Aobscan tutorials

Anything Cheat Engine related, bugs, suggestions, helping others, etc..
User avatar
VampTY
Table Makers
Table Makers
Posts: 809
Joined: Tue Mar 05, 2019 10:52 am
Reputation: 1047

Re: Aobscan tutorials

Post by VampTY »

Hi,

Here's one more awful tutorial making a script with offsets, when the game ain't on unity/unreal/xna or whatever other engine that doesn't have any names assigned to them, to find them easy.Also in this example, i use "[]", if you'll encounter with more offsets, do it like"[[name]+offset]+offset", you understand, 2 offsets, that will mean adding one more"[" to your left and one more "]" to your right, that "]"is after any offset, the last one don't need any "]", so if there were 7 offsets, for example, you'd have to have on your left 7 "[" and to your right to have 7, like "[[[[[[[name]+offset]+offset]+offset]+offset]+offset]+offset]+offset" If the name is "base" and the offsets are 10 and 12, the result will be "[[base]+10]+12". ;) This will work on whatever machine.Hope this might help somehow! :wub:



Take care! ;)

User avatar
Messy6666
Table Makers
Table Makers
Posts: 719
Joined: Fri Sep 25, 2020 5:45 pm
Reputation: 741

Re: Aobscan tutorials

Post by Messy6666 »

^ What a wonderful work making those videos for other people VampTY !

I just thought of a CE plugin which will make life a bit easier using those *** brackets:

An extension by FreeER: copyOffsets.lua
[Link]

It will "print" the correct syntax to be used, ready to copy/paste

edit:
* best to only use that plugin when you understand the offsets

anl93
Table Makers
Table Makers
Posts: 264
Joined: Mon May 29, 2017 10:12 am
Reputation: 86

Re: Aobscan tutorials

Post by anl93 »

Hey there @aanpsx

I finally managed to did auto asseble script.
I will upload my table here as soon as possible.
Card power updates on hovewed units, although i realized that this trick works on few games.

Game is : "Shadowhand"

Thank you kindly,

anl93
Table Makers
Table Makers
Posts: 264
Joined: Mon May 29, 2017 10:12 am
Reputation: 86

Re: Aobscan tutorials

Post by anl93 »

aanpsx wrote:
Hey there @aanpsx

Your guide here works perfectly for me for some games. I even shared some of my small tables with scripts here on forum.

I want to ask you something new but similar,

Can you make a similar guide for "to update increase/decrease" kind of scripts.

I feel like im slowly improving myself.

If you can make that kind of guide too, i will be very grateful.

Sincerely, thank you.

anl93
Table Makers
Table Makers
Posts: 264
Joined: Mon May 29, 2017 10:12 am
Reputation: 86

Re: Aobscan tutorials

Post by anl93 »

newmem:
mov [Pointer],ecx
code:
mov eax,[ecx+eax*4+10]
pop ebp
jmp return

Pointer:
dd 0

ShopPointer:
jmp newmem
return:

not working
pointer constanty changes

can someone help

User avatar
LeFiXER
LeFixer
LeFixer
Posts: 478
Joined: Wed Mar 24, 2021 9:35 am
Reputation: 242

Re: Aobscan tutorials

Post by LeFiXER »

anl93 wrote:
Fri May 27, 2022 5:02 pm

Code: Select all

newmem:
  mov [Pointer],ecx
code:
  mov eax,[ecx+eax*4+10]
  pop ebp
  jmp return

Pointer:
  dd 0

ShopPointer:
  jmp newmem
return:
not working
pointer constanty changes

can someone help
What about this:

Code: Select all

...
Pointer:
  dd 0
 
newmem:
  push edx
  lea edx,[ecx+eax*4+10]
  mov [Pointer],edx
  pop edx
  
code:
  mov eax,[ecx+eax*4+10]
  pop ebp
  jmp return
...

anl93
Table Makers
Table Makers
Posts: 264
Joined: Mon May 29, 2017 10:12 am
Reputation: 86

Re: Aobscan tutorials

Post by anl93 »

No adresses still changes when script is activated.

User avatar
Messy6666
Table Makers
Table Makers
Posts: 719
Joined: Fri Sep 25, 2020 5:45 pm
Reputation: 741

Re: Aobscan tutorials

Post by Messy6666 »

^
Then it's a multipurpose function, ie it's reading/writing also other data(structures).
Before filling the pointer you'll have to check somehow if they are pointing to the right data ( [ecx] or [ecx+eax] or [ecx+eax*4+10] )
by disecting data/stuctures and scan for some testing values.

for example

Code: Select all

cmp [ecx], TESTVAL 
jne DONT_FILL_POINTER

Code: Select all

cmp [ecx+eax*4], TESTVAL  // maybe that contains the value type for +10
jne DONT_FILL_POINTER
hard to say when not having a part of the original code from the injection point
Last edited by Messy6666 on Sat May 28, 2022 11:56 am, edited 1 time in total.

User avatar
SunBeam
Administration
Administration
Posts: 4702
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4285

Re: Aobscan tutorials

Post by SunBeam »

LeFiXER wrote:
Fri May 27, 2022 5:45 pm
...
I would suggest determining where ecx comes from and what the iterator eax represents. If it's a list/array of pointers to same types of structures, then "filtering" won't work as you'd expect, by just storing the lea result into some static.

A bit of research is required than just numb-storing pointers and thinking of only how to save them, but not what they point to, if player or enemy or if representing what you're after. Am saying this in general, not aimed at you, LeFiXER :)

User avatar
LeFiXER
LeFixer
LeFixer
Posts: 478
Joined: Wed Mar 24, 2021 9:35 am
Reputation: 242

Re: Aobscan tutorials

Post by LeFiXER »

SunBeam wrote:
Sat Jun 11, 2022 6:41 am
I would suggest determining where ecx comes from and what the iterator eax represents. If it's a list/array of pointers to same types of structures, then "filtering" won't work as you'd expect, by just storing the lea result into some static.

A bit of research is required than just numb-storing pointers and thinking of only how to save them, but not what they point to, if player or enemy or if representing what you're after. Am saying this in general, not aimed at you, LeFiXER :)
I did not take offence. I appreciate you taking the time to give your wisdom, thanks :).

anl93
Table Makers
Table Makers
Posts: 264
Joined: Mon May 29, 2017 10:12 am
Reputation: 86

Re: Aobscan tutorials

Post by anl93 »

Hello guys

Code: Select all

newmem:

code:
  movsxd  rax,dword ptr [rax+6C]
  mov [rbp-000000D8],eax
  jmp return
How can i adjust this code to adjust HP of selected unit?
Or his one for that matter?

Code: Select all

newmem:

code:
  movsxd  rax,dword ptr [r15+6C]
  test eax,eax
  jmp return
I tried changing movsxd to mov but couldnt success so far.
I will find aobscan of another unit, compare and change aobscan(INJECT, ...... (i will replace some of them here with ?? so script should work for all units after i compare to unit aobscans) ) // should be unique

but first i need the correct code that reads current units HP.

Thanks.

Post Reply

Who is online

Users browsing this forum: No registered users