Brotato Money

[ermahgerd]

i cannot seem to write a code to make sure the money gets injected. everytime i inject, the game CTD.


this is for epic games store version.

Code: Select all

{ Game   : Brotato.exe
  Version: 
  Date   : 2025-02-18
  Author : User

  This script does blah blah blah
}

[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat

 
 
aobscanmodule(INJECT,Brotato.exe,48 89 43 08 48 8B 5C 24 38) // should be unique
alloc(newmem,$1000,INJECT)

label(code)
label(return)

newmem:

 mov [rbx+08],int(1000)

code:
  mov [rbx+08],rax
  mov rbx,[rsp+38]
  jmp return

INJECT:
  jmp newmem
  nop 4
return:
registersymbol(INJECT)

[DISABLE]
//code from here till the end of the code will be used to disable the cheat
INJECT:
  db 48 89 43 08 48 8B 5C 24 38

unregistersymbol(INJECT)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: Brotato.exe+1373F58

Brotato.exe+1373F40: 8B 01           - mov eax,[rcx]
Brotato.exe+1373F42: 90              - nop 
Brotato.exe+1373F43: 85 C0           - test eax,eax
Brotato.exe+1373F45: 74 15           - je Brotato.exe+1373F5C
Brotato.exe+1373F47: 8D 50 01        - lea edx,[rax+01]
Brotato.exe+1373F4A: F0 0F B1 11     - lock cmpxchg [rcx],edx
Brotato.exe+1373F4E: 75 F0           - jne Brotato.exe+1373F40
Brotato.exe+1373F50: 85 D2           - test edx,edx
Brotato.exe+1373F52: 74 08           - je Brotato.exe+1373F5C
Brotato.exe+1373F54: 48 8B 47 08     - mov rax,[rdi+08]
// ---------- INJECTING HERE ----------
Brotato.exe+1373F58: 48 89 43 08     - mov [rbx+08],rax
// ---------- DONE INJECTING  ----------
Brotato.exe+1373F5C: 48 8B 5C 24 38  - mov rbx,[rsp+38]
Brotato.exe+1373F61: 48 83 C4 20     - add rsp,20
Brotato.exe+1373F65: 5F              - pop rdi
Brotato.exe+1373F66: C3              - ret 
Brotato.exe+1373F67: 90              - nop 
Brotato.exe+1373F68: EE              - out dx,al
Brotato.exe+1373F69: 3B 37           - cmp esi,[rdi]
Brotato.exe+1373F6B: 01 54 3F 37     - add [rdi+rdi+37],edx
Brotato.exe+1373F6F: 01 54 3F 37     - add [rdi+rdi+37],edx
Brotato.exe+1373F73: 01 00           - add [rax],eax
}

[Send]

..

Just downloaded the game before I hop off. The game uses the GoDot engine. A complete and utter pain in the ass. The instruction is shared with dozens of other values, so you're not just writing to the registrar and offset holding money, but everything that uses that instruction.

[ermahgerd]

oh. that's annoying. so, is there any potential workaround i can explore?

[Send]

oh. that's annoying. so, is there any potential workaround i can explore?

You can study cfemen's Brotato table which uses his custom tools made for the engine.
viewtopic.php?p=268698#p268698

You can also try pointerscanning and see if you can get any stable pointers for money so you can just edit on the fly.

Seriously though, GoDot isn't the engine you want to mess with if you're starting out.

[ermahgerd]

only the money pointerscan seems to fail. that is why i am trying code injection. HP is not an issue.

i also notice that it crashes only if it nops the

Code: Select all

mov rbx,[rsp+38]

line due to code injection because a few lines of code jmp to it. if i inject at

Code: Select all

mov rax,[rdi+08]

, it does not crash. but then the code does not run