Created
October 7, 2023 03:51
-
-
Save crabshank/379370f01f10ee9817895cf2e863ecff to your computer and use it in GitHub Desktop.
Scan for an aob after the breakpoint hits (Cheat Engine)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| local addr=getAddress('...') -- breakpoint address | |
| local cntr=1 | |
| local startAddress=0x7FF4E5E60000 | |
| local endAddress=0x7FFD4B08FFFF | |
| local aob='41 72 73 65 6E 61 6C' -- 'Arsenal' | |
| function onBp() | |
| debug_getContext(true) | |
| local memscan = createMemScan() | |
| memscan.firstScan( | |
| soExactValue, vtByteArray, nil, | |
| aob, nil, startAddress,endAddress, '', | |
| fsmNotAligned, '', true, true, false,false) | |
| memscan.waitTillDone() | |
| local foundlist = createFoundList(memscan) | |
| foundlist.initialize() | |
| local cnt=foundlist.Count | |
| if cnt>0 then | |
| local rss={} | |
| for j = 0, cnt - 1 do | |
| table.insert(rss,foundlist.Address[j]) | |
| end | |
| print(string.format('AOB found at %s\tRDX+10: %X',table.concat(rss,', '),(RDX+0x10))) | |
| debug_removeBreakpoint(addr) | |
| else | |
| print(string.format('#%d: No results!\tRDX+10: %X',cntr,(RDX+0x10))) | |
| end | |
| cntr=cntr+1 | |
| foundlist.destroy() | |
| memscan.destroy() | |
| end | |
| debug_setBreakpoint(addr,onBp) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment