This really buggin' me!

Anything Cheat Engine related, bugs, suggestions, helping others, etc..
Post Reply
Sigan
Expert Cheater
Expert Cheater
Posts: 267
Joined: Fri May 26, 2017 1:23 am
Reputation: 124

This really buggin' me!

Post by Sigan »

Hey ... So I started trying to fool around with a script or two in Ark, and I've found that I can't use globalalloc() there or else my script won't activate. Do I need to have a setting changed in CE or... Any ideas? For reference, here's an example of one I made using the template:

Code: Select all

{ Game   : ShooterGame.exe
  Version:
  Date   : 2018-11-18
  Author : Sigan

  This script finds the dino dude's stats
}

[ENABLE]

aobscanmodule(INJECT,ShooterGame.exe,F3 0F 11 8E D4 06 00 00) // should be unique
alloc(newmem,$1000,"ShooterGame.exe"+2532CD)
globalalloc(_DinoDude,4)
label(code)
label(return)

newmem:

code:
  mov [_DinoDude],rsi
  movss [rsi+000006D4],xmm1
  jmp return

INJECT:
  jmp newmem
  nop
  nop
  nop
return:
registersymbol(INJECT)

[DISABLE]

INJECT:
  db F3 0F 11 8E D4 06 00 00

unregistersymbol(INJECT)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: "ShooterGame.exe"+2532CD

"ShooterGame.exe"+2532A5: E8 A6 7B 0B 00           -  call ShooterGame.exe+30AE50
"ShooterGame.exe"+2532AA: 0F 28 C8                 -  movaps xmm1,xmm0
"ShooterGame.exe"+2532AD: 48 8B CE                 -  mov rcx,rsi
"ShooterGame.exe"+2532B0: E8 2B 39 63 00           -  call ShooterGame.exe+886BE0
"ShooterGame.exe"+2532B5: F3 41 0F 59 FA           -  mulss xmm7,xmm10
"ShooterGame.exe"+2532BA: 0F 28 CF                 -  movaps xmm1,xmm7
"ShooterGame.exe"+2532BD: F3 0F 58 8E D4 06 00 00  -  addss xmm1,dword ptr [rsi+000006D4]
"ShooterGame.exe"+2532C5: 0F 2F C8                 -  comiss xmm1,xmm0
"ShooterGame.exe"+2532C8: 76 03                    -  jna ShooterGame.exe+2532CD
"ShooterGame.exe"+2532CA: 0F 28 C8                 -  movaps xmm1,xmm0
// ---------- INJECTING HERE ----------
"ShooterGame.exe"+2532CD: F3 0F 11 8E D4 06 00 00  -  movss [rsi+000006D4],xmm1
// ---------- DONE INJECTING  ----------
"ShooterGame.exe"+2532D5: 48 8B BB 70 04 00 00     -  mov rdi,[rbx+00000470]
"ShooterGame.exe"+2532DC: 48 85 FF                 -  test rdi,rdi
"ShooterGame.exe"+2532DF: 0F 84 59 03 00 00        -  je ShooterGame.exe+25363E
"ShooterGame.exe"+2532E5: 48 8B CF                 -  mov rcx,rdi
"ShooterGame.exe"+2532E8: E8 83 58 EC FF           -  call ShooterGame.exe+118B70
"ShooterGame.exe"+2532ED: 84 C0                    -  test al,al
"ShooterGame.exe"+2532EF: 0F 84 49 03 00 00        -  je ShooterGame.exe+25363E
"ShooterGame.exe"+2532F5: 48 8B 03                 -  mov rax,[rbx]
"ShooterGame.exe"+2532F8: 48 8B CB                 -  mov rcx,rbx
"ShooterGame.exe"+2532FB: 0F 29 B4 24 C0 00 00 00  -  movaps [rsp+000000C0],xmm6
}

Eric
Hall of Famer
Hall of Famer
Posts: 174
Joined: Thu Mar 02, 2017 11:01 pm
Reputation: 90

Re: This really buggin' me!

Post by Eric »

Try

Code: Select all

globalalloc(_DinoDude,8,ShooterGame.exe)

User avatar
Kalas
Expert Cheater
Expert Cheater
Posts: 551
Joined: Fri Mar 03, 2017 9:49 am
Reputation: 134

Re: This really buggin' me!

Post by Kalas »

This instruction is writing as well, make sure after enabling using Eric's method to do whatever action needed in order to refresh those pointers.

Sigan
Expert Cheater
Expert Cheater
Posts: 267
Joined: Fri May 26, 2017 1:23 am
Reputation: 124

Re: This really buggin' me!

Post by Sigan »

Eric wrote:
Sun Nov 18, 2018 7:00 am
Try

Code: Select all

globalalloc(_DinoDude,8,ShooterGame.exe)
Thank you, I will.
Kalas wrote: This instruction is writing as well, make sure after enabling using Eric's method to do whatever action needed in order to refresh those pointers.
What do you mean by refresh those pointers? Once enabled, it'll write that register into the new variable, then I can just refer to that the whole time it's on. What do you mean refresh those pointers?

User avatar
Betcha
Table Makers
Table Makers
Posts: 115
Joined: Sun Nov 26, 2017 5:39 pm
Reputation: 115

Re: This really buggin' me!

Post by Betcha »

Sigan wrote:
Sun Nov 18, 2018 8:03 am
What do you mean refresh those pointers?
Your script is not accessing the point where you did injection.
Your Pointer will appear only when you do some "action" in game.
Same action you did to make that Instruction of injection point appear.

Code: Select all

code:
  movss [rsi+000006D4],xmm1
  mov [_DinoDude],rsi
  jmp return
Last edited by Betcha on Sun Nov 18, 2018 8:23 am, edited 1 time in total.

User avatar
Kalas
Expert Cheater
Expert Cheater
Posts: 551
Joined: Fri Mar 03, 2017 9:49 am
Reputation: 134

Re: This really buggin' me!

Post by Kalas »

Sigan wrote:
Sun Nov 18, 2018 8:03 am
Eric wrote:
Sun Nov 18, 2018 7:00 am
Try

Code: Select all

globalalloc(_DinoDude,8,ShooterGame.exe)
Thank you, I will.
Kalas wrote: This instruction is writing as well, make sure after enabling using Eric's method to do whatever action needed in order to refresh those pointers.
What do you mean by refresh those pointers? Once enabled, it'll write that register into the new variable, then I can just refer to that the whole time it's on. What do you mean refresh those pointers?
I meant since its not constantly accesses this instruction you may need to perform an action at least once after enabling the script in order for the pointers to show.

User avatar
Kalas
Expert Cheater
Expert Cheater
Posts: 551
Joined: Fri Mar 03, 2017 9:49 am
Reputation: 134

Re: This really buggin' me!

Post by Kalas »

An example could be :

When health decreases, after script enabled decrease health again to refresh the pointer.

Post Reply

Who is online

Users browsing this forum: No registered users