carlAlex
10/6/2016 - 12:16 PM

ASM in Cheat Engine

ASM in Cheat Engine

Scripting
content_copyfile_download
registersymbol(TIME) - to accesss from wherever in CE
(now you can (when that script is active) "add address manually" and write TIME in address, it will find that area)

Writing in hex always, if you need (int)57

db - declare byte - "write this here"

(when manually checking for this array of bytes - check "writable" so its half filled)
aobscan(TIME, xx xx xx xx F2 xx xx)
aobscan(TIME, C7 05 ?? ?? ?? ?? 01 00 00 00) (some adds are not 00?? watch out for all "DYNAMIC" code..)
(if you do not + XX if will write at the first byte in the array - THIS IS HEX!!!! NUMBERS... 15 bytes away will be F!!)
TIME+4:
  db FF
  

[ENABLE]
stuff to do when enabled

[DISABLE]
stuff to do when disabling
Log info to a file
content_copyfile_download
[ENABLE] 
 aobscanmodule(FNV1Hasher_aob,mkke.exe,85 D2 76 14 8B 89 90 00 00 00) 
 registersymbol(FNV1Hasher_aob) 

 alloc(code,2048) 
 //places 
 label(LogHash) 
 label(LogHash_Return) 
 //data 
 label(FileName) 
 label(LogFormat) 
 label(LogLine) 
 label(DummyVariable) 



FNV1Hasher_aob-5: 
 jmp LogHash 
 LogHash_Return: 

 code: 
 LogHash: 
   pushad                    //save all registers 
   push dword [esp+2c]        //the hashed string 
   push esi                  //the hash 
   push LogFormat 
   push LogLine 
   call msvcrt.sprintf 
   mov ebx,eax //store the length of LogLine in ebx 
   add esp,10 //pop all sprintf's arguments 
   //open logfile 
   push 0 
   push 80 //FILE_ATTRIBUTE_NORMAL 
   push 4  //OPEN_ALWAYS 
   push 0 
   push 3 //FILE_SHARE_READ | FILE_SHARE_WRITE -> allow other programs to read and write 
   push C //GENERIC_READ | GENERIC_WRITE 
   push FileName 
   call CreateFileA 
   //move to its end 
   push eax //save the file handle 
   push 2 //FILE_END 
   push 0 
   push 0 
   push eax 
   call SetFilePointer 
   mov eax,dword [esp] //restore the file handle 
   //log the new line 
   push 0 
   push DummyVariable //lpNumberOfBytesWritten 
   push ebx 
   push LogLine 
   push eax 
   call WriteFile 
   //close the file 
   //pop eax //restore the file handle 
   //push eax 
   call CloseHandle 
   popad 

   //original code 
   MOV EDX,DWORD [ECX+24] 
   XOR EAX,EAX 
 jmp LogHash_Return 


 DummyVariable: 
 dd 0 
 FileName: 
 db 'FNV1Log.txt',00 
 LogFormat: 
 db '%.8X = %s',0d,0a,00 
 LogLine: 

 [DISABLE] 
FNV1Hasher_aob-5: 
 MOV EDX,DWORD [ECX+24] 
 XOR EAX,EAX 


 unregistersymbol(FNV1Hasher_aob) 
 dealloc(code)
CE Workflow
content_copyfile_download
Comments - "Table extras"

"Cheat engine settings" - Setup game exe - then "Tools - desiredGame"
CE Example
content_copyfile_download
[ENABLE]
assert(ballGlow+2,C6 47 18)
ballGlow:
  db 90 90 c6 47 18 01

[DISABLE]
ballGlow:
  db 90 90 c6 47 18 00



define(ballGlowDef,BallGloww:Update+22)

[ENABLE]
($lua)
LaunchMonoDataCollector()
($asm)
label(ballGlow)
registersymbol(ballGlow)

ballGlowDef:
ballGlow:
  db 74 04 c6 47 18 01

[DISABLE]
ballGlow:
  db 74 04 c6 47 18 01