Use an address specific value as a trigger to activate another (Joker Commands)

Marconeto

Noobzor
Joined
May 19, 2020
Messages
7
Reaction score
1
Is there a way to create a code that uses an address as a trigger using LUA script? I mean every time the address reaches a specific value it constantly set a value of 100 to another one. It's like a Gameshark joker command, but using an address value as a hotkey or trigger to activate another one and a timer of 10ms to repeat the process if the trigger value is always the same. If there's already a thread about that could anyone share? 'cause I didn't find it.

eg.

if address 005513F000 = 0063 then set a value of 100 to 005510F244
repeat after 10ms
else if address 005513F000 0063 then do nothing

Sorry my bad english.
 

Kickyoace

Novice Cheater
Joined
Jun 18, 2017
Messages
21
Reaction score
14
if you wanna venture into the ASM side of things this can be done by using https://wiki.cheatengine.org/index.php?title=Assembler:Commands:CMP or you can do an if statment in lua might be easier to just break and trace the code to tell you what to filter out when you need to set the last mem address or what is really going on in the code or just find a better spot to overwrite that value where its not being memcopy'ed around the place
 

Marconeto

Noobzor
Joined
May 19, 2020
Messages
7
Reaction score
1
if you wanna venture into the ASM side of things this can be done by using https://wiki.cheatengine.org/index.php?title=Assembler:Commands:CMP or you can do an if statment in lua might be easier to just break and trace the code to tell you what to filter out when you need to set the last mem address or what is really going on in the code or just find a better spot to overwrite that value where its not being memcopy'ed around the place
Is there any templates using compare operand parameters? I've tried to use CMP, no luck, 'cause I'm using pointers and it's a lot more easier to create it by LUA script than AOB injection. I've tried to find a template with a structure like that, but looks like no one ever tried to make a joker command like code using CE. I know CE allows hotkeys to freeze, increase, decrease and set a specific value to any code, but to use an address to activate other is only possible through script.
 

TheyCallMeTim13

Enchanter
Staff member
Administrator
Fearless Donors
Talents
Joined
Mar 3, 2017
Messages
1,789
Reaction score
757
Try a thread or a timer.

Lua:
{$lua}
------------------------------ ENABLE ------------------------------
[ENABLE]
local aTimer = nil
local aTimerInterval = 100
local address = 0xdeadbeef
local address2 = 0xbeef0000
local function aTimer_tick(timer)
    if readInteger(address) == 100 then
        writeInteger(address2, 100)
    end
end
----------------------------------
if syntaxcheck then return end
aTimer = createTimer(MainForm)
aTimer.Interval = aTimerInterval
aTimer.OnTimer = aTimer_tick
------------------------------ DISABLE ------------------------------
[DISABLE]
if syntaxcheck then return end
aTimer.destroy()
 

Marconeto

Noobzor
Joined
May 19, 2020
Messages
7
Reaction score
1
Try a thread or a timer.

Lua:
{$lua}
------------------------------ ENABLE ------------------------------
[ENABLE]
local aTimer = nil
local aTimerInterval = 100
local address = 0xdeadbeef
local address2 = 0xbeef0000
local function aTimer_tick(timer)
    if readInteger(address) == 100 then
        writeInteger(address2, 100)
    end
end
----------------------------------
if syntaxcheck then return end
aTimer = createTimer(MainForm)
aTimer.Interval = aTimerInterval
aTimer.OnTimer = aTimer_tick
------------------------------ DISABLE ------------------------------
[DISABLE]
if syntaxcheck then return end
aTimer.destroy()
if readInteger(address) == 100 then
writeInteger(address2, 100)
These values here are in HEX or DEC form?
Is there a way to use dd , dw , db and dq to establish the byte limits (4, 2, 1 and 8 bytes) and # to id the values as decimal?

And I tried to use pointers as addresses with no success

Here's how I write them:
local address = ["Tutorial-i386.exe"+000000]+1C2
local address2 = ["Tutorial-i386.exe"+000001]+2A1
 

Marconeto

Noobzor
Joined
May 19, 2020
Messages
7
Reaction score
1
Sorry. I was really dumb here tsk tsk

I use this to write a specific integer to the address and they are already decimal. 0x should be used for HEX
readSmallInteger(address) == 4 then
writeSmallInteger(address2, 100)
end
That part is ok so far, but I had no luck and with the effects and the script wouldn't turn off when using a timer, but It stay enabled even when I click the box.

Thread would be like this?

Lua:
{$lua}
------------------------------ ENABLE ------------------------------
local addr = "octoshock.dll+1E600B"       //BizHawk: (PSX)Resident Evil - Hand gun bullets
local addr2 = "octoshock.dll+1E600B"    //same
[ENABLE]
local function luaThread(thread)
    while RunLuaThread do
    if readSmallInteger(address) == 0x000F then           //Every time the bullets reach 15 it will automatically write 100
        writeSmallInteger(address2, 0x0064)
        end
        sleep(0)
    end
    thread.terminate()
end
----------------------------------
if syntaxcheck then return end
RunLuaThread = true
createThread(luaThread)
------------------------------ DISABLE ------------------------------
[DISABLE]
if syntaxcheck then return end
RunLuaThread = false
 

Marconeto

Noobzor
Joined
May 19, 2020
Messages
7
Reaction score
1
GOTCHA! The thread worked perfectly!
Thank you so much, TheyCallMeTim13!

I'm going to post the correct thread here for those interested.

Lua:
{$lua}
------------------------------ ENABLE ------------------------------
local addr = "octoshock.dll+1E600B"
local addr2 = "octoshock.dll+1E600B"
[ENABLE]
local function luaThread(thread)
    while RunLuaThread do
    if readBytes(addr) == 0x0F then
        writeBytes(addr2, 0x64)
        end
        sleep(0)
    end
    thread.terminate()
end
----------------------------------
if syntaxcheck then return end
RunLuaThread = true
createThread(luaThread)
------------------------------ DISABLE ------------------------------
[DISABLE]
if syntaxcheck then return end
RunLuaThread = false
 

Marconeto

Noobzor
Joined
May 19, 2020
Messages
7
Reaction score
1
Hi TheyCallMeTim13, here I am annoying you again rsrs.

Is there any template that shows how this thread logic would look like but using AOB injection instead?

I've looked into the Cheat Engine's Wiki but I didn't find any articles describing how the logic behind AOB works except the basics. I mean is there a way to use "If, then, else, and, or" and other logic operations without relying on LUA script? The major problem with LUA is the CPU consumption when there are too many threads and I'm not familiar with AOB injection. By using CMP I should achieve something similar, but the structure doesn't work.

https://wiki.cheatengine.org/index.php?title=Assembler:Commands (The article that I used to find the commands, but since I'm no good with the structure I couldn't make it work)

I've found this on a article that shows how to create pointer addresses using AOB, but I had no luck and no results when trying to create a logic like the one you showed me, but using AOB.
 

TheyCallMeTim13

Enchanter
Staff member
Administrator
Fearless Donors
Talents
Joined
Mar 3, 2017
Messages
1,789
Reaction score
757
Find where the address is written to and change it there. If you don't know how to find that start with the CE tutorial in the CE help menu. Once you have the injection point you can just add the logic there.
Something like this:
CEA:
//...
cmp byte ptr [octoshock.dll+1E600B],0F
jne @f
    mov byte ptr [octoshock.dll+1E600B],64
@@:
//...
Here's a few link that might help as well.
AOB signatures
Code Injection - Editable Values
Code Injection - Full

EDIT: That or use one thread enabled as a "main script" and toggle options with global variables in other scripts. As using comparative logic you are limited to JE, JNE, JG, JL, CMOVE, CMOVG, and others like that. No real OR, AND, or ELSE; just a lot of jumps back and forth that can get a bit messy.
 
Last edited:

Marconeto

Noobzor
Joined
May 19, 2020
Messages
7
Reaction score
1
TheyCallMeTim13

Got it!
It needed a jne to work.
The easy way to find where the address is written is by watching the accesses and that part is ok. I screwed everything because I didn't know that a jne function was needed.
But it wont change much as you said, because this injection also needs a lot of jumps but in different places since the injection point is allocated near the end of the memory. The number of addresses that I used in this process will always result in high CPU consumption and this makes it useless. As you said the only way to reduce CPU consumption is by using one thread as the base.
Thank you, man!
 
Top