Page 21 of 23
Re: BattleTech [Engine:Unity]
Posted: Thu Oct 22, 2020 10:58 am
by CompactDisc
Csimbi wrote: ↑Tue Oct 20, 2020 6:38 pm
CompactDisc wrote: ↑Tue Oct 20, 2020 5:53 pm
For me, the code for the battles consistently stops working eventually.
Could you clarify what do you mean by the code stopping working?
It seems to work during the first game you start up.
After you save a campaign, and leave/restart the game, it often seems to stop working forever.
And it's not just one of the AOB's the code can't find, it's multiple.
Re: BattleTech [Engine:Unity]
Posted: Thu Oct 22, 2020 11:34 am
by Csimbi
CompactDisc wrote: ↑Thu Oct 22, 2020 10:58 am
It seems to work during the first game you start up.
After you save a campaign, and leave/restart the game, it often seems to stop working forever.
And it's not just one of the AOB's the code can't find, it's multiple.
Did you try closing and restarting CE?
Re: BattleTech [Engine:Unity]
Posted: Thu Oct 22, 2020 1:18 pm
by SunBeam
JIT code is often compiled differently, in such a way that it might break your aob. This is the other scenario, as opposed to having to do a certain action in game to trigger code compiling. My suggestion is to check my table for this game and resort to finding the prologur of your function (only if compiled) by Mono name and scan bit by bit inside it till you find your hook spot. Rather than relying on a large aob that might contain ASM that can often be JITed differently.. Example:
mov eax,[ecx+20]
can be
mov eax,ecx
mov eax,[eax+20]
or
mov eax,ecx
add eax,20
mov eax,[eax]
You really can't predict which form the compiler will pick
Re: BattleTech [Engine:Unity]
Posted: Sun Oct 25, 2020 3:15 am
by CompactDisc
Csimbi wrote: ↑Thu Oct 22, 2020 11:34 am
CompactDisc wrote: ↑Thu Oct 22, 2020 10:58 am
It seems to work during the first game you start up.
After you save a campaign, and leave/restart the game, it often seems to stop working forever.
And it's not just one of the AOB's the code can't find, it's multiple.
Did you try closing and restarting CE?
Yes, but that has no effect.
As what SunBeam said, I don't really understand
Re: BattleTech [Engine:Unity]
Posted: Sun Oct 25, 2020 1:17 pm
by Csimbi
CompactDisc wrote: ↑Sun Oct 25, 2020 3:15 am
Yes, but that has no effect.
As what SunBeam said, I don't really understand
You said when you enable it the first time, it works.
What did you mean the first time then? (what it the first time for you?)
Not sure why it would not work after for you though.
I could enable/disable and I play the whole day without quitting the game even once.
SunBeam said you should check the prologue (there's a typo there) because the aob signature may break when the code is generated differently.
He is not wrong, but I do scan the prologue, too - with a small window.
Re: BattleTech [Engine:Unity]
Posted: Sun Oct 25, 2020 2:33 pm
by CompactDisc
Csimbi wrote: ↑Sun Oct 25, 2020 1:17 pm
CompactDisc wrote: ↑Sun Oct 25, 2020 3:15 am
Yes, but that has no effect.
As what SunBeam said, I don't really understand
You said when you enable it the first time, it works.
What did you mean the first time then? (what it the first time for you?)
Not sure why it would not work after for you though.
I could enable/disable and I play the whole day without quitting the game even once.
SunBeam said you should check the prologue (there's a typo there) because the aob signature may break when the code is generated differently.
He is not wrong, but I do scan the prologue, too - with a small window.
What I meant by first time, is that the combat-section of the table only works during the first battle of a new campaign and as long as you don't close the game afterwards.
So if I understand correctly, I should always start a new campaign and scan the prologue first, and then switch to my actual save?
Re: BattleTech [Engine:Unity]
Posted: Mon Oct 26, 2020 4:40 am
by SunBeam
CompactDisc wrote: ↑Sun Oct 25, 2020 2:33 pm
scan the prologue first
I wasn't talking to you in that post. The author of the table you're debating (Csimbi) should change the way he scans for aobs. I didn't look at his table, though what I suggested is this:
Code: Select all
local prologue = getAddress( "BattleTech.UI:CombatDebugHUD:SetGodMode" )
local getJMP = AOBScanEx( "45 33 ED E9 ?? ?? ?? ??", nil, nil, nil, prologue, prologue+0x100 )
local jmp = tonumber( getJMP[0], 16 ) + 0x3
local destination = jmp + readInteger( jmp + 0x1 ) + 0x5
local getRET = AOBScanEx( "C3", nil, nil, nil, destination, destination+0x100 )
local epilogue = tonumber( getRET[0], 16 )
local getMOVSS = AOBScanEx( "F3 0F 10 05 ?? ?? ?? ?? F3", nil, nil, nil, prologue, epilogue )
if getMOVSS.Count == 4 then
I am going to a KNOWN function (e.g.: BattleTech.UI:CombatDebugHUD:SetGodMode), then I am doing a scan for "45 33 ED E9 ?? ?? ?? ??" array between the prologue (start) of the function and start+0x100 bytes. I am looking for a JMP (E9 xx xx xx xx). Once found, I calculate its destination, go there, then scan for a "C3" byte. Which gives me the epilogue (end) of the function I'm looking for. Then between "prologue" and "epilogue" I am scanning for whateverthefuck I am interested in; which is "F3 0F 10 05 ?? ?? ?? ?? F3". This way.. instead of using this "F3 0F 10 05 ?? ?? ?? ?? F3" directly and potentially not finding it from the first try (cuz I bet in Csimbi's table aobs are scanned in the WHOLE memory space), I narrow down where I wanna find it in.
Like I said, you have the table, there's a [ Debug ] section. Make use of my shit
BR,
Sun
P.S.: If your known function isn't JIT-ed, you can have CE do it for you. Which will remove that need to perform some action to trigger Unity to JIT it. How.. you will have to learn some Lua.. or check other people's tables and understand how they do it. Here's one:
viewtopic.php?p=137839#p137839
Re: BattleTech [Engine:Unity]
Posted: Mon Oct 26, 2020 10:58 am
by Cake-san
As long as mono features is active, CE will jit compile the game code for you as long as you know the symbolname eg: a simple getAddress('game:function') or 'game:function': in AA script , CE will try to find the symbol & if it's monosymbol & if it's not yet jit-ed, CE will jit compile it...
Some circumstance like, if developer use method overloading (method having same name), CE will go to the first occurrence so, if you want to use the second or third function, you have to filter the method ID & use mono_compile_method(methodId) to jit it & get it address...
Ofcourse there are some cases that mono features will crash the game when method name contain unprocess-able character(by CE's mono features) if you try to go to that symbolname...
Using AOB to find injection spot in jit compile game is not so reliable(eg: win7 vs win10, amd vs intel cpu, a simple mov rax,rcx), so now I will just use monosymbol & inject the head of the function and from that spot I can either choose to make pre or post function manipulation just like harmony is doing... & if I really need the middle spot of a function I, just use both symbol & shorten my aob sig or disassemble the function & compare it to what I want eg: third call or second jne...
The good thing about this method is that, it work for both mono & il2cpp game...
You can find reference by looking at other people's table/script or my latest mono/il2cpp table/script(hint: my previous post)...
Re: BattleTech [Engine:Unity]
Posted: Mon Oct 26, 2020 11:34 pm
by Csimbi
CompactDisc wrote: ↑Sun Oct 25, 2020 2:33 pm
What I meant by first time, is that the combat-section of the table only works during the first battle of a new campaign and as long as you don't close the game afterwards.
That's weird. Works for me every time, no matter which save I load.
SunBeam wrote: ↑Mon Oct 26, 2020 4:40 am
(cuz I bet in Csimbi's table aobs are scanned in the WHOLE memory space)
Not quite, I check <512 bytes in each region.
Just check the code, will you?
Been doing that since aobscanregion has been introduced to CE.
Re: BattleTech [Engine:Unity]
Posted: Tue Oct 27, 2020 2:53 am
by SunBeam
^ Don't get grumpy on me. I said I didn't check the table. Good on ya if you already do that
I rest my case then; the reason would be JIT-ing with different opcodes (see Cake's statement: the assembled form depends on several factors, such as CPU, OS, etc.).
Re: BattleTech [Engine:Unity]
Posted: Tue Oct 27, 2020 11:04 am
by Csimbi
SunBeam wrote: ↑Tue Oct 27, 2020 2:53 am
the reason would be JIT-ing with different opcodes (see Cake's statement: the assembled form depends on several factors, such as CPU, OS, etc.).
What bothers me is it was said the script does enable, but it works only in the first campaign map.
Dunno how that can be, I cannot reproduce.
Re: BattleTech [Engine:Unity]
Posted: Tue Oct 27, 2020 8:53 pm
by CompactDisc
Csimbi wrote: ↑Tue Oct 27, 2020 11:04 am
SunBeam wrote: ↑Tue Oct 27, 2020 2:53 am
the reason would be JIT-ing with different opcodes (see Cake's statement: the assembled form depends on several factors, such as CPU, OS, etc.).
What bothers me is it was said the script does enable, but it works only in the first campaign map.
Dunno how that can be, I cannot reproduce.
Unfortunately it's consistent for me
Weird thing is, the strategic part works fine every time.
Re: BattleTech [Engine:Unity]
Posted: Wed Oct 28, 2020 9:01 am
by SunBeam
^ Are you using other trainers at the same time with the table? That might be ANOTHER explanation
If the injection spot is the same.. who knows..
Re: BattleTech [Engine:Unity]
Posted: Thu Oct 29, 2020 10:09 pm
by CompactDisc
SunBeam wrote: ↑Wed Oct 28, 2020 9:01 am
^ Are you using other trainers at the same time with the table? That might be ANOTHER explanation
If the injection spot is the same.. who knows..
No other tables/trainers, or anything.
Re: BattleTech [Engine:Unity]
Posted: Tue Nov 17, 2020 9:21 pm
by Suchaskiver
Hi, Thanks for this, but I cant get the cheat enabler to run for me. When I load the script, it says theres an error in line 61.
Any Advice??