Read Value

Anything Cheat Engine related, bugs, suggestions, helping others, etc..
Post Reply
User avatar
Kito
Noobzor
Noobzor
Posts: 7
Joined: Thu Feb 14, 2019 7:03 pm
Reputation: 5

Read Value

Post by Kito »

Hello guys, i'm relatively new to CE Scripting and i would like to Read the Current Money Value via the Script and it needs to be Editable.

That's what i got so far:

Code: Select all

[ENABLE]
aobscanmodule(pMoneyAOB,Disrupt_64.dll,4C 8B B4 F1 28 07 00 00)
alloc(pMoneyMem,$1000,"Disrupt_64.dll"+5C999C0)

label(code)
label(return)

label(pMoneyChange)
registersymbol(pMoneyChange)

pMoneyMem:

code:
  mov [pMoneyChange],rcx
  mov [rcx+rsi*8+00000728],r14
  jmp return

pMoneyChange:
  dd ?????

pMoneyAOB:
  jmp code
  nop
return:
registersymbol(pMoneyAOB)
[DISABLE]
pMoney:
  db 4C 8B B4 F1 28 07 00 00
unregistersymbol(pMoneyAOB)
unregistersymbol(pMoneyChange)
dealloc(pMoneyMem)

aSwedishMagyar
Expert Cheater
Expert Cheater
Posts: 84
Joined: Mon Jul 06, 2020 3:19 am
Reputation: 46

Re: Read Value

Post by aSwedishMagyar »

That's a good start but you need to account for the rsi*8 increment. Since this uses two registers I would just use a push/pop and lea on another register to get the final address:

Code: Select all

push	rbx
lea	rbx,[rcx+rsi*8+00000728]
mov	[pMoneyChange],rbx
pop	rbx
If you did not want to use lea for whatever reason, then you could also just use one register:

Code: Select all

push	rbx
mov	rbx,rsi
imul	rbx,8
add	rbx,rcx
mov	[pMoneyChange],rbx
pop	rbx
Which is not pretty but it works at least. Then you just use it as a pointer and add the last 728 offset to it in the table.

User avatar
SunBeam
Administration
Administration
Posts: 2924
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 2056

Re: Read Value

Post by SunBeam »

I suggest you do better work at it and start learning how to debug/back-trace. Your instruction is "mov [rcx+rsi*8+00000728],r14". Which means one of the registers is a base address, the other is a structure offset. Say your address is 400000. And it's in "rcx". Then your offset to the position is 0 and it's in "rsi". So you get 400000+0*8+728. Now if the offset changes, and instead of a 0, you have 1, then you get 400000+1*8+728. See the dynamics behind it? That spot of yours is recipe for failure. Am assuming game's Watch Dogs, based on the Engine name (Disrupt).

aSwedishMagyar
Expert Cheater
Expert Cheater
Posts: 84
Joined: Mon Jul 06, 2020 3:19 am
Reputation: 46

Re: Read Value

Post by aSwedishMagyar »

If they found the opcode through 'see what accesses this address' they could check what rsi is equal to and do a compare to always grab the right address though right?

Post Reply

Who is online

Users browsing this forum: No registered users