Search the Community
Showing results for 'Chainer script'.
-
Use script chainer
-
That's not my script. You changed the search string and added your own string in it. It's also not how you implement it in the chainer and removed the function to i guess? Also i did not read the full chainer script which was very big mistake of me, so i did not knew you needed to load results in order for it to work. I do now. So will implement the function in the chainer script.
-
You Mean Pasting The Whole lua Created By Chainer Inside Your Script Under A Function and do gg.getResult and edit? The Chainer Script worked so smooth like i had to wait for 2 minutes after everymatch for group search to complete To Get Me My Players X,Z,Y now its 0.5seconds with chainer.
-
and other thing good for pointers help this great tool script Chainer (#9qju1cat)
-
This using that chainer script? I haven't tried using it yet. It gives offsets on lib file for modify register?
-
@Enyby Sir......I love pointer chainer script a lot. Though it is still in beta its so powerful. There are some features I want in future version of script. As example, I will use chainer script for a desire address(Let script be depth-3 and offset-2560). I will get 100 chainers. The chainer i want is also included in these pointer chains. But i dont know exactly which one. And I will exit from game and play and search again desire address manually. Then use chainer script again(depth-3 and offset-2560) And I will compare first script and second script. Then only the same pointer chains will be restored as a newer third script. Is it possible sir? Even above content is impossible. There is still a feature I want. That is- Run the result script. And i will get desire value and to show or print the chains of pointer of the loaded value. Please sir. I love to know your magic.
-
Version 0.2
15,366 downloads
Script to search for chains of pointers. Beta version. The script searches for pointer chains with a given depth and maximum offset to the .data or .bss regions. For found chains, you can generate a script that will restore the search results for these chains. Video: Chainer: search and restore pointers chains - GameGuardian (#8cfynel1) https://gameguardian.net/forum/search/?q=chainer&type=gallery_image&nodes=2 -
View File Chainer Script to search for chains of pointers. Beta version. The script searches for pointer chains with a given depth and maximum offset to the .data or .bss regions. For found chains, you can generate a script that will restore the search results for these chains. Video: Chainer: search and restore pointers chains - GameGuardian (#8cfynel1) https://gameguardian.net/forum/search/?q=chainer&type=gallery_image&nodes=2 Submitter Enyby Submitted 06/17/2019 Category Tools
-
so you dont save the script with chainer just go and create a new script with the found chain? also can you remove the unnecessary codes of arch and arm and package verifications from a script i saved from the chainer. btw i learnt how to use offsets and pointers from u in one day i just posted the script in the help forums so someone can help remove them
-
I only edited part of the chainer script since i dunno which part are used in the script. But i guess the issue is with the getRanges() function since you have to input the path name to get right executable.
-
Script with search & refine works slowly. Use offsets. For example, you can use this script. Chainer (#5v56mdy1) How to use this data in your scripts, is described here How to used offset (#5llshhib)
-
Chainer: search and restore pointers chains - GameGuardian
saiaapiz commented on Enyby's gallery image in Video Tutorials
-
It's just a group search. Dunno if chainer is suitable. A script can be made for it or field offset finder. It's class is JourneyProgress and field name numberOfCompleted. Has offset 18 bytes on 64bit.
-
Smash Hit - hack balls - chainer - GameGuardian
Marks01 commented on Enyby's gallery image in Video Tutorials
-
f***, it works!!! the problem however is that not many will be able to copy the library into the /data/app directory on Android, so I can't use the chainer for scripts. half a victory for now, thank you very much
-
The subtraction operation is fast. Run this script and see how long it takes to run. Usually it takes a lot of time to search, you need to search HEX numbers, or use chainer How to use chainer local time = {} local addressA = 0xA7B26F2C local addressB = 0xA7B2A774 time[1] = os.clock() local offsetAB = addressB - addressA time[2] = os.clock()-time[1] local t = string.format("%.3f",time[2]) gg.alert('OffsetAB is : ' ..string.format("0x%2X",offsetAB) ..'\nRuntime: ' ..t ..' seconds')
-
This function has been later made available as part of GG public API - searchPointer. "gg.internal3" and "gg.searchPointer" are exactly the same function, it's just that it was first an experiment, so started as internal function. By the time of last update of chainer script, "searchPointer" function hasn't existed yet, that's why it isn't used there.
-
Hello @Enyby for now i have a suggestion for chainer .lua script and i think it would help to determine correct offsets. what you should improve is to add ability to manually select the chains and save to script. instead of saving all the chains to script. Option to manually select chains. And If you want an explaination on why that would be helpful tell me. But adding option to select chains will Help us a lot.Thnx
-
@nok1a thanks for your help, I solved the problem, the chainer is working now. now I just have to do some tests to select the right range in the scripts. unfortunately searching for a string takes too long, so I will directly use a getValues() to test for a known value. I'd say the problem is solved, thanks everyone! chainer.rrnolib.lua
-
You mean like pointer scan in cheat engine? may be this one https://gameguardian.net/forum/search/?&q=Chainer script&search_and_or=or If you dont want base address and do want play around pointers, use BadCase method. Its enough and useful.And yeah whatever method you choose you'll deal with offsets.
-
Personally with my current knowledge on the topic i just think that finding some unique values in the executable is enough. Search unique value. Then call gg.getRangesList(). All ranges will be displayed with there start and end address. In my case i know that the UTF8 string "libRealRacing3.so" resides in the Xa region of the executable. So i just search it and then get the first address of that char. So i know that's the right executable. But since lack of infomration on what your script does i adjusted my function getLib() for it to work with getRanges() by calling gg.getRangeList() to obtain the start address of the executable in which the string i just searched is located. Since the getRanges() function expects a table from gg.getRangeList(). Then knowing that the executable is divided in to 4 segments but the chainer only will take the first segment that includes the "w" permission i just increment the table i took from gg.getRangeList() by 3 since the third segment is the one the chainer use since it has the "w" permission. I test on 2 emulators that are 32 bit and on the 64 bit as well. Both worked. And as you can see in the post of Game lib (#c64p69nw) It worked for Count_Nosferatu after executing the script as expected.
-
First of all,you must know how to search pointer chain to understand what i used. Offsets are distances between two address. Chainer: search and restore pointers chains - GameGuardian (#8cfynel1) Smash Hit - hack balls - chainer - GameGuardian (#6rcez8q4) After checked above,here is test apk of enyby to train some pointer. https://gameguardian.net/forum/applications/core/interface/file/attachment.php?id=11509 I used multipointer level 4 in growpia game. libgrowtopia.so:bss + 0x6E0 --> +0x120 --> +0x58 --> +0xFC --> +0xE0 In this case, (-->) means goto pointer. 0x120 and 0x58 etc are offsets from pointing address. In the end, after adding offset E0,the result address is what you want or change as you like. It will take a time by manually. So make script to be fast progress. It may confused to u. Slowly learn them.
-
On the limitation on pointer level of the Chainer script, I recently (re)discovered a method for faster pointer scanning here by Guided Hacking using Cheat Engine coupled with the Cheat Engine server to scan over network (installation here) I managed perform a 6-level scan pointer on a potato laptop with Nox (yes, Nox, the emulator) as a target (set up Network Bride first). It's a bit buggy on the Cheat Engine side and slow but it does the job. I'd recommend this approach as a final resort but hey, if it works it works.
-
Not sure which part of the chainer script that has been included in the script, but i modified the getRanges() function little bit. function getLib() gg.setRanges(gg.REGION_CODE_APP) gg.searchNumber(":libRealRacing3.so", gg.TYPE_BYTE) local a = gg.getResults(1) gg.clearResults() local t = gg.getRangesList() local startAddress = {} for i, v in ipairs(t) do if ((a[1].address > v["start"]) and (a[1].address < v["end"])) then startAddress = {t[i], t[i+1], t[i+2]} end end return startAddress end function getRanges() local archs = {[0x3] = 'x86', [0x28] = 'ARM', [0x3E] = 'x86-64', [0xB7] = 'AArch64'} local ranges = {} local t = getLib() local arch = 'unknown' for i, v in ipairs(t) do if v.type:sub(2, 2) == '-' then local t = gg.getValues({{address = v.start, flags = gg.TYPE_DWORD}, {address = v.start + 0x12, flags = gg.TYPE_WORD}}) if t[1].value == 0x464C457F then arch = archs[t[2].value] if arch == nil then arch = 'unknown' end end end if v.type:sub(2, 2) == 'w' then v.arch = arch table.insert(ranges, v) end end return ranges end local ranges = getRanges() print(ranges) Hope it works.