax,[ebp-00000160]
  jmp return

AccANDrange:
  jmp code
  nop
  nop
  nop
  nop
return:

[DISABLE]
assert(edipointer+4,1)

[edipointer]+50:
dd (float)6
[edipointer]+60:
dd (float)1.6

//mov [edipointer+50], 0x40c00000
AccANDrange:

  db D9 47 60 8D 85 A0 FE FF FF


unregistersymbol(edipointer)
unregistersymbol(AccANDrange)
dealloc(newmem)
edit: needed to comment this: mov [edipointer+50], 0x40c00000
At first I was wondering why the game was crashing at enable, then I noticed that the jmp was changed from newmem to code. Fixed the problem and it works for all the static values I'm changing! Thank you

User avatar
Blayde
Expert Cheater
Expert Cheater
Posts: 229
Joined: Fri Aug 25, 2017 2:37 pm
Reputation: 39
Contact:

Re: Save register address to a variable in Auto Assemble to revert the values when disabling

Post by Blayde » Mon Jan 22, 2018 11:16 pm

mdnpascual wrote:
Mon Jan 22, 2018 10:53 pm
..I noticed that the jmp was changed from newmem to code. .
Your code was ok (check your second post)
NEVER put new memory under newmem. You can, but it's not good decision. Ask the "professionals" why.

User avatar
TheyCallMeTim13
Fearless Donors
Fearless Donors
Posts: 139
Joined: Fri Mar 03, 2017 12:31 am
Reputation: 21

Re: Save register address to a variable in Auto Assemble to revert the values when disabling

Post by TheyCallMeTim13 » Tue Jan 23, 2018 1:36 am

Blayde wrote:
Mon Jan 22, 2018 10:23 pm
TheyCallMeTim13 wrote:
Mon Jan 22, 2018 9:52 pm
Blayde wrote:
Mon Jan 22, 2018 8:57 pm
Why you gays read this?
Hi/she just need one timer. So?
STN please i just want ot help.
Can i just hack this gays ? (not misspelled)
...
Are you sure, because with the miss use of the your singulars and plurals kinda make it seem like misspelling would make more sense?

So just to conform, you're just homophobic, not misspelling?
Try your luck in trainer / table section if you are that smart sir. ;)
Peace
I can only hope others can understand and answer questions as well as you.

Why avoid the questions?
Code Happy, Code Freely, Be Awesome.

sbryzl
Expert Cheater
Expert Cheater
Posts: 92
Joined: Sat Mar 04, 2017 4:47 am
Reputation: 19

Re: Save register address to a variable in Auto Assemble to revert the values when disabling

Post by sbryzl » Thu Jan 25, 2018 8:57 pm

Blayde wrote:
Mon Jan 22, 2018 11:16 pm
NEVER put new memory under newmem. You can, but it's not good decision. Ask the "professionals" why.
If you think that's bad you should see what I did to Mount and Blade's skillset function.

Post Reply

Who is online

Users browsing this forum: No registered users