Lust From Beyond | 380+ Pointers

[GreenHouse]

I know most people do not know how to use it, but it is not my fault. And you said 95% of it is useless, well, idk if your calculation works in reverse or something cuz ive even provided pointers to inputs (freezing/manipulating which will allow user to do things that are normally not allowd in that state ), ive included pointers to player inventory showing not only items amount but also the NAME and Description of the item in a specific slot. You think this is useless? Ive including pointers to onHealthChange, onPlayerDeath, camerEffects, playerAnimator and all of these function and a strait path from the class that anyone can search for.
You think this is useless? I've not only included pointer to current player stats but also to the booleans controlling them. You think this is useless? Well if you think all of this is useless then you really need to learn how to use them...and work on your number too.

Yes, I still think that it's useless. Anyone that knows how to use those, already has the Mono Disassembler that shows you all of that. Tables are for people that don't know how to and just want scripts to activate and a few WORKING and USABLE values to edit. It's simple. Not 380 things that from those only like 20 are usable.
And onHealthChange, onPlayerDeath, cameraEffects, playerAnimator are if not useless, pointless. You don't need those for anything. You can go to the functions with the Mono Disassembler. And many of the bools are pretty much useless too.
This to me is lazy at best. You could at least clean it up, and not leave all the trash that is useless.
And also pretty much what Darkedone02 said on the previous message.

How to use this cheat table?

1. Install Cheat Engine
2. Double-click the .CT file in order to open it.
3. Click the PC icon in Cheat Engine in order to select the game process.
4. Keep the list.
5. Activate the trainer options by checking boxes or setting values from 0 to 1

[ODimm]

Look if you do not like it you do not need to download it, simple as that. There is really no need to spread you shit especially you @ODimm in someone else topic. Now let me move on to your questions


First of all, this is because of version difference, so its always a problem (for any table of any engine). If you have the same that i have it shouldnt be a problem.

cant work right?^^ i mean you said "thanks but I already know all of that" why you are not using it if you know all of it?

yes, but this method is Jitted at the launch of the game. invoking is very slow and unfriendly at least for me, I mean you cannot compare asm with higher languages can you?

hahahaha nope, you are spreading shit with false infos coz of your lack of knowledge.

Code: Select all

if getModuleSize(modToSize) ~= modSize then
 showMessage('Different game version detected! Good Luck')
end

^
im using the same version, otherhise this check would trigger? it does not trigger.


" If you have the same that i have it shouldnt be a problem"

that is just false for any JIT game, and this shows again that you are the one who talks shit.

"invoking is very slow and unfriendly at least for me"

and you show again that you have no idea what you are doing, do you see ANY invokes in my code?
no its just getting the instance and force-compile the method.
coz its not necessary to do a invoke to grab a instance.

and coz of your lack of knowledge you are not knowing that you can also call functions/methods without a (slow) mono invoke
example from ME! : viewtopic.php?p=165530#p165530
im using a UnityEngine function to activate a GameObject with ASM only inside a Update Function.
but i guess some SwedishTroll still wants to say "troll you cant use this stuff and need others to make tables" but its okay i now already that you are just talking shit coz you dont have any clue about JIT/Mono Code



"but this method is Jitted at the launch of the game"

also false, the method is only JITed if a savegame is completly loaded and the player is spawned in the game-world.

so summary:
-i have the same version, your code is not working
-i explain why and give a working solution
-you understand shit coz of your lack of knowledge


-----------


EDIT:

the game HAS a public static (Managers)
so you can get the datas without first injecting at the Draggable Instance.
coz the Draggable Instance contains a pointer to the Manager Instance.
and the Manager Instance is PUBLIC STATIC

simple example to get it:

Code: Select all

{$lua}
if syntaxcheck then return end

[ENABLE]
LaunchMonoDataCollector()
local cId = mono_findClass('', 'Managers')
local _Manager =  mono_class_getStaticFieldAddress(mono_enumDomains()[1], cId)
_Manager = readPointer(_Manager)
if (_Manager) then
 print(string.format("%x",_Manager))
 Mem = AllocateMemory(8)
 unregisterSymbol("_Manager")
 registerSymbol("_Manager",Mem,true)
 writeQword(Mem,_Manager)
end

 
 
[DISABLE] 
 

but yeah according to mrSwedishGuy its not possible xD and probably he still thinks i cant do my own table, really really funny....
it must feel very very bad that you are say shit like " Let me know when you make a table integrating all of this so called knowledge" if you never looked that i already used stuff like this in my tables

but like i already said -> you shoot yourself in the foot, im and all the others are now laughing at you

[VampTY]

Hmm..instead of measuring your fucking dicks, why not doing the right thing and make the right table for requesters... let them decide what is right or wrong for them, instead of showing who has the biggest dick of all (this is not pornhub), be the smartest of all an help the others with your wisdom, share your fucking "the one and only table" and not your angered messages.Haters will always exist. This forum is my second best, not the best choice, but there's room for improvement, so, chill, drink some coffee or whatnot, make love with your girl or with your man or whatnot..then return sober and with your will to help, then and only then, try and help the others with what you know, then you'll succeed.

There's a lot of hate through table makers, now, imagine what would happen' if they'll unite and merge their knowledge (in a group of 3-4 )in order to give a proper table!

PS: I'm just a girl, what do i know, i'm not experienced like all you out there, but i know shit enough to make some sense!

Note:

So, stop stop this thingy..love is there baby, if something is not working, you should be like...hey, dude here 's how you should...because i'm, more advanced..etc..not like, i have a bigger dick than yours! It's rude and bad!

I hope you know what i mean..all the best to y'all!

Now, regarding the one who uploaded the shared table, good for him/her (no mean way to offend, i don't know your gender) he/she was kind enough to share (good or bad, is there baby), what you users answers to that? Your table is on what link?

Wow: understand the message, work together, plus and happy requesters!...Not working together, bad results!

[DarkThinkHuman]

Hi! Table is not Working-Activating<<Error While Scanning For playerMain>>

[ODimm]

Hi! Table is not Working-Activating<<Error While Scanning For playerMain>>

Code: Select all

{$lua}
LaunchMonoDataCollector()
{$asm}

define(address,DragController:Dragging )

[ENABLE]

alloc(newmem,$1000,DragController:Dragging )

label(code)
label(return)

alloc(_Dragging,11)
registersymbol(_Dragging)

label(_playerBase)
registersymbol(_playerBase)

_Dragging:
readmem(address,11)

newmem:

code:
  readmem(address,11)
  mov [_playerBase],rcx
  jmp return
_playerBase:
dq 0
address:
  jmp newmem
  db 90 90 90 90 90 90
return:

[DISABLE]

address:
  readmem(_dragging,11)

dealloc(newmem)

unregistersymbol(_Dragging)
unregistersymbol(_playerBase)

copy this into the [[POINTERS]] script (double click on <script> )and then it will work, please confirm that it will activate + find all pointers correctly

[Rysefox]

[DarkThinkHuman]

copy this into the [[POINTERS]] script (double click on <script> )and then it will work, please confirm that it will activate + find all pointers correctly

It works!Thanks!

[SunBeam]

I have said this NUMEROUS times:

1) not all of the Unity functions are available when the game is up
2) when they're needed by the game, they will be JIT-ed (assembled) by Unity
3) if they're not needed by the game and only CHEAT ENGINE needs them as part of enabling some script, it will JIT them, meaning it will assemble them

In either of the scenarios above (2 or 3), the assembled opcodes won't always be the same. It may happen that on a 3rd run of the game, for the same function, the ASM will be compiled differently. The outcome will be the same, but the instructions (hence the bytes you scan for) will not.

Example:

mov eax,ptr

vs.

lea eax,ptr
mov eax,[eax]

Will have the same effect, yet the opcodes are different. For obvious reasons: 1 line vs 2 lines., more bytes.

Another thing I did in BattleTech was to find the function by name, then SMALL SCAN inside it to find the location I want to hook. That's how I learned the assembled code is not always the same, that my AOBs failed very often.

I've seen Unity and CE do that shit a lot of time, that I gave up using AOBs. Just use Mono like any self-sufficient gamehacker, work your way through the chains, find the function you need by Class/Name and hook its PROLOGUE. Not randomly in the middle of it, not being 100% sure the ASM you look for will be there for granted.

So this:

Code: Select all

{
// ORIGINAL CODE - INJECTION POINT: DragController:Dragging+248

DragController:Dragging+218: 41 FF D3                       - call r11
DragController:Dragging+21b: 85 C0                          - test eax,eax
DragController:Dragging+21d: 0F 84 78 00 00 00              - je DragController:Dragging+29b
DragController:Dragging+223: 48 8B CE                       - mov rcx,rsi
DragController:Dragging+226: 48 BA 40 02 02 8B C1 01 00 00  - mov rdx,000001C18B020240
DragController:Dragging+230: 48 8D 64 24 00                 - lea rsp,[rsp+00]
DragController:Dragging+235: 90                             - nop 
DragController:Dragging+236: 49 BB D0 CA 18 83 C1 01 00 00  - mov r11,UnityEngine:MonoBehaviour:StartCoroutine
DragController:Dragging+240: 41 FF D3                       - call r11
DragController:Dragging+243: E9 53 00 00 00                 - jmp DragController:Dragging+29b
// ---------- INJECTING HERE ----------
DragController:Dragging+248: 48 8B 46 18                    - mov rax,[rsi+18]
// ---------- DONE INJECTING  ----------
DragController:Dragging+24c: 48 8B C8                       - mov rcx,rax
DragController:Dragging+24f: 83 39 00                       - cmp dword ptr [rcx],00
DragController:Dragging+252: 48 8B 40 40                    - mov rax,[rax+40]
DragController:Dragging+256: 48 8B 80 88 00 00 00           - mov rax,[rax+00000088]
DragController:Dragging+25d: C6 40 61 01                    - mov byte ptr [rax+61],01
DragController:Dragging+261: 48 8B 4E 30                    - mov rcx,[rsi+30]
DragController:Dragging+265: 33 D2                          - xor edx,edx
DragController:Dragging+267: 48 8D AD 00 00 00 00           - lea rbp,[rbp+00000000]
DragController:Dragging+26e: 49 BB 50 92 6C 98 C1 01 00 00  - mov r11,UnityEngine:Object:op_Inequality
DragController:Dragging+278: 41 FF D3                       - call r11
}

May very well be compiled like so:

Code: Select all

DragController:Dragging+248: 48 8B 46 18                    - mov rax,[rsi+18]

vs.

Code: Select all

DragController:Dragging+xxx: xx xx xx xx                    - lea rax,[rsi+18]
DragController:Dragging+xxx: xx xx xx                       - mov rax,[rax]

In which case, if you scan for 48 8B 46 18 - let's assume that it should be 1 unique result you find - then it won't be found for those instances when the code got compiled like in the snippet above. Cuz.. "freedom of speech". What.. a compiler can't choose on its own which form (optimized or not) to apply for a mnemonic?

"It never happened to me". Well, if you take 20 users having the same Intel CPU you have, it won't happen. If you take an AMD user, then CE/Unity might pick a different mnemonic/form for some static instruction and the result will be different. So bitching "it works for me 100%" while others tell you it doesn't for them and solving this with an "I don't know why it happens" isn't a solution in my book. Now you know why it happens. Adjust your model if you care to make everyone happy. Otherwise, please add a disclaimer stating that the JIT-ed code will NOT always be compiled in the same form and some scripts/aobs may fail. That easy.

First of all, this is because of version difference, so its always a problem (for any table of any engine). If you have the same that i have it shouldnt be a problem.

Having the same identical Assembly-CSharp.dll doesn't guarantee the code-assembly to be identical when JIT kicks in. Yes, it will be the same in 80% of the times, but when the compiler will pick, based on where the cursor's at, optimizations and other internal crap not worth mentioning in this post, which form the compiled instructions takes.. and it won't be one that's part of your AOB.. that AOB will fail.

Certain functions may be overloaded in which case you need to use a signature to find them reliably.

I expect more from you. Please read my explanation above to PeaceBeUponYou's "oh, it must be the version then" response.

Point of this post: THE ASM BEHIND THE INSTRUCTIONS YOU SCAN FOR IN AOBS IS NOT ALWAYS THE SAME (1/3 chances it will change, depending on whatever choice the assembler "picks" for a mnemonic). So those of you who are at that incipient knowledge level and think an AOB is all you need to hack a game, you're mad wrong. And that's cuz you sit idly by, self-sufficient, in that bubble of yours, without ever attempting new things in your gamehacking lives. Not to mention you almost never visit some Engine's source-code to learn how it works; that's too much for you, too complicated. Yet have the audacity to spew retarded shit and teach the world your unfounded and not-confirmed beliefs.

If you think Unity is the only Engine causing these issues, you're wrong Here's some standard ASM, from C++ compiled by MSVS:

Code: Select all

48:8BC8                      | MOV RCX,RAX

Then enter Denuvo. What Denuvo does is it identifies all functions that have size > 5 bytes, then it relocates them to its own allocated memory. When that happens, the original instructions are re-assembled in their new location. Then the original code is simply over-written with a JMP to new location + 0xCC bytes. Now.. when the original instructions are reassembled in their new location, this shit happens:

Code: Select all

48:89C1                      | MOV RCX,RAX

Look at the bytes I bet you never knew "MOV RCX,RAX" can have 2 mnemonics, eh?

So if you initially had an AOB that scanned for 488BC8 in the non-protected game and you found 1 result (let's assume that), now that devs use Denuvo which relocates/reassembles code and you scan for 488BC8, you won't find it. Cuz now it's 4889C1.

Now replace Denuvo with Intel or AMD CPUs. These choose the mnemonic for an instruction based on how they are designed. That's what happens with Unity and CE (CE doesn't use its own mechanism to JIT instructions; no, it uses the same logic Unity does).

How much of your AOBs do you really evaluate and think upon to say "well, I'm sure this CAN'T CHANGE so I will use the aob like this"? I bet you almost never consider a LOT of "what IFs"..

If I see anymore bickering in this topic, I will close it down.

BR,
Sun

[aSwedishMagyar]

Certain functions may be overloaded in which case you need to use a signature to find them reliably.

I expect more from you. Please read my explanation above to PeaceBeUponYou's "oh, it must be the version then" response.

By signature, I meant the argument of the mono method. But please, lets have more of this incessant nagging on a non-issue that arose from one person being an absolute shitstain which is literally the only reason I commented in the first place.

I expect more from you.

[SunBeam]

...

Let's take them one by one:

but pure AOBs will fail for most systems, so its just a useless table coz its pure luck if its work for others.

Ive always used AOBs and never seen them fail, (unless a method was updated with some new arguments )

Up to this point, ODimm tells you the AOBs won't always work in anyone's OS. The OP says "no, you're wrong; works for me". Cool, let's continue..

You are the wrong person to be lecturing about how to make a table. Especially when you have literally no idea the asm experience that PeaceBeUponYou has. Also it really isn't as simple as you say with "just grab a public static instance", especially when CE can't resolve the exact one you need. Certain functions may be overloaded in which case you need to use a signature to find them reliably. Even if you are using aobscanregion that region may not be correct if the symbol is reused in a smaller encapsulating function that calls the larger.

Don't be that guy who jumps on the bandwagon because it makes you look like an idiot.

You come into play and want to stick it to ODimm, cuz who's he to talk down to some table maker. On top of that, you start talking as if you knew PeaceBeUponYou user and his ASM experience, then some mumbo jumbo. Cool, let's continue..

Ive always used AOBs and never seen them fail, (unless a method was updated with some new arguments )

...yes on YOUR system, but i talk about other systems will generate diffeent AOBs

ODimm says the same thing I took my time to reply on: Unity uses a LDE (length disassembler engine) which will pick - based on various elements, the CPU type being one - how to ASSEMBLE instructions from IL-managed code. I agree with him here, so you can't pull the "let's continue on this path and bla bla". He said something important, which, considering your belittling of his avatar, was overlooked. That's why I'm disappointed in you. That you fucking didn't know this aspect. Otherwise you'd have reacted, just like I did. There's no other explanation.

Look if you do not like it you do not need to download it, simple as that. There is really no need to spread you shit especially you @ODimm in someone else topic. Now let me move on to your questions

And lastly, here's PeaceBeUponYou's "ASM experience": in short, he told 2 users to stop using his shit if they don't like it or it doesn't work for them.

All in all, I generally recommend not picking sides.. but if you do, choose the WINNING side? And do your god damn homework, so you don't look like a fool now bitching back at me.

[aSwedishMagyar]

All in all, I generally recommend not picking sides.. but if you do, choose the WINNING side? And do your god damn homework, so you don't look like a fool now bitching back at me.

That's because I do know his ASM experience and I literally could not care less what you think of me anyways. You are not in the CTG discord where you see all the work he has put in and the excellent tutorials he posts on how to make things work in ASM. Also, not once did I say he was wrong, I just think he's a little shit who acts like a 12 year old when someone disagrees with them. Either way, I have better things to do than argue with a deranged moron and some dude who can't get off his high horse.

[SunBeam]

All in all, I generally recommend not picking sides.. but if you do, choose the WINNING side? And do your god damn homework, so you don't look like a fool now bitching back at me.

That's because I do know his ASM experience and I literally could not care less what you think of me anyways. You are not in the CTG discord where you see all the work he has put in and the excellent tutorials he posts on how to make things work in ASM. Also, not once did I say he was wrong, I just think he's a little shit who acts like a 12 year old when someone disagrees with them. Either way, I have better things to do than argue with a deranged moron and some dude who can't get off his high horse.

If some user your respect and know he has experience says "if you don't like my shit, fuck off" to not 1, but 2 users, that tells me how far their experience goes. He clearly doesn't know how to make it so it works for everyone and their dog because of his self-sufficiency. Always that fucking Unity and always people thinking that if they know how to write a script, they practice that till it becomes a habit, a way of life, they're gods. And anyone's word against them is crap, hurting their ego, that they rarely leave in room for evolution. Everything in this topic was about opinions: whose dick is bigger or longer, piling up one spew over another, when the bottom line all along: the user who "started" this involuntarily is right.

Lastly, you're literally confirming my suspicions: it doesn't matter who's right here, you stick to your "pal" you know by experience and contributions and the CTG Discord family. And since that happens, that you put your relationships first -- preferences of one over another, etc. -- before pure logic and publicly admitting of being wrong while giving a shit about some user who rightfully reported a real issue, good riddance and you can go fuck yourself. My high horse sends its regards.

Let's see how long it takes you to reply, since you had better things to do and everything...

I rest my case...



Keep supporting one another in stupidity, cuz that's what you're portraying right now. As far as calling me or the other user deranged, here's what's deranged.. the game itself, ffs:

[GreenHouse]

I rest my case...

If you tried to enable it on the main menu, then that's the reason. He chose such an specific function to use as base. Otherwise go there so to that address so we can see the problem.

[SunBeam]

^ I've enabled it while in game world. Player had been instantiated, active and could move around by controller. The first 2-3 tries it worked. On a 4th and 5th attempt, consecutively (surprisingly), it failed. That's what I was getting at here, when it stops working.

P.S.: By attempt I mean: close the game completely, re-run, get in game world, try script.

[PeaceBeUponYou]

alright alright, ive injected it using full injection at the very beginning of the the method even before the stack frame was set. will upload in a few minutes

The reason I was saying that was, trying to Launch mono collector using lua command mostly freezes CE for me, besides im running thins game on 10 FPS so not much to blame to. But anyway, Ive injected like i said above at a safe place where im reading the first arugument (rcx) even before the function prepares the stack frame, so now It should work for every one.I actually had to go on some one elses PC to make sure eveything was working, and it is working now. Just gimme some time to arrange stuff.