How to make my pointer point a to static address, which change with game version update, in assembly script?
-
- Table Makers
- Posts: 212
- Joined: Mon May 08, 2017 3:34 pm
- Reputation: 144
How to make my pointer point a to static address, which change with game version update, in assembly script?
Hello, I'm trying to make a cheat for dominions 6.
It stores a value in static address. The address will change when game version updates, so I want to make a script search for it and work for many versions hopefully.
This is what I made, the scan, enable and disable part works, but I have no idea how to set the address to the pointer DPLAddr.
Please help me.
{ Game : Dominions6.exe
Version:
Date : 2024-02-01
Author : CannonFodder
This script does blah blah blah
}
[ENABLE]
aobscanmodule(DesignPointsLimitInject,Dominions6.exe,8B 05 ? ? ? ? 41 83 FD 02 0F 44 05 ? ? ? ? 89 05 ? ? ? ? 85 DB) // should be unique
alloc(newmem,$1000,DesignPointsLimitInject)
registersymbol(DPLAddr)
label(DPLAddr)
registersymbol(code)
label(code)
label(return)
newmem:
//db 8b 05
//readmem
code:
readmem(DesignPointsLimitInject,6)
//mov eax,[Dominions6.exe+3DE45008] //address change with game version, use readmem
//How can I make my pointer DPLAddr point to the static address???????
jmp return
DPLAddr:
dd 0
DesignPointsLimitInject:
jmp newmem
nop
return:
registersymbol(DesignPointsLimitInject)
[DISABLE]
DesignPointsLimitInject:
readmem(code,6)
//db 8B 05 E2 E0 BA 3D
unregistersymbol(DPLAddr)
unregistersymbol(DesignPointsLimitInject)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: Dominions6.exe+296F20
Dominions6.exe+296EF5: 45 8B F4 - mov r14d,r12d
Dominions6.exe+296EF8: 66 89 44 24 75 - mov [rsp+75],ax
Dominions6.exe+296EFD: 88 44 24 77 - mov [rsp+77],al
Dominions6.exe+296F01: 44 89 44 24 4C - mov [rsp+4C],r8d
Dominions6.exe+296F06: 89 54 24 48 - mov [rsp+48],edx
Dominions6.exe+296F0A: 89 74 24 40 - mov [rsp+40],esi
Dominions6.exe+296F0E: 44 89 64 24 44 - mov [rsp+44],r12d
Dominions6.exe+296F13: E8 F8 76 F7 FF - call Dominions6.exe+20E610
Dominions6.exe+296F18: 44 8B AD 90 1D 00 00 - mov r13d,[rbp+00001D90]
Dominions6.exe+296F1F: 90 - nop
// ---------- INJECTING HERE ----------
Dominions6.exe+296F20: 8B 05 E2 E0 BA 3D - mov eax,[Dominions6.exe+3DE45008]
// ---------- DONE INJECTING ----------
Dominions6.exe+296F26: 41 83 FD 02 - cmp r13d,02
Dominions6.exe+296F2A: 0F 44 05 D3 E0 BA 3D - cmove eax,[Dominions6.exe+3DE45004]
Dominions6.exe+296F31: 89 05 21 EB FE 11 - mov [Dominions6.exe+12285A58],eax
Dominions6.exe+296F37: 85 DB - test ebx,ebx
Dominions6.exe+296F39: 79 22 - jns Dominions6.exe+296F5D
Dominions6.exe+296F3B: 44 89 64 24 30 - mov [rsp+30],r12d
Dominions6.exe+296F40: 45 8B CC - mov r9d,r12d
Dominions6.exe+296F43: 89 74 24 28 - mov [rsp+28],esi
Dominions6.exe+296F47: 45 33 C0 - xor r8d,r8d
Dominions6.exe+296F4A: 33 D2 - xor edx,edx
}
It stores a value in static address. The address will change when game version updates, so I want to make a script search for it and work for many versions hopefully.
This is what I made, the scan, enable and disable part works, but I have no idea how to set the address to the pointer DPLAddr.
Please help me.
{ Game : Dominions6.exe
Version:
Date : 2024-02-01
Author : CannonFodder
This script does blah blah blah
}
[ENABLE]
aobscanmodule(DesignPointsLimitInject,Dominions6.exe,8B 05 ? ? ? ? 41 83 FD 02 0F 44 05 ? ? ? ? 89 05 ? ? ? ? 85 DB) // should be unique
alloc(newmem,$1000,DesignPointsLimitInject)
registersymbol(DPLAddr)
label(DPLAddr)
registersymbol(code)
label(code)
label(return)
newmem:
//db 8b 05
//readmem
code:
readmem(DesignPointsLimitInject,6)
//mov eax,[Dominions6.exe+3DE45008] //address change with game version, use readmem
//How can I make my pointer DPLAddr point to the static address???????
jmp return
DPLAddr:
dd 0
DesignPointsLimitInject:
jmp newmem
nop
return:
registersymbol(DesignPointsLimitInject)
[DISABLE]
DesignPointsLimitInject:
readmem(code,6)
//db 8B 05 E2 E0 BA 3D
unregistersymbol(DPLAddr)
unregistersymbol(DesignPointsLimitInject)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: Dominions6.exe+296F20
Dominions6.exe+296EF5: 45 8B F4 - mov r14d,r12d
Dominions6.exe+296EF8: 66 89 44 24 75 - mov [rsp+75],ax
Dominions6.exe+296EFD: 88 44 24 77 - mov [rsp+77],al
Dominions6.exe+296F01: 44 89 44 24 4C - mov [rsp+4C],r8d
Dominions6.exe+296F06: 89 54 24 48 - mov [rsp+48],edx
Dominions6.exe+296F0A: 89 74 24 40 - mov [rsp+40],esi
Dominions6.exe+296F0E: 44 89 64 24 44 - mov [rsp+44],r12d
Dominions6.exe+296F13: E8 F8 76 F7 FF - call Dominions6.exe+20E610
Dominions6.exe+296F18: 44 8B AD 90 1D 00 00 - mov r13d,[rbp+00001D90]
Dominions6.exe+296F1F: 90 - nop
// ---------- INJECTING HERE ----------
Dominions6.exe+296F20: 8B 05 E2 E0 BA 3D - mov eax,[Dominions6.exe+3DE45008]
// ---------- DONE INJECTING ----------
Dominions6.exe+296F26: 41 83 FD 02 - cmp r13d,02
Dominions6.exe+296F2A: 0F 44 05 D3 E0 BA 3D - cmove eax,[Dominions6.exe+3DE45004]
Dominions6.exe+296F31: 89 05 21 EB FE 11 - mov [Dominions6.exe+12285A58],eax
Dominions6.exe+296F37: 85 DB - test ebx,ebx
Dominions6.exe+296F39: 79 22 - jns Dominions6.exe+296F5D
Dominions6.exe+296F3B: 44 89 64 24 30 - mov [rsp+30],r12d
Dominions6.exe+296F40: 45 8B CC - mov r9d,r12d
Dominions6.exe+296F43: 89 74 24 28 - mov [rsp+28],esi
Dominions6.exe+296F47: 45 33 C0 - xor r8d,r8d
Dominions6.exe+296F4A: 33 D2 - xor edx,edx
}
Re: How to make my pointer point a to static address, which change with game version update, in assembly script?
^ check out my AC Valhalla table as example:
- open up Lua startup script and find 'getStaticAddr(...' (near the bottom)
(this is the routine I made to pick up (hardcoded offset) addresses.
- principle: since i do not like using wildcards in my aobs, the function is set up in this way that you can use a signature in proximity of that location (~ less likely to break by updates), and then just add the number of bytes (+/-) to get the actual opcode location
- CE's disassemble() will take care of the rest; basically collecting the proper address itself
(you do not need to worry about any offset calculations ~ which i did in the past (greyed out stuff))
=> you'll find an example in the main script (and many of my tables use it to collect that kind of info)
tip: enable the print statements so that you'll get a better understanding of what it does where/when...
Notes:
1. you can do this type of calcution in ASM as well btw
(I have done this in the past and plenty of tables around that perform this action as well ~ do not ask, I can't remember where/when)
=> though you'll find more tables using a Lua variant here... !
2. feel free to use this function; no problems (and/or adapt to your liking)
3. if the pointer remains pretty much the same during gameplay, then just use Lua (waaaaaaaaaay easier)
4. the function allows you to collect either the (initial) ptr address (in case it changes during gameplay ~ iow the address between them [xxx]), the actual (structure) pointer (the value of that [xxx] location) or the opcode address itself...
(depending on what you want to do with that info)
TIP 2: it is not always possible to get an "convenient" opcode close to that particular pointer info. Try this:
- go to start of the module (in Memory viewer)
- select [search - asm code]
- search for that address... and it will pick up/show all opcodes accessing that particular pointer
(more likely to happen if the address in question is important)
- use an opcode that better fits your needs...
- open up Lua startup script and find 'getStaticAddr(...' (near the bottom)
(this is the routine I made to pick up (hardcoded offset) addresses.
- principle: since i do not like using wildcards in my aobs, the function is set up in this way that you can use a signature in proximity of that location (~ less likely to break by updates), and then just add the number of bytes (+/-) to get the actual opcode location
- CE's disassemble() will take care of the rest; basically collecting the proper address itself
(you do not need to worry about any offset calculations ~ which i did in the past (greyed out stuff))
=> you'll find an example in the main script (and many of my tables use it to collect that kind of info)
tip: enable the print statements so that you'll get a better understanding of what it does where/when...
Notes:
1. you can do this type of calcution in ASM as well btw
(I have done this in the past and plenty of tables around that perform this action as well ~ do not ask, I can't remember where/when)
=> though you'll find more tables using a Lua variant here... !
2. feel free to use this function; no problems (and/or adapt to your liking)
3. if the pointer remains pretty much the same during gameplay, then just use Lua (waaaaaaaaaay easier)
4. the function allows you to collect either the (initial) ptr address (in case it changes during gameplay ~ iow the address between them [xxx]), the actual (structure) pointer (the value of that [xxx] location) or the opcode address itself...
(depending on what you want to do with that info)
TIP 2: it is not always possible to get an "convenient" opcode close to that particular pointer info. Try this:
- go to start of the module (in Memory viewer)
- select [search - asm code]
- search for that address... and it will pick up/show all opcodes accessing that particular pointer
(more likely to happen if the address in question is important)
- use an opcode that better fits your needs...
-
- Table Makers
- Posts: 212
- Joined: Mon May 08, 2017 3:34 pm
- Reputation: 144
Re: How to make my pointer point a to static address, which change with game version update, in assembly script?
Sorry for I have no knowledge of Lua, but I'll try to learn.
local addrProc = getStaticAddr(sCheckProc,0,"",3,startAddr,endAddr,sProtFlags)
function getStaticAddr(sAOB,nOffset,sBaseAddr,nEval,nStartMem,nEndMem,sFlags,bFoundList)
I found your Lua function but can't quite understand the parameters and return value.
What shall shall I pass into them?
local addrProc = getStaticAddr("Dominions6.exe",0,"",3,startAddr,endAddr,sProtFlags)
local addrProc = getStaticAddr("8B 05 ? ? ? ? 41 83 FD 02 0F 44 05 ? ? ? ? 89 05 ? ? ? ? 85 DB",0,"",3,startAddr,endAddr,sProtFlags)
And what does the return value mean?
Judge by the name, it returns the base address of a process? In my case the base address of Dominions6.exe?
local addrProc = getStaticAddr(sCheckProc,0,"",3,startAddr,endAddr,sProtFlags)
function getStaticAddr(sAOB,nOffset,sBaseAddr,nEval,nStartMem,nEndMem,sFlags,bFoundList)
I found your Lua function but can't quite understand the parameters and return value.
What shall shall I pass into them?
local addrProc = getStaticAddr("Dominions6.exe",0,"",3,startAddr,endAddr,sProtFlags)
local addrProc = getStaticAddr("8B 05 ? ? ? ? 41 83 FD 02 0F 44 05 ? ? ? ? 89 05 ? ? ? ? 85 DB",0,"",3,startAddr,endAddr,sProtFlags)
And what does the return value mean?
Judge by the name, it returns the base address of a process? In my case the base address of Dominions6.exe?
Re: How to make my pointer point a to static address, which change with game version update, in assembly script?
(Google translation)
Use instruction bytes containing a static address.
This is the assembly code from your example. Pay attention to the highlighted areas.
If you take the allocated bytes from the first instruction and add them to the allocated offset of the next instruction, you will get the offset of the address you need.Dominions6.exe+296F20: 8B 05 E2 E0 BA 3D - mov eax,[Dominions6.exe+3DE45008]
// ---------- DONE INJECTING ----------
Dominions6.exe+296F26: 41 83 FD 02 - cmp r13d,02
Bytes allocated: E2 E0 BA 3D = 0x3DBAE0E2
Next instruction offset: 0x296F26
Result: 0x3DBAE0E2 + 0x296F26 = 3DE45008
Let's check it using the following instructions from your example.
Bytes allocated: D3 E0 BA 3D = 0x3DBAE0D3Dominions6.exe+296F2A: 0F 44 05 D3 E0 BA 3D - cmove eax,[Dominions6.exe+3DE45004]
Dominions6.exe+296F31: 89 05 21 EB FE 11 - mov [Dominions6.exe+12285A58],eax
Next instruction offset: 0x296F31
Result: 0x3DBAE0D3 + 0x296F31 = 3DE45004
Sorry for bad English, hope you understood my explanations.
Re: How to make my pointer point a to static address, which change with game version update, in assembly script?
first off: #AlexS is correct based on his explanation. I haven't done this for quite awhile so...
As for my function:
****
1. copy that function in the lua start up script (you can also place it in the same script as your asm script btw)
> if you place it in the lua start up, you must allow to execute... !
> if in the asm script itself, just copy the fn right below the {$lua} tag (see below)
2. add following to the 'lua section' of your asm script:
(better yet, create a new "blank" script and just copy/paste following below in there...
3. enable the script, then - via memViewer - goto 'pMyPointer' location in lower window; and it should give you your address...
4. if everything works out well, then add it to your actual script...
Note: Lua code will always be executed first, which is why your asm script can use its info thereafter !
****
[ENABLE]
{$lua}
-- initializes your ptr_var ~ "similar" to registerSymbol + alloc()
unregisterSymbol("pMyPointer")
if not getAddressSafe("pMyPointer") then registerSymbol("pMyPointer", allocateMemory(8)) end
-- assuming that following signature is unique (i'm avoiding them offset opcodes here)
local sAOB = "44 89 64 24 30 45 8B CC 89 74 24 28"
-- the actual opcode_start_byte you want sits 27 bytes above this location...
-- > I do this to avoid wildcards, but 'rsp' references are not "great" either
-- > You can obviously use your current sig; in that case use '0' as count (instead of 27)
-- > 2 = the found address will be written to "pMyPointer" (is done inside that function); basically '[Dominions6.exe+3DE45008]'
-- > 0 = 'Dominions6.exe+3DE45008' will be written to "pMyPointer" (your pick depending on how that value behaves during gameplay)
-- > (in my experience, 2 = good in 95% of the cases)
getStaticAddr(sAOB,27,"pMyPointer",2)
{$asm}
// (your asm script here)
[DISABLE]
****
notes:
a. i've done some copy/pasting but obviously no "live testing"; so it might return some syntax error
b. if fn is added to lua startup, better save/quit and then reload...
c. placing '--' in front of some code basically comments it out (similar to '//' in asm)
PS: I only started using Lua 3-5 years into tablemaking; so no surprise on my end
As for my function:
****
1. copy that function in the lua start up script (you can also place it in the same script as your asm script btw)
> if you place it in the lua start up, you must allow to execute... !
> if in the asm script itself, just copy the fn right below the {$lua} tag (see below)
2. add following to the 'lua section' of your asm script:
(better yet, create a new "blank" script and just copy/paste following below in there...
3. enable the script, then - via memViewer - goto 'pMyPointer' location in lower window; and it should give you your address...
4. if everything works out well, then add it to your actual script...
Note: Lua code will always be executed first, which is why your asm script can use its info thereafter !
****
[ENABLE]
{$lua}
-- initializes your ptr_var ~ "similar" to registerSymbol + alloc()
unregisterSymbol("pMyPointer")
if not getAddressSafe("pMyPointer") then registerSymbol("pMyPointer", allocateMemory(8)) end
-- assuming that following signature is unique (i'm avoiding them offset opcodes here)
local sAOB = "44 89 64 24 30 45 8B CC 89 74 24 28"
-- the actual opcode_start_byte you want sits 27 bytes above this location...
-- > I do this to avoid wildcards, but 'rsp' references are not "great" either
-- > You can obviously use your current sig; in that case use '0' as count (instead of 27)
-- > 2 = the found address will be written to "pMyPointer" (is done inside that function); basically '[Dominions6.exe+3DE45008]'
-- > 0 = 'Dominions6.exe+3DE45008' will be written to "pMyPointer" (your pick depending on how that value behaves during gameplay)
-- > (in my experience, 2 = good in 95% of the cases)
getStaticAddr(sAOB,27,"pMyPointer",2)
{$asm}
// (your asm script here)
[DISABLE]
****
notes:
a. i've done some copy/pasting but obviously no "live testing"; so it might return some syntax error
b. if fn is added to lua startup, better save/quit and then reload...
c. placing '--' in front of some code basically comments it out (similar to '//' in asm)
PS: I only started using Lua 3-5 years into tablemaking; so no surprise on my end
-
- Table Makers
- Posts: 212
- Joined: Mon May 08, 2017 3:34 pm
- Reputation: 144
Re: How to make my pointer point a to static address, which change with game version update, in assembly script?
I made the asm solution successfully thanks to the instruction from AlexS.
Now trying to get the lua solution done.
I put the function in the script enable part.
getStaticAddr(sAOB,0,"dplLuaAddr",0)
result:
dplLuaAddr address
1EB034C0000
value
600
getStaticAddr(sAOB,0,"dplLuaAddr",2)
result:
dplLuaAddr address
1EB034E0000
value
600
actual:
Dominions6.exe+3DE45008
address
7FF66FD25008
value
600
It seems the function reads the value from [Dominions6.exe+3DE45008] instead of the address of Dominions6.exe+3DE45008?
What's wrong?
Now trying to get the lua solution done.
I put the function in the script enable part.
getStaticAddr(sAOB,0,"dplLuaAddr",0)
result:
dplLuaAddr address
1EB034C0000
value
600
getStaticAddr(sAOB,0,"dplLuaAddr",2)
result:
dplLuaAddr address
1EB034E0000
value
600
actual:
Dominions6.exe+3DE45008
address
7FF66FD25008
value
600
It seems the function reads the value from [Dominions6.exe+3DE45008] instead of the address of Dominions6.exe+3DE45008?
What's wrong?
Re: How to make my pointer point a to static address, which change with game version update, in assembly script?
^ upload table with script you've made and pm link or add to above post; and I'll have a look.
+: get me prtscrn of the memViewer with a) the opcode showing b) the 'edit opcode' window showing the actual ptr value
(mov eax,[???]') ?
=> depending on the option taken, you'll have to:
> 2: just add an entry_ptr referencing 'dplLuaAddr'
> 0: add an additional 0+offset line
+: get me prtscrn of the memViewer with a) the opcode showing b) the 'edit opcode' window showing the actual ptr value
(mov eax,[???]') ?
=> depending on the option taken, you'll have to:
> 2: just add an entry_ptr referencing 'dplLuaAddr'
> 0: add an additional 0+offset line
-
- Table Makers
- Posts: 212
- Joined: Mon May 08, 2017 3:34 pm
- Reputation: 144
Re: How to make my pointer point a to static address, which change with game version update, in assembly script?
viewtopic.php?f=2&t=27375&p=332826#p332826
this is the table I made
the lua option fail to work is Get Design Points Limit LUA (WIP)
the entry is hidden under the script group
the actual static address is:
Dominions6.exe+296F20 - mov eax,[Dominions6.exe+3DE45008]
mov eax,[7FF66FD25008]
7FF66FD25008
this is the table I made
the lua option fail to work is Get Design Points Limit LUA (WIP)
the entry is hidden under the script group
the actual static address is:
Dominions6.exe+296F20 - mov eax,[Dominions6.exe+3DE45008]
mov eax,[7FF66FD25008]
7FF66FD25008
Re: How to make my pointer point a to static address, which change with game version update, in assembly script?
^ if you want the address between brackets [] (= 7FF66FD25008) then you select option '0'... which should return that address (but you've seem to have tried that already based on your feedback earlier ?!).
some more info on the function:
* createMemScan(false) == aobscan using GUI (all them properties you can set there can be defined here as well ~ eg start/end mem_address)
> i'm doing a 'scan.getOnlyResult()', which practically means it will take the 1st result it finds... which will be placed in 'addrStruct'
(if you remove the '--' in front of the print_statement right before the 'if' then it'll show you that - in this case - opcode address)
=> disassemble(addrStruct): basically does precisely the same as you double-clicking that opcode; and returns it as a string
(see your post above, being 'mov eax,[7FF66FD25008]')
=> the 'match' method will get the info between them brackets '[7FFxxxxx]'; which - being string - needs to be converted to a number
=> just below: if you selected '2', it will get the pointer_value (being [7FF66FD25008]) (if '0', it should return '7FF66FD25008')
('3' i consider a special case)
=> and finally it writes that (ptr) value to the defined symboladdress...
ps: I did a quick search on that game (it is about 300 MB, right ?); seems a repack can be grabbed somewhere. when back home, I'll try to get my hands on one. If you could upload a save and pm link, would be swell...
some more info on the function:
* createMemScan(false) == aobscan using GUI (all them properties you can set there can be defined here as well ~ eg start/end mem_address)
> i'm doing a 'scan.getOnlyResult()', which practically means it will take the 1st result it finds... which will be placed in 'addrStruct'
(if you remove the '--' in front of the print_statement right before the 'if' then it'll show you that - in this case - opcode address)
=> disassemble(addrStruct): basically does precisely the same as you double-clicking that opcode; and returns it as a string
(see your post above, being 'mov eax,[7FF66FD25008]')
=> the 'match' method will get the info between them brackets '[7FFxxxxx]'; which - being string - needs to be converted to a number
=> just below: if you selected '2', it will get the pointer_value (being [7FF66FD25008]) (if '0', it should return '7FF66FD25008')
('3' i consider a special case)
=> and finally it writes that (ptr) value to the defined symboladdress...
ps: I did a quick search on that game (it is about 300 MB, right ?); seems a repack can be grabbed somewhere. when back home, I'll try to get my hands on one. If you could upload a save and pm link, would be swell...
-
- Table Makers
- Posts: 212
- Joined: Mon May 08, 2017 3:34 pm
- Reputation: 144
Re: How to make my pointer point a to static address, which change with game version update, in assembly script?
yes, it's about 350mb
I downloaded version 6.03 from some repack site too.
The save file is unnecessary, the address stores god design points limit, which is accessed when you create a new game.
I myself is on turn 2 right now.
I downloaded version 6.03 from some repack site too.
The save file is unnecessary, the address stores god design points limit, which is accessed when you create a new game.
I myself is on turn 2 right now.
Re: How to make my pointer point a to static address, which change with game version update, in assembly script?
^ a picture replaces a 1000 words (or so) : [ [Link] ]
anywho: you did everything correct. the only thing I did in this particular situation is opting for '0'; which gets you that '7FFxxx' address. I think you got confused with the mem_address allocated to the registerSymbol here ?!
And I tend to use the "pointer syntax": if that 7FF... address somehow gets erased/changed/become_invalid (or the symbol itself for that matter), CE will usually detect this and show '??'. Which is important for values that are locked by the user: CE will try to write to that memory if still "valid", which can cause crashes if that memory has been used again for some other data(structure)...
ps: if something is still unclear in that pic, do ask...
anywho: you did everything correct. the only thing I did in this particular situation is opting for '0'; which gets you that '7FFxxx' address. I think you got confused with the mem_address allocated to the registerSymbol here ?!
And I tend to use the "pointer syntax": if that 7FF... address somehow gets erased/changed/become_invalid (or the symbol itself for that matter), CE will usually detect this and show '??'. Which is important for values that are locked by the user: CE will try to write to that memory if still "valid", which can cause crashes if that memory has been used again for some other data(structure)...
ps: if something is still unclear in that pic, do ask...
-
- Table Makers
- Posts: 212
- Joined: Mon May 08, 2017 3:34 pm
- Reputation: 144
Re: How to make my pointer point a to static address, which change with game version update, in assembly script?
Thank you for you help!
I did tried to change to pointer, but it was when I use getStaticAddr(sAOB,0,"dplLuaAddr",2), thus I didn't get the right address and got confused before.
I did tried to change to pointer, but it was when I use getStaticAddr(sAOB,0,"dplLuaAddr",2), thus I didn't get the right address and got confused before.
Re: How to make my pointer point a to static address, which change with game version update, in assembly script?
^ glad i could help.
To recap (if you plan to use this function more)
a. 2 = get pointer (to some struct ~ most cases)
b. 0 = get address of some system_info (typical: FOV, daytime, console_vars, etc)
c. 3 = get opcode location itself (which is returned ~ local addrOpcode = getStaticAddr() - rather exceptional: e.g.stack_return verification)
d. nStartMem,nEndMem = when aobscan is really slow you can speed up search by limiting its memory_range
(just like you can do via the GUI - typical situation: a "preloader" game_exe with actual gamecode in DLL)
e. sFlags = when aobscan needs different protection flags to return results (typical: you have to set 'Writable' enabled)
f. bFoundList = only used this once/twice: the lua variant did not return a result while the gui did.
(upon checking the 'foundlist' it did have that address ~ surely I needed to set some of the other params properly ?!)
For completeness sake: (see #AlexS above)
in x32 games, you do not need to perform any calculations on that (4-byte) hexvalue (asm--wise) as it returns you the actual address you want. (i should test/verify this though )
And finally, something I always do for this type of info: [ [Link] ] (I normally let it run for about 5 mins)
(it will/can allow you to choose for a "better" opcode location, less prune to fail by updates)
=> if you get "plenty" of results returned, then that is usually a good indication about the value's importance...
To recap (if you plan to use this function more)
a. 2 = get pointer (to some struct ~ most cases)
b. 0 = get address of some system_info (typical: FOV, daytime, console_vars, etc)
c. 3 = get opcode location itself (which is returned ~ local addrOpcode = getStaticAddr() - rather exceptional: e.g.stack_return verification)
d. nStartMem,nEndMem = when aobscan is really slow you can speed up search by limiting its memory_range
(just like you can do via the GUI - typical situation: a "preloader" game_exe with actual gamecode in DLL)
e. sFlags = when aobscan needs different protection flags to return results (typical: you have to set 'Writable' enabled)
f. bFoundList = only used this once/twice: the lua variant did not return a result while the gui did.
(upon checking the 'foundlist' it did have that address ~ surely I needed to set some of the other params properly ?!)
For completeness sake: (see #AlexS above)
in x32 games, you do not need to perform any calculations on that (4-byte) hexvalue (asm--wise) as it returns you the actual address you want. (i should test/verify this though )
And finally, something I always do for this type of info: [ [Link] ] (I normally let it run for about 5 mins)
(it will/can allow you to choose for a "better" opcode location, less prune to fail by updates)
=> if you get "plenty" of results returned, then that is usually a good indication about the value's importance...
Last edited by Paul44 on Sat Feb 03, 2024 4:53 pm, edited 1 time in total.
-
- Table Makers
- Posts: 212
- Joined: Mon May 08, 2017 3:34 pm
- Reputation: 144
Re: How to make my pointer point a to static address, which change with game version update, in assembly script?
What's the scan feature you used in your pic? I can't find it.
dominions 6 is x64 program, I think your function returned the correct 8 bytes address of 7FF66FD25008?
Do you mean if the offset of Dominions6.exe+3DE45008 is larger than 4 bytes, like Dominions6.exe+112233443DE45008, your function may return wrong address?
dominions 6 is x64 program, I think your function returned the correct 8 bytes address of 7FF66FD25008?
Do you mean if the offset of Dominions6.exe+3DE45008 is larger than 4 bytes, like Dominions6.exe+112233443DE45008, your function may return wrong address?
Re: How to make my pointer point a to static address, which change with game version update, in assembly script?
I've updated the pic in my prev post. How to proceed:
1. goto start of game_exe/module: I always goto '$process', using right-click option (unless you need to work in a DLL)
2. then select that search option, just fill in that address - between [ ] here - in the new window
3. when the search starts, it'll show you that progress window...
as for you Q: no. check the function again: i'm not doing ANY calculations there (I used to do that ~ the greyed part, which basically did what #AlexS explained earlier), as the 'disassemble()' takes care of that. Just make sure you always get the location of the 1st byte of your opcode instruction, so it'll disassemble them bytes correctly...
1. goto start of game_exe/module: I always goto '$process', using right-click option (unless you need to work in a DLL)
2. then select that search option, just fill in that address - between [ ] here - in the new window
3. when the search starts, it'll show you that progress window...
as for you Q: no. check the function again: i'm not doing ANY calculations there (I used to do that ~ the greyed part, which basically did what #AlexS explained earlier), as the 'disassemble()' takes care of that. Just make sure you always get the location of the 1st byte of your opcode instruction, so it'll disassemble them bytes correctly...
Who is online
Users browsing this forum: risky_g_1