Code injection with value

Anything Cheat Engine related, bugs, suggestions, helping others, etc..
Post Reply
CJtheTiger
What is cheating?
What is cheating?
Posts: 4
Joined: Sat Mar 04, 2017 1:21 am
Reputation: 0

Code injection with value

Post by CJtheTiger »

Using the Auto Assembler I created a little snippet which modifies which value will be set to a specific address.

Initially it was:

Code: Select all

mov [esi+9A],al
What I want it to be is:

Code: Select all

mov [esi+9A],<my value>
I'd like to define the value in the table. How would I accomplish this?

This is the complete script:

Code: Select all

[ENABLE]

alloc(valuemod,2048)
label(valuemodexit)

valuemod:
mov [esi+9A],<my value>
jmp valuemodexit

"MyGame.exe"+ABCDEF:
jmp valuemod
valuemodexit:
 
[DISABLE]
"MyGame.exe"+ABCDEF:
mov [esi+9A],al
I could just make another entry in the table which writes the value into allocated memory for the injection and then just retrieve it in there, but I figured there must be some way to do this in a more elegant way.

UltimatePoto42
Expert Cheater
Expert Cheater
Posts: 125
Joined: Tue May 02, 2017 6:00 am
Reputation: 15

Re: Code injection with value

Post by UltimatePoto42 »

if your push value is always the same then you can just put your value in like you have it, but CE will interpret this as hex but you can use (int)#

Code: Select all

mov [esi+9A],(int)100
Or you could define a value:

Code: Select all

define(PushValue,(int)100)
...
mov [esi+9A],PushValue

User avatar
++METHOS
Administration
Administration
Posts: 274
Joined: Thu Mar 02, 2017 9:02 pm
Reputation: 91

Re: Code injection with value

Post by ++METHOS »

You can also create a custom symbol and add it to your table as a custom address:
[ENABLE]

alloc(valuemod,2048)
label(valuemodexit)
label(originalcode)
label(value)

registersymbol(value)

valuemod:

{--optional-->>
cmp [value],0
je originalcode
<<--optional--}

push edi
mov edi,[value]
mov [esi+9A],edi
pop edi
jmp valuemodexit //may need to add some original code before the jump

originalcode:
//originalcode here
jmp valuemodexit

value:
dd 0

"MyGame.exe"+ABCDEF:
jmp valuemod
valuemodexit:

[DISABLE]
"MyGame.exe"+ABCDEF:
mov [esi+9A],al

unregistersymbol(value)
Once the script is activated, add a custom address to your table and put value in the address field. You can assign hotkeys for setting/freezing values etc..

CJtheTiger
What is cheating?
What is cheating?
Posts: 4
Joined: Sat Mar 04, 2017 1:21 am
Reputation: 0

Re: Code injection with value

Post by CJtheTiger »

Thanks guys!

Zanzer
RCE Fanatics
RCE Fanatics
Posts: 1082
Joined: Fri Mar 03, 2017 10:48 pm
Reputation: 3439

Re: Code injection with value

Post by Zanzer »

Be sure to include "byte ptr" so you're not overwriting more than the 1 address.

Code: Select all

mov byte ptr [esi+9A],<my value>

Code: Select all

mov al,[value]

CJtheTiger
What is cheating?
What is cheating?
Posts: 4
Joined: Sat Mar 04, 2017 1:21 am
Reputation: 0

Re: Code injection with value

Post by CJtheTiger »

Zanzer wrote:
Mon Mar 06, 2017 2:57 am
Be sure to include "byte ptr" so you're not overwriting more than the 1 address.

Code: Select all

mov byte ptr [esi+9A],<my value>

Code: Select all

mov al,[value]
From my understanding it will take the smallest common size, so when I move some value to AL which is one byte in size, it will only take one byte from the value I want to move there. Feel free to correct me there though.

Post Reply

Who is online

Users browsing this forum: No registered users