How to make a table that just changes an AOB and nothing more?
How to make a table that just changes an AOB and nothing more?
I want to make a checkbox that toggles on/off an AOB edit
Like if I had some AOB like AA BB CC DD (making up random stuff there) and I want to click the box to change it to FF BB CC DD, and if I uncheck the box it goes back again.
I tried opening memory view and doing ctrl + A then putting down a template for an AOB injection, code injection, etc, but an injection isn't what I am trying to do and it seems to select way more than I want to edit. I just want to have it change a byte in the designated AOB.
Like if I had some AOB like AA BB CC DD (making up random stuff there) and I want to click the box to change it to FF BB CC DD, and if I uncheck the box it goes back again.
I tried opening memory view and doing ctrl + A then putting down a template for an AOB injection, code injection, etc, but an injection isn't what I am trying to do and it seems to select way more than I want to edit. I just want to have it change a byte in the designated AOB.
-
- Expert Cheater
- Posts: 103
- Joined: Tue May 02, 2017 6:00 am
- Reputation: 15
Re: How to make a table that just changes an AOB and nothing more?
You do in fact want an injection, you just want to write the bytes you want to change. Here is an example.TheVine wrote: ↑Thu Jan 27, 2022 3:41 amI want to make a checkbox that toggles on/off an AOB edit
Like if I had some AOB like AA BB CC DD (making up random stuff there) and I want to click the box to change it to FF BB CC DD, and if I uncheck the box it goes back again.
I tried opening memory view and doing ctrl + A then putting down a template for an AOB injection, code injection, etc, but an injection isn't what I am trying to do and it seems to select way more than I want to edit. I just want to have it change a byte in the designated AOB.
Code: Select all
{$STRICT}
define(address, Tutorial-x86_64.exe+2C5B8)
define(bytes, 89 10 48 8B 45 F0)
////
//// ------------------------------ ENABLE ------------------------------
[ENABLE]
aobScanModule(aobTutorialStep5Hook, Tutorial-x86_64.exe, 8910488B45F0488B80xxxxxxxx8B00)
define(injTutorialStep5Hook, aobTutorialStep5Hook)
assert(injTutorialStep5Hook, bytes)
registerSymbol(injTutorialStep5Hook)
////
//// ---------- Injection Point ----------
injTutorialStep5Hook:
db 90 90
////
//// ------------------------------ DISABLE ------------------------------
[DISABLE]
////
//// ---------- Injection Point ----------
injTutorialStep5Hook:
db bytes
unregisterSymbol(injTutorialStep5Hook)
{
Module: Tutorial-x86_64.exe
Address: Tutorial-x86_64.exe+2C5B8
AOB Address: Tutorial-x86_64.exe+2C5B8
Tutorial-x86_64.exe+2C595 - 49 89 E8 - mov r8,rbp
Tutorial-x86_64.exe+2C598 - E8 6392FEFF - call Tutorial-x86_64.exe+15800
Tutorial-x86_64.exe+2C59D - 0F1F 00 - nop dword ptr [rax]
Tutorial-x86_64.exe+2C5A0 - 8B 45 E8 - mov eax,[rbp-18]
Tutorial-x86_64.exe+2C5A3 - 3B 45 EC - cmp eax,[rbp-14]
Tutorial-x86_64.exe+2C5A6 - 74 B0 - je Tutorial-x86_64.exe+2C558
Tutorial-x86_64.exe+2C5A8 - EB 00 - jmp Tutorial-x86_64.exe+2C5AA
Tutorial-x86_64.exe+2C5AA - 48 8B 45 F0 - mov rax,[rbp-10]
Tutorial-x86_64.exe+2C5AE - 48 8B 80 E0070000 - mov rax,[rax+000007E0]
Tutorial-x86_64.exe+2C5B5 - 8B 55 E8 - mov edx,[rbp-18]
Tutorial-x86_64.exe+2C5B8 - 89 10 - mov [rax],edx <<<---- Injection point
Tutorial-x86_64.exe+2C5BA - 48 8B 45 F0 - mov rax,[rbp-10]
Tutorial-x86_64.exe+2C5BE - 48 8B 80 E0070000 - mov rax,[rax+000007E0]
Tutorial-x86_64.exe+2C5C5 - 8B 00 - mov eax,[rax]
Tutorial-x86_64.exe+2C5C7 - 3B 45 EC - cmp eax,[rbp-14]
Tutorial-x86_64.exe+2C5CA - 74 02 - je Tutorial-x86_64.exe+2C5CE
Tutorial-x86_64.exe+2C5CC - EB 22 - jmp Tutorial-x86_64.exe+2C5F0
Tutorial-x86_64.exe+2C5CE - 48 8B 45 F0 - mov rax,[rbp-10]
Tutorial-x86_64.exe+2C5D2 - 48 8B 88 C0070000 - mov rcx,[rax+000007C0]
Tutorial-x86_64.exe+2C5D9 - B2 01 - mov dl,01
Tutorial-x86_64.exe+2C5DB - 48 8B 45 F0 - mov rax,[rbp-10]
}
Re: How to make a table that just changes an AOB and nothing more?
Thanks for the response but I'm not really sure what I'm looking at, the whole difficulty I am having is telling it what to look for and how to just change what I want to change so that the entire program isn't thrown off
This is the code I get when I run the AOB injector
All I want to do is change that 55 to a C3 (a return).
1. I guess "55 8B EC 6A FF 68 65 66" is the AOB it determined to be unique, which is OK
2. But I don't understand what "db 55 8B EC 6A FF" is for or why it's shorter than the AOB scanned part
3. I don't understand why it's pulling in a few lines into the "code" section
4. I don't know what I need to change to have it just edit what I want to edit.
This is the code I get when I run the AOB injector
Code: Select all
[ENABLE]
aobscanmodule(INJECT,Game.exe,55 8B EC 6A FF 68 65 66) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
code:
push ebp
mov ebp,esp
push -01
jmp return
INJECT:
jmp newmem
return:
registersymbol(INJECT)
[DISABLE]
INJECT:
db 55 8B EC 6A FF
unregistersymbol(INJECT)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: Game.exe+107890
Game.exe+10788F: CC - int 3
// ---------- INJECTING HERE ----------
Game.exe+107890: 55 - push ebp
// ---------- DONE INJECTING ----------
Game.exe+107891: 8B EC - mov ebp,esp
Game.exe+107893: 6A FF - push -01
Game.exe+107895: 68 65 66 70 00 - push Game.exe+476665
}
1. I guess "55 8B EC 6A FF 68 65 66" is the AOB it determined to be unique, which is OK
2. But I don't understand what "db 55 8B EC 6A FF" is for or why it's shorter than the AOB scanned part
3. I don't understand why it's pulling in a few lines into the "code" section
4. I don't know what I need to change to have it just edit what I want to edit.
Re: How to make a table that just changes an AOB and nothing more?
Yes, or at least should be unique.
It is the bytes of the code that is being covered by the injection (minimum of 5 bytes are needed) and is what is needed to restore the bytes to the original state if you were to do an injection that jumps to another location (or if you were manually editing all of the bytes).
Explained above. Has to be a minimum of 5bytes for an injection and the code you see is what covers a minimum of 5 bytes (but this is more than 5 bytes) and has to cover the whole instruction (can't take partial bytes from an instruction, has to take them all so that's why there are more than 5 bytes being restored on disable).
Code: Select all
[ENABLE]
aobscanmodule(INJECT,Game.exe,55 8B EC 6A FF 68 65 66) // should be unique
INJECT:
db C3
registersymbol(INJECT)
[DISABLE]
INJECT:
db 55
You could also write "ret" under "INJECT:" in the ENABLE section and "push ebp" under "INJECT:" in the DISABLE section.
I'm not very good at explaining things, so maybe someone else can do a better job but this is what you were asking for in the code above. You seem to not know some of the most basic things and I would recommend watching some tutorials on YouTube (CheatTheGame, Stephen Chapman, etc).
-
- Expert Cheater
- Posts: 103
- Joined: Tue May 02, 2017 6:00 am
- Reputation: 15
Re: How to make a table that just changes an AOB and nothing more?
TheVine wrote: ↑Thu Jan 27, 2022 4:06 am...
1. I guess "55 8B EC 6A FF 68 65 66" is the AOB it determined to be unique, which is OK
2. But I don't understand what "db 55 8B EC 6A FF" is for or why it's shorter than the AOB scanned part
3. I don't understand why it's pulling in a few lines into the "code" section
4. I don't know what I need to change to have it just edit what I want to edit.
- No, it's what might be unique. Note the "should be unique" comment. So you still need to test it.
- It's the original bytes for the hook. A hook is a redirection of the code execution. So in this case it's for a 5 byte jump, but you really only need to write the original bytes in the disable section that were changed in the enable section.
- Note the injection point in the example script I posted. It's setting the bytes to NOPs (0x90). You need to do something similar at your injection point. Thus you need to change the stuff under "INJECT:" in the enable section.
EDIT: looks like some gave you the answer.
Re: How to make a table that just changes an AOB and nothing more?
I've actually done the CE tutorial already - problem is in practice I find that I'm still running into all sorts of situations not explicitly covered in the tutorial material, so I get a little lost trying to find what I need or understand what's going on.
Thanks for the responses, I'll try to understand this better.
Thanks for the responses, I'll try to understand this better.
Re: How to make a table that just changes an AOB and nothing more?
I have so many questions about the way this AOB code is set up and what everything actually means / what's going on, is there a good tutorial that explains this? I don't know what "db" means or this 5-byte minimum thing or why we can suddenly change it to a single-byte thing, if the injection point is always at the start of the scanned AOB, why it seems like we can use both code as well as bytecode, what this register/unregister symbols are doing, enable/disable tags, all this stuff.
Like I see [Link] but it doesn't get into the breakdown of what's happening in each piece.
It has a sublink to [Link] but most of the time I go to look up anything on that forum, links are dead, pics are gone, etc.
Like I see [Link] but it doesn't get into the breakdown of what's happening in each piece.
It has a sublink to [Link] but most of the time I go to look up anything on that forum, links are dead, pics are gone, etc.
Re: How to make a table that just changes an AOB and nothing more?
Re-read my post, I give examples of tutorial makers on YouTube. This is where I started. Find the basics in their older videos.TheVine wrote: ↑Thu Jan 27, 2022 5:00 amI have so many questions about the way this AOB code is set up and what everything actually means / what's going on, is there a good tutorial that explains this? I don't know what "db" means or this 5-byte minimum thing or why we can suddenly change it to a single-byte thing, if the injection point is always at the start of the scanned AOB, why it seems like we can use both code as well as bytecode, what this register/unregister symbols are doing, enable/disable tags, all this stuff.
You sound like you have a lot to learn Good luck & enjoy it.
Re: How to make a table that just changes an AOB and nothing more?
Watched a video, I think I understand a little more now.
The one thing I still don't quite get is the 5-bytes-minimum thing and what that technically applies to, since the code does allow for a single-byte change. Is this only in the event that we need to jump to newly-allocated memory, and 5 bytes is the minimum needed to perform the jump call?
If so, does this also mean that we might want to preserve whatever got overwritten with the jump call by re-stating those overwritten bytes at the end of whatever our newmem code is executing?
The one thing I still don't quite get is the 5-bytes-minimum thing and what that technically applies to, since the code does allow for a single-byte change. Is this only in the event that we need to jump to newly-allocated memory, and 5 bytes is the minimum needed to perform the jump call?
If so, does this also mean that we might want to preserve whatever got overwritten with the jump call by re-stating those overwritten bytes at the end of whatever our newmem code is executing?
Re: How to make a table that just changes an AOB and nothing more?
You need to learn assembly language. There are gigantic number of tutorials in the tutorials section of this forum and if you search on the web as well.
5 bytes is the instruction size and no, you can't just make up sizes.
5 bytes is the instruction size and no, you can't just make up sizes.
Re: How to make a table that just changes an AOB and nothing more?
I didn't say anything about making up sizes, I'm saying that the AOB script does allow for a single-byte alteration with nothing else changed, so I was wondering if this 5-byte minimum concept only applies in the event of needing to declare a section in new memory. And in the event that a newmem jump is needed, if we need to pay attention to the code being overwritten in order to only change what we need and make sure we aren't overwriting too much.
The tutorials are a little scattered and it's hard to know where to start or which versions are the most up to date, but I'll go through the forum and read everything.
The tutorials are a little scattered and it's hard to know where to start or which versions are the most up to date, but I'll go through the forum and read everything.
Re: How to make a table that just changes an AOB and nothing more?
The 5-byte minimum is purely for Cheat Engines internal scanning feature. Anything less than 5-bytes will produce far too many results.
[Link] this will be an invaluable resource in understanding how Cheat Engine works. Not only are there a plethora of tutorials there, you have at your disposal information regarding pretty much every aspect of Cheat Engine.
[Link] this will be an invaluable resource in understanding how Cheat Engine works. Not only are there a plethora of tutorials there, you have at your disposal information regarding pretty much every aspect of Cheat Engine.
Re: How to make a table that just changes an AOB and nothing more?
Not to confuse the situation further. But I've recent started running into cases where a 14 byte jump is required in 64 bit .NET/Unity games. This is due to JIT compiles and where memory is allocated. Apparently CE 7.4 can now generate a 14 byte jump instruction from AA generator if you hold Ctrl key or something. Had to hand craft code for this a couple of times but its tricky to get right. If you going to replace 14+ bytes with a jump you need to likely search and restore all of those.
Granted this is not the normal case but I think table creators should be aware especially if users are complaining of crashes in Unity/.NET games.
Granted this is not the normal case but I think table creators should be aware especially if users are complaining of crashes in Unity/.NET games.
Who is online
Users browsing this forum: No registered users