Executing Function in The Forest crashes Game

Post by **Bloodybone** » Mon May 14, 2018 9:38 pm

So my Problem is that if I execute an function in the Game crashes the Game

Example:

[CODE=cea][ENABLE]

alloc(thread,248)

createthread(thread)

registersymbol(thread)

label(jump1)

label(jump2)

label(jump3)

thread:

push rbp

mov rbp,rsp

push rsi

sub rsp,08 { 8 }

mov rsi,rcx

movzx eax,byte ptr [rsi+000000C4]

test eax,eax

jne jump1

mov byte ptr [rsi+000000C4],01 { 1 }

jmp jump2

jump1:

movzx eax,byte ptr [rsi+000000C5]

test eax,eax

jne jump3

mov byte ptr [rsi+000000C5],01 { 1 }

jmp jump2

jump3:

mov byte ptr [rsi+000000C4],00 { 0 }

mov byte ptr [rsi+000000C5],00 { 0 }

jump2:

mov rcx,rsi

sub rsp,20 { 32 }

mov r11,0000000008DC10A0 { [98EF5BE8] }

call r11

add rsp,20 { 32 }

mov rsi,[rbp-08]

leave

ret

[DISABLE][/CODE]

The thing that function should do is toggle an Overlay that you can toggle with the specific debug command but I want it to be toogled through this script but when I activate it, it just crashes the game. I also tried some other functions and they all crash the game too. Therefore I think I'm doing something wrong.

TimFun13 · Post by **TimFun13** » Mon May 14, 2018 10:08 pm

What values are you PUSHing to the stack?

I think you need to figure out what arguments the function needs and PUSH those to the stack.

FreeER · Post by **FreeER** » Mon May 14, 2018 10:26 pm

iirc that game uses mono and you have to attach the thread to mono see [URL='https://forum.cheatengine.org/viewtopic.php?p=5722879&sid=dbe80103f49836a7f0c272e5a2bee44a#5722879']DBs comment here[/URL]

Though it also looks like you just copy-pasted a function and expect it to work without actually setting the expected arguments in registers or pushing a return address on the stack (it [I]expects [/I]to be [B]call[/B]ed after all, not simply run).

Post by **Bloodybone** » Mon May 14, 2018 11:00 pm

[QUOTE="FreeER, post: 45947, member: 980"]iirc that game uses mono and you have to attach the thread to mono see [URL='https://forum.cheatengine.org/viewtopic.php?p=5722879&sid=dbe80103f49836a7f0c272e5a2bee44a#5722879']DBs comment here[/URL]

Though it also looks like you just copy-pasted a function and expect it to work without actually setting the expected arguments in registers or pushing a return address on the stack (it [I]expects [/I]to be [B]call[/B]ed after all, not simply run).[/QUOTE]

I don't really know how I can attach the thread to mono. I've never done anything similar to this before and therefore I'm a noob in this kind of Stuff. And yes I just copy-pasted the function.

Post by **SunBeam** » Tue May 15, 2018 7:32 am

See my [B]BattleTech[/B] table [URL='https://fearlessrevolution.com/threads/battletech.6603/page-12#post-45978']here[/URL]. Check [I]Cheat Handler[/I] script; that's how you attach/detach. Also, I highly doubt this is valid every time you open the game:

[code=CEA]

mov r11,0000000008DC10A0 { [98EF5BE8] }

[/code]

Post by **Bloodybone** » Tue May 15, 2018 11:49 am

[QUOTE="SunBeam, post: 45983, member: 12587"]See my [B]BattleTech[/B] table [URL='https://fearlessrevolution.com/threads/battletech.6603/page-12#post-45978']here[/URL]. Check [I]Cheat Handler[/I] script; that's how you attach/detach. Also, I highly doubt this is valid every time you open the game:

[code=CEA]

mov r11,0000000008DC10A0 { [98EF5BE8] }

[/code][/QUOTE]

Ok that should work thanks but I still have one question: What does the "@@:" and the "short @f" mean?

Post by **SunBeam** » Tue May 15, 2018 12:21 pm

"@@" is a generic label; doesn't stand for anything, it's just used so "je short @f" knows where to hop to. JE will hop to @@ label; @f = forward; @b = backwards. Keep in mind @f/@b will jump to first encountered label, even if it's not @@.

Post by **Bloodybone** » Tue May 15, 2018 12:28 pm

[QUOTE="SunBeam, post: 46000, member: 12587"]"@@" is a generic label; doesn't stand for anything, it's just used so "je short @f" knows where to hop to. JE will hop to @@ label; @f = forward; @b = backwards. Keep in mind @f/@b will jump to first encountered label, even if it's not @@.[/QUOTE]

Oh ok thanks :)

1526388402

I still have another little question: In your Script you have for exaple "GodMode_do" and I wan't to know if that is the function that you find if you search for it in mono or if it is a made up name because the Script has to know where it has to call so thats what I think.

Edit: I found it out but under "ToggleEnableConsole_do:", how did you find out what you had to put there like what I don't under stand is:

[CODE=cea]mov cl,al

test cl,cl

sete cl[/CODE]

FearLess Cheat Engine