What's the deal with labels?

Erquint

What is cheating?
Apr 16, 2017
7
0
1
#1
So I have no problem writing and executing Lua code in CE just fine, but when it comes to these CE-specific labels — I am baffled.
I have been away from auto-assembly in Lua for some time and my memory is not great.

Let's take this example:
Code:
[ENABLE]
aobscanmodule(DeathPenalty,DARKSOULS.exe,89 56 38 8B 53 7C 33 C9 89 8B 8C 00 00 00 89 56 34 89 4B 7C 8B 48 04 E8 59 52 FE FF)
alloc(newmem0,$1000)

label(return)

newmem0:
  nop                //mov [esi+38],edx       - Souls moved to Bloodstain
  mov edx,[ebx+7C]
  xor ecx,ecx
  nop                //mov [ebx+0000008C],ecx - Player's Souls set to 0
  nop                //mov [esi+34],edx       - Humanity moved to Bloodstain
  nop                //mov [ebx+7C],ecx       - Player's Humanity set to 0
  mov ecx,[eax+04]
  nop                //call DATA.exe+986100   - Player's Hollowification
  jmp return

DeathPenalty:
  jmp newmem0
  db 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
  return:
registersymbol(DeathPenalty)

[DISABLE]
DeathPenalty:
  db 89 56 38 8B 53 7C 33 C9 89 8B 8C 00 00 00 89 56 34 89 4B 7C 8B 48 04 E8 59 52 FE FF

unregistersymbol(DeathPenalty)
dealloc(newmem0)
I wonder why a code block on a forum doesn't have a line number column...
Paste it into proper editor or count by eye. We count from 1 in Lua, not from 0.

Line 2: Does aobscan declare a label where it lands?
Line 5: A label return is declared but not defined. What address does this label point to? Why was it necessary to declare it here?
Line 21: That return label is used but why is it indented? Is it because this is where the label address is defined implicitly on compilation? And since this isn't strict, isn't this definition implicitly declaring the label making the previous declaration obsolete?
Line 22: Does DeathPenalty need to be registered as a symbol if it is not used in any other scripts?

So I understand how this script works in memory and one of the assumptions sets even makes me understand why is it written this way, but then if my assumptions are wrong — then I'm lost. So is this code whack or is my understanding of it whack or neither?
I need confirmations/clarifications.
 
Mar 17, 2017
31
0
6
#2
Hi,
what you wrote is not LUA. It is CE-Assembler-Script.
The return label will be replaced with the calculated return address. The CE-Assemblerunit needs it.
The first parameter of aobscan/aobscanmodule will be used like a label.

Greets Matze
 

Erquint

What is cheating?
Apr 16, 2017
7
0
1
#3
Well, it seems to me like it's based on Lua to some extent, but I can see how the similarity is limited.
Okay, so auto-assembly scripts are only meant for compiling into target image memory. I've made those before, although I used raw hex labels.
But then out of curiosity, how then do I add Lua scripts to a table as separate entries? I used to add my Lua script into the main(Ctrl+Alt+L) script pane, set up functions to operate on memory and hotkeys to execute those functions. But what if I want to launch Lua functions when the user ticks an entry in the table instead of requiring them to memorize hotkeys? I can think of one possible way to do that but it certainly wouldn't be elegant.
 

FreeER

RCE Fanatics
Talents
Mar 10, 2017
78
0
6
#4
Erquint post_id=6320 time=1492920651 user_id=2355 said:
But what if I want to launch Lua functions when the user ticks an entry in the table instead of requiring them to memorize hotkeys? I can think of one possible way to do that but it certainly wouldn't be elegant.
You can use {$lua} to switch the parser from AA to Lua, eg.
Code:
[ENABLE]
// switch parser to lua
{$lua}
--[[
note all lua code runs immediately, just because you have created lua code in the middle of defining
an asm function doesn't mean that it will run at that point in the asm function, it won't
though there is a way to get it to do so (call CE lua function template) I don't fully understand it :)
]]

if syntaxcheck then return end -- don't run code if just checking syntax (on add/ok)

-- write 99 to step 2 of the tutorial (note the program does not update)
writeInteger("[Tutorial-i386.exe+1FC5D0]+480",99)

-- show a message box from CE with the given text (pauses execution until closed)
showMessage("you've clicked me!")

-- use a timer to delay disabling the script by a little bit so CE can finish running it
timer = createTimer()
timer.OnTimer = function(timer)
  -- disable this script
  getAddressList().getMemoryRecordByDescription("script name/description shown in table").Active = false
  timer.destroy() -- only run once by destroying the timer object
end
-- set delay to 100 milliseconds (1/10th of a second)
timer.Interval = 100

-- note, any string returned will be parsed as AA code in this position
-- set step 2 to 999
-- [[ ]] deliminates a multiline string
return [[
["Tutorial-i386.exe"+1FC5D0]+480:
  dd #999
]]
-- switch parser back to assembly
{$asm}
[DISABLE]
You should also be able to declare functions in the main lua table like you did with hotkeys and then simply call them from individual scripts.

You can also use luacall to call a single lua function from the assembly parser, not entirely sure how that works though.
 

Eric

Administrator
Administrator
Mar 2, 2017
39
0
6
#5
aobscan acts more like a define/alloc than a label

label is declared (after alloc) and defined in deathpenalty:
(6.5+ doesn't NEED the declare part though)

spaces mean nothing

and yup, deathpenalty doesn't need to be registered

i think it's 'whack' myself, not because of labels/aobscans, but because it allocates a block of memory and manually puts some 'nop's in there
 

Erquint

What is cheating?
Apr 16, 2017
7
0
1
#6
FreeER, everything you wrote is super useful.
I did find out about it snooping in other people's tables on my own just recently overnight though, but still thank you very much for this invaluable piece of knowledge I might've not discovered myself.

Eric,
6.5+ doesn't NEED the declare part though
Yeah, I recall reading about it on the wiki. There's a flag for strict mode available though.
spaces mean nothing
How then is an injection block terminated? Just syntax+context sensitive?
it allocates a block of memory and manually puts some 'nop's in there
He might've just used bare comments to illustrate what's taken out but maybe he wanted some extra clarity.