Open pivot85 opened 3 months ago
kaijia2022
commented
3 months ago It appears like cheat engine is treating the address pointed to as 32 bit again.
Dissect data/structure in the DMA plugin
vs Dissect data/structure in normal cheat engine.
The addresses are correct but truncated.
I'll look into it, in the meantime, you can use my ReClass.net plugin for dissecting data structures.
metahumanflash
commented
3 months ago I have no idea if this is related. But doing this fixes the issue for me although it is a bit tedious https://www.youtube.com/watch?v=KySmJfnUHFY
some aob scripts are actually functional as well after this which never worked before
kaijia2022
commented
3 months ago This video is for resolving module enumeration, and module enumeration works fine in my plugin.
I have already identified the problem causing the incorrect pointer display in Dissect data/structure, but it is gonna take me a while to find a good solution.
kaijia2022
commented
3 months ago The issue is fixed, check out the new release
pivot85
commented
3 months ago thank you so much for fixing i will test it and reply soon
pivot85
commented
3 months ago @kaijia2022 I tested it and found another issue related to dissecting data/structure. I am testing on AssultCube .
Original Cheat Engine
DMA Cheat Engine
on the original CE, we found the offset description "Pointer to an instance of botnet" and on DMA we didn't also, I am testing on the same address "0091FE10" and the original CE guessed pointers and DMA didn't
metahumanflash
commented
3 months ago I tried the same CE table with the new update. IT still doesn't work. And I tried that video to paste the corrected lua stuff and Now that doesn't even work. I have to use this version and that method for the ce table to work...
kaijia2022
commented
3 months ago @pivot85 Thank you for the feedback, it appears there like is some issue with getting nested child structures. I'll look into it.
@metahumanflash what do you mean by CE table? This plugin has correct module enumeration, you can check it in Memory View -> View -> Enumerate DLLs and Symbols. you don't need to paste any lua scripts.
metahumanflash
commented
3 months ago @pivot85 Thank you for the feedback, it appears there like is some issue with getting nested child structures. I'll look into it.
@metahumanflash what do you mean by CE table? This plugin has correct module enumeration, you can check it in Memory View -> View -> Enumerate DLLs and Symbols. you don't need to paste any lua scripts.
im testing this https://fearlessrevolution.com/viewtopic.php?t=4711
for DOOM 3 on steam.
The CE table does not work unless i use your 1.0 Plugin
then follow the video instruxtions and paste the lua commands. Then all of a sudden everything works. The latest update released doesn't fix the table working but now the lua commands dont fix the table.
That is what i mean.
kaijia2022
commented
3 months ago I see, I am not sure what is causing the problem yet as I only made some minor changes in the latest release, the plugin itself should not hinder you from executing other lua scripts. I might take a look at it when I have spare time, however no promises.
This plugin is intended as a Read only tool to help people reverse programs via DMA. If you want to execute cheat scripts and write to process memory, you might as well use the original cheat engine, it is way faster.
metahumanflash
commented
3 months ago I see, I am not sure what is causing the problem yet as I only made some minor changes in the latest release, the plugin itself should not hinder you from executing other lua scripts. I might take a look at it when I have spare time, however no promises.
This plugin is intended as a Read only tool to help people reverse programs via DMA. If you want to execute cheat scripts and write to process memory, you might as well use the original cheat engine, it is way faster.
Most people use the DMA version of Cheat Engine due to anti-cheat measures. I used Doom 3 merely as an example, but the tool should work with any program, assuming the read capabilities work.
Would the CE table's inability to detect a value or array of bytes be a valid demonstration of what needs to be fixed for the reads to become accurate regardless of purpose, such as reversing?
kaijia2022
commented
3 months ago kaijia2022
commented
3 months ago @pivot85 Expanding child structures is now available.
However, it is really slow, the thread might freeze when you click on the expand arrow (wait for it and eventually it will resolve). I would still strongly recommend using other dissect tools, like Reclass.net.
Also, since it is an auto type guess, it is not uncommon to have false negatives. if a value is interpreted as 4 bytes but is actually a pointer, you'll just have to manually change the type.
pivot85
commented
3 months ago @pivot85 Expanding child structures is now available.
However, it is really slow, the thread might freeze when you click on the expand arrow (wait for it and eventually it will resolve). I would still strongly recommend using other dissect tools, like Reclass.net.
Also, since it is an auto type guess, it is not uncommon to have false negatives. if a value is interpreted as 4 bytes but is actually a pointer, you'll just have to manually change the type.
Thank you for the update. instead of expanding the pointer by pressing the arrow ,you can just right click and select define pointer(you can press CTRL+ALT+P) .
when I use the dissect data structure tool the auto guess type fails to get pointers I get all other types except pointers sometimes it does get pointers. I tested another DMA plugin and when I use the dissect data structure tool it guesses the pointer type correctly but it has an issue that it doesn't have the pointer scan feature.