Basic UE4 Win64 Base Table

Upload *YOUR* gamehacking tools/helpers here
bhfff
Noobzor
Noobzor
Posts: 11
Joined: Sun Oct 22, 2017 9:33 am
Reputation: 3

Re: Basic UE4 Win64 Base Table

Post by bhfff »

I'm slowly taking my time to read the lua code to understand it better. I'm thinking of making some kind of bruteforce algo that will autofill the offsets if nothing is found.

(Testing an UE3 64 bit game.) I'm using the FNamePool scanner to find the address and manually replacing it in the code to allow the script to make progress.

After getting "error: stringoffset/ByteProperty not found" I set the variable "stringoffset" right after the two FNameStringAlgo and manually mapped ByteProperty.

I've also manually mapped UObjectMul, but here I'm unsure if I did it corectly as I used the address of UObject (located 469 bytes after ByteProperty) I'm pretty sure this step is wrongfully done by me, but I haven't seen any other references for UObject after my string scans.

Could you help me understand how UObjectMul could be manually mapped? Thank you for the tool!

Paul44
Table Makers
Table Makers
Posts: 305
Joined: Thu Jul 27, 2017 9:02 am
Reputation: 115

Some interesting 'structure' functions...

Post by Paul44 »

I'm currently trying out this tool on Kena; and in the process came up with this stuff to make life somewhat easier.
I'm in particular interested in any suggestions/improvements/etc related to the ''Add address by reference'' and 'Clean up structures' routines !

***
HowTo: Adding a [Design] menu to 'Dissect Data/Structure'
Note: will only work via this script !

How to make use of this:

1. copy/paste 'Open Dissect Structure...' script to your table
(all code now sits in the script itself)
2. save (/quit) table...
3. (load table)
4. run 'Open Dissect Structure...', which opens a DissectStructure form with added [Design] menu

4.a 'Delete all Unnamed structures'
(there is also an option to delete ALL of them...)

4.b 'Delete structures selectively': this opens a listCheckbox, allowing you to select particular structures to be deleted
Note: with a really large structure list (~ beyond screen size) or screen resolution, it is possible that not all structures
are shown in the list?! Either remove some manually; or edit 'local nRange =' in the script appropriately....
- EDIT -: this problem seems to be solved by NOT using '.VertScrollBar.Range' property (just comment the 2 related lines for now)

4.c 'Add address by reference': this will add the currently selected Element in a (sub)structure as 'pointer' memoryrecord to the addresslist.
Important: the base address of your (main) structure must be a pointer address (eg: [pHealth])
(as a memRecord will read the pointer of that address to create/build the "offset_chain")
Note1: Structures/Elements which do not (yet) exist in their respective 'structure.element'-offsets will be created accordingly.
(see also: [ ])
Note2: now also takes care of names with '[]', empty descriptives and spaces in descriptives (if desired ~ see script)

4.d 'Clean up structures': specifically written for this tool. while i was not aware one could do that, it is possible to use structure references as offsets in your 'Address' definition (see for example the 'Player' entry). If you want to continue using this feature, you'll have to keep the appropriate structures, and its related offsets.

The previous version would/will lock up CE in case of many/large structures (either CE not coping well with all them deletions and/or bad coding from my part) ?! Eventually, I've chosen to - basically - delete all structures and add 'structure.element' objects currently present in the table.
Note though that it still relies on existing structures to collect the proper offsets (~ if the table is not attached to the game, the memrecords will not show these offsets)

Practically: when finished, your structures are reduced to bare ("flat") structures, holding only them element references...

(Obsolete; only for pre-v4: This routine parcours your addresslist, picks up any such references and then loops through all structures remomving any "obsolete" elements.)

Important:
i) unnamed structures are not treated (pre-v4 only)
ii) 'structure.element' references in (lua) scripts are not treated either ! (see for example 'Fly' routine)
Workaround: add these base references manually to your table (see f.e. 'CharacterMovement')
eg: create a ptr_entry with base address '+PlayerController.bActorEnableCollision'
(you can also add these manually to the structure itself ~ not advisable though)
iii) only run this prior to releasing your table (and keep your "original" structures for ease of future updates)
Iow: [Save As] under a new name !

4.e Switch Lua Engine Lua (just in case something goes wrong...)

PS: see #aSwedishMagyar's routine on page 3 on how to add this script as menu_option in the main CE window.

- UPDATE - v1.2
* moved all code to script
* added ''Add address by reference'' function
* minor updates/corrections

- UPDATE - v1.4 ~ v4
* Delete all Unnamed structures: added 'All' option
* Delete structures selectively: should now/always show complete list of structures (see Note though)
* Add address by reference: further finetuning
* Clean up structures: different approach on how to "keep" flat structures (and must faster now)
(note: v3 script contains the "old" 'Clean up structures')
Attachments
_CE_StructMgt_v1.4.CT
(30.64 KiB) Downloaded 23 times
_CE_StructMgt_v1.2.CT
(13.37 KiB) Downloaded 23 times
Last edited by Paul44 on Sun Oct 17, 2021 10:43 am, edited 3 times in total.

aSwedishMagyar
Table Makers
Table Makers
Posts: 623
Joined: Mon Jul 06, 2020 3:19 am
Reputation: 968

Re: Some interesting 'structure' functions...

Post by aSwedishMagyar »

Paul44 wrote:
Sat Oct 02, 2021 8:20 am
...
Here is what I use to generate the structure elements automatically. I also have my remove structures function in it.

Place it in your autorun folder to make a button for them.
Attachments
addStructsMenu.zip
02-10-2021
PW: aSwedishMagyar
(1.08 KiB) Downloaded 61 times

Yellowsub
Table Makers
Table Makers
Posts: 212
Joined: Tue Jul 13, 2021 9:51 am
Reputation: 75

Re: Some interesting 'structure' functions...

Post by Yellowsub »

Paul44 wrote:
Sat Oct 02, 2021 8:20 am
I'm currently trying out this tool on Kena; and in the process came up with this stuff to make life somewhat easier.
I'm in particular interested in any suggestions/improvements/etc related to the 'Clean up structures' routine

ALSO: anyone happens to know how to easily add an address entry, retaining the 'structure.element' as offset reference? I noticed this routine 'StructAddToListSymbol' in the table... (it does create plenty of address_entries, but not like that, nor the only one ~ unless i'm doing this incorrectly).
To clarify: i'd like to add a new (ptr_chain) entry (see e.g. 'Player'), while retaining any 'offsetText' references.
(atm i need to edit the address_entry manually ~ could write a routine for that, but i'm assuming such a routine is already present)

***
HowTo: Adding a [Design] menu to 'Dissect Data/Structure'
Note: will only work via this script !

How to make use of this:
1. - copy/paste 'Lua startup script' code into your table's startup
- copy/paste 'Open Dissect Structure...' script to your table
2. save/quit table...
3. run it (and execute startup code)

4. run 'Open Dissect Structure...', which opens a DissectStructure form with added [Design] menu

4.a 'Delete all Unnamed structures': well...
4.b 'Delete structures selectively': this opens a listCheckbox, allowing you to select particular structures to be deleted
4.c 'Clean up structures': specifically written for this tool. while i was not aware one could do that, it is possible to use structure references as offsets in your 'Address' definition (see for example the 'Player' entry).
If you want to continue using this feature, you'll have to keep the appropriate structures, and its related offsets. This routine parcours your addresslist, picks up any such references and then loops through all structures remomving any "obsolete" elements.
Practically: when finished, your structures are reduced to bare ("flat") structures, holding only them element references...

Important:
i) unnamed structures are not treated
ii) 'structure.element' references in (lua) scripts are not treated either ! (see for example 'Fly' routine)
Workaround: add these base references manually to your table (see f.e. 'CharacterMovement')
eg: create a ptr_entry with base address '+PlayerController.bActorEnableCollision'
(you can also add these manually to the structure itself ~ not advisable though)
iii) only run this prior to releasing your table (and keep your "original" structures for ease of future updates)

4.d Switch Lua Engine gui (just in case something goes wrong...)


PS: see #aSwedishMagyar's routine on page 3 on how to add this script as menu_option in the main CE window.
Absolutely amazing tool.. Keep up the good work.. Thanks again for the tool :)

Yellowsub
Table Makers
Table Makers
Posts: 212
Joined: Tue Jul 13, 2021 9:51 am
Reputation: 75

Re: Some interesting 'structure' functions...

Post by Yellowsub »

aSwedishMagyar wrote:
Sat Oct 02, 2021 5:04 pm
Paul44 wrote:
Sat Oct 02, 2021 8:20 am
...
Here is what I use to generate the structure elements automatically. I also have my remove structures function in it.

Place it in your autorun folder to make a button for them.
As always aSwedishMagyar absolutely gold.. I have so many of your tools imbedded in my cheat engine im not sure much more can fit.. Thanks again buddy.. love all your tools

JohnFK
Expert Cheater
Expert Cheater
Posts: 51
Joined: Tue Aug 29, 2017 10:50 am
Reputation: 17

Re: Basic UE4 Win64 Base Table

Post by JohnFK »

Has anyone got the 'Construct Console' script to work? I've tested it on over 16 UE4 games and it always crashed the game. The AOB is correct and the offsets are correct as well. I've compared it against Universal UE Console unlocker and the call 'StaticConstructObject' function is using the same parameters. But while the script crashes the game, the universal unlocker successfully unlocks the console?!

User avatar
SunBeam
Administration
Administration
Posts: 3734
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 2954

Re: Basic UE4 Win64 Base Table

Post by SunBeam »

There's no such thing as unlocking. That's why the script is called "construct". I have never checked it, but I think there's either an issue with the args or StaticConstruct isn't a thread safe function. I'll let you figure those out for the time being.

Paul44
Table Makers
Table Makers
Posts: 305
Joined: Thu Jul 27, 2017 9:02 am
Reputation: 115

Re: Basic UE4 Win64 Base Table

Post by Paul44 »

@JohnFK: that crash is caused by the 'executeCodeEx'; it happens in 'Kena' as well. Don't ask; i do not know anything about UE3/4... (so no idea what/why_that he is doing here)


FYI: if diving into UE could be a challenge for you:
#Sunbeam forwarded me this link [ viewtopic.php?p=81072#p81072 ] some time back. Expect/anticipate some research time here; if you are working 9-to-5, you are looking easily at a 3~6 months time_span to get you 'started'... :|

User avatar
Cake-san
Table Makers
Table Makers
Posts: 374
Joined: Sun Mar 26, 2017 4:32 pm
Reputation: 572

Re: Basic UE4 Win64 Base Table

Post by Cake-san »

Cake-san wrote:
Sun Nov 29, 2020 1:42 pm
Update 6.8
- Can't remember
- Construct console script now use aob-less scanner. (Welp, this is just an example script so, it will not work for all game like a very custom engine, 32bit game or UE3 game)

- Table now register all member/field symbols the reflection had to offer so, you don't have to create structure to get symbols,instead , use structure for exploring stuff.

- Change == to string.find , in init fnametostring function (don't know if this will fix the problem that some people cant activate the main script or not.)

- ... :ph34r:

User avatar
SinGul4ritY
Expert Cheater
Expert Cheater
Posts: 244
Joined: Fri Sep 25, 2020 5:45 pm
Reputation: 271

Re: Basic UE4 Win64 Base Table

Post by SinGul4ritY »

^ amazing! thanks______ ( again )

Post Reply

Who is online

Users browsing this forum: No registered users