This really buggin' me!

Anything Cheat Engine related, bugs, suggestions, helping others, etc..
Post Reply
Sigan
Expert Cheater
Expert Cheater
Posts: 93
Joined: Fri May 26, 2017 1:23 am
Reputation: 9

This really buggin' me!

Post by Sigan » Sun Nov 18, 2018 6:38 am

Hey ... So I started trying to fool around with a script or two in Ark, and I've found that I can't use globalalloc() there or else my script won't activate. Do I need to have a setting changed in CE or... Any ideas? For reference, here's an example of one I made using the template:

Code: Select all

{ Game   : ShooterGame.exe
  Version:
  Date   : 2018-11-18
  Author : Sigan

  This script finds the dino dude's stats
}

[ENABLE]

aobscanmodule(INJECT,ShooterGame.exe,F3 0F 11 8E D4 06 00 00) // should be unique
alloc(newmem,$1000,"ShooterGame.exe"+2532CD)
globalalloc(_DinoDude,4)
label(code)
label(return)

newmem:

code:
  mov [_DinoDude],rsi
  movss [rsi+000006D4],xmm1
  jmp return

INJECT:
  jmp newmem
  nop
  nop
  nop
return:
registersymbol(INJECT)

[DISABLE]

INJECT:
  db F3 0F 11 8E D4 06 00 00

unregistersymbol(INJECT)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: "ShooterGame.exe"+2532CD

"ShooterGame.exe"+2532A5: E8 A6 7B 0B 00           -  call ShooterGame.exe+30AE50
"ShooterGame.exe"+2532AA: 0F 28 C8                 -  movaps xmm1,xmm0
"ShooterGame.exe"+2532AD: 48 8B CE                 -  mov rcx,rsi
"ShooterGame.exe"+2532B0: E8 2B 39 63 00           -  call ShooterGame.exe+886BE0
"ShooterGame.exe"+2532B5: F3 41 0F 59 FA           -  mulss xmm7,xmm10
"ShooterGame.exe"+2532BA: 0F 28 CF                 -  movaps xmm1,xmm7
"ShooterGame.exe"+2532BD: F3 0F 58 8E D4 06 00 00  -  addss xmm1,dword ptr [rsi+000006D4]
"ShooterGame.exe"+2532C5: 0F 2F C8                 -  comiss xmm1,xmm0
"ShooterGame.exe"+2532C8: 76 03                    -  jna ShooterGame.exe+2532CD
"ShooterGame.exe"+2532CA: 0F 28 C8                 -  movaps xmm1,xmm0
// ---------- INJECTING HERE ----------
"ShooterGame.exe"+2532CD: F3 0F 11 8E D4 06 00 00  -  movss [rsi+000006D4],xmm1
// ---------- DONE INJECTING  ----------
"ShooterGame.exe"+2532D5: 48 8B BB 70 04 00 00     -  mov rdi,[rbx+00000470]
"ShooterGame.exe"+2532DC: 48 85 FF                 -  test rdi,rdi
"ShooterGame.exe"+2532DF: 0F 84 59 03 00 00        -  je ShooterGame.exe+25363E
"ShooterGame.exe"+2532E5: 48 8B CF                 -  mov rcx,rdi
"ShooterGame.exe"+2532E8: E8 83 58 EC FF           -  call ShooterGame.exe+118B70
"ShooterGame.exe"+2532ED: 84 C0                    -  test al,al
"ShooterGame.exe"+2532EF: 0F 84 49 03 00 00        -  je ShooterGame.exe+25363E
"ShooterGame.exe"+2532F5: 48 8B 03                 -  mov rax,[rbx]
"ShooterGame.exe"+2532F8: 48 8B CB                 -  mov rcx,rbx
"ShooterGame.exe"+2532FB: 0F 29 B4 24 C0 00 00 00  -  movaps [rsp+000000C0],xmm6
}

Eric
Hall of Famer
Hall of Famer
Posts: 94
Joined: Thu Mar 02, 2017 11:01 pm
Reputation: 34

Re: This really buggin' me!

Post by Eric » Sun Nov 18, 2018 7:00 am

Try

Code: Select all

globalalloc(_DinoDude,8,ShooterGame.exe)

User avatar
Kalas
Fearless Donors
Fearless Donors
Posts: 626
Joined: Fri Mar 03, 2017 9:49 am
Reputation: 105

Re: This really buggin' me!

Post by Kalas » Sun Nov 18, 2018 7:40 am

This instruction is writing as well, make sure after enabling using Eric's method to do whatever action needed in order to refresh those pointers.
Check us out!: MegaDev

Join Discord: Discord

Sigan
Expert Cheater
Expert Cheater
Posts: 93
Joined: Fri May 26, 2017 1:23 am
Reputation: 9

Re: This really buggin' me!

Post by Sigan » Sun Nov 18, 2018 8:03 am

Eric wrote:
Sun Nov 18, 2018 7:00 am
Try

Code: Select all

globalalloc(_DinoDude,8,ShooterGame.exe)
Thank you, I will.
Kalas wrote: This instruction is writing as well, make sure after enabling using Eric's method to do whatever action needed in order to refresh those pointers.
What do you mean by refresh those pointers? Once enabled, it'll write that register into the new variable, then I can just refer to that the whole time it's on. What do you mean refresh those pointers?

User avatar
Betcha
Expert Cheater
Expert Cheater
Posts: 76
Joined: Sun Nov 26, 2017 5:39 pm
Reputation: 24

Re: This really buggin' me!

Post by Betcha » Sun Nov 18, 2018 8:20 am

Sigan wrote:
Sun Nov 18, 2018 8:03 am
What do you mean refresh those pointers?
Your script is not accessing the point where you did injection.
Your Pointer will appear only when you do some "action" in game.
Same action you did to make that Instruction of injection point appear.

Code: Select all

code:
  movss [rsi+000006D4],xmm1
  mov [_DinoDude],rsi
  jmp return
Last edited by Betcha on Sun Nov 18, 2018 8:23 am, edited 1 time in total.

User avatar
Kalas
Fearless Donors
Fearless Donors
Posts: 626
Joined: Fri Mar 03, 2017 9:49 am
Reputation: 105

Re: This really buggin' me!

Post by Kalas » Sun Nov 18, 2018 8:22 am

Sigan wrote:
Sun Nov 18, 2018 8:03 am
Eric wrote:
Sun Nov 18, 2018 7:00 am
Try

Code: Select all

globalalloc(_DinoDude,8,ShooterGame.exe)
Thank you, I will.
Kalas wrote: This instruction is writing as well, make sure after enabling using Eric's method to do whatever action needed in order to refresh those pointers.
What do you mean by refresh those pointers? Once enabled, it'll write that register into the new variable, then I can just refer to that the whole time it's on. What do you mean refresh those pointers?
I meant since its not constantly accesses this instruction you may need to perform an action at least once after enabling the script in order for the pointers to show.
Check us out!: MegaDev

Join Discord: Discord

User avatar
Kalas
Fearless Donors
Fearless Donors
Posts: 626
Joined: Fri Mar 03, 2017 9:49 am
Reputation: 105

Re: This really buggin' me!

Post by Kalas » Sun Nov 18, 2018 8:22 am

An example could be :

When health decreases, after script enabled decrease health again to refresh the pointer.
Check us out!: MegaDev

Join Discord: Discord

Post Reply

Who is online

Users browsing this forum: No registered users