Cheat Engine Lua Scripting for Mono Example for BattleTech

phorkus

What is cheating?
#1
Hello again,
I'm posting a example script for accessing C# (Mono) namespace and methods from Lua in a simple script. I had a rough time finding examples of how to do this and wanted to try to save others effort in locating a simple example of how to walk name spaces, classes, and instances to invoke methods against the Mono features of Cheat Engine. It's such a rich and killer program, but it's also extremely complex for someone new to injecting into Mono (C#).

Here's the script:

Code:
LaunchMonoDataCollector()

the_class = 0
the_method = 0
method_name = ""
klasses = {}


function class_scan_and_invoke()
  for n, klass in ipairs(klasses) do
    invoke_me = klasses[n]
    --invoke_me = klasses[0]
    print("Invoke Address: ", invoke_me)
    the_instance=getAddressSafe(invoke_me)
    -- params=mono_method_get_parameters(the_method)
    --for m, param_name in ipairs(params) do
      --print("Param Name: ", params[0].name)
      --if params[m].type == MONO_TYPE_BOOLEAN then
        -- print("Param Type: boolean")
        print("building parameters")
        -- Remember that the args array is 1 based, not 0 based.
        args={}
        args[1]={}
        args[1].type=vtByte
        args[1].value = 1
        --result = mono_invoke_method(nil, the_method, the_instance, args)
        result = mono_invoke_method(nil, the_method, the_instance, args)
        print("Method invoked, result: ", result)
      --end
    --end
  end
end

function mem_scan_done(m)
  print("Scan completed.  Running complete method.")
  for k,v in pairs(klasses) do klasses[k]=nil end
  print("1.")
  local fl=createFoundList(m)
  print("2.")
  fl.initialize()
  print("3.")
  local i
  for i=0, fl.Count-1 do
    print("new klasses: ", fl[i])
    table.insert(klasses, fl[i])
  end
  fl.destroy()
  m.destroy()
 
  class_scan_and_invoke()
end

function enable_BattleTech_debug()
  local assems = mono_enumAssemblies()
  for i, addr in ipairs(assems) do
    -- print ("Addr", addr)
    local image = mono_getImageFromAssembly(addr)
    local img_name = mono_image_get_name(image)
    -- print( "Image: ", img_name)
    if (img_name == "Assembly-CSharp") then
       print("Got Assembly-CSharp image!")
       local classes = mono_image_enumClasses(image)
       for j, cls_addr in ipairs(classes) do
         if classes[j].namespace == "HBS.DebugConsole" then
           if classes[j].classname == "DebugConsole" then
             the_class = classes[j].class
             print("Found Target Class and Namespace")
             print("Class NS: ", classes[j].namespace)
             print("Class Name: ", classes[j].classname)
             local methods = mono_class_enumMethods(the_class)
             for k, method_name in ipairs(methods) do
               if methods[k].name == "set_DebugCommandsUnlocked" then
                 the_method = methods[k].method
                 method_name = methods[k].name
                 print("Method Name: ", methods[k].name)
                 --print("Lock on set_DebugCommandsUnlocked at: ", the_method)
                 -- mono_class_findInstancesOfClass(c, method_name, mem_scan_done(m))
                 klasses = mono_class_findInstancesOfClassListOnly(nil, the_class)
                 class_scan_and_invoke()
               end
             end
           end
         end
       end
    end
  end
end

enable_BattleTech_debug()
Hope this helps someone!
-Phorkus
 
Top Bottom