Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


dil and how "break and trace" it?

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
geesve
Cheater
Reputation: 0

Joined: 15 Feb 2017
Posts: 25
PostPosted: Mon Jun 05, 2017 8:30 pm    Post subject: dil and how "break and trace" it? Reply with quote
Hi!
Can somebody help me figure out of what for should i watch for if i want try to see where from value come to address, when it go from "dil"? Google and CE help does not provide me any information about it or i search it somehow wrong or should i do something different? :/

Here is snippet of the code:
Code:

"HelpHimOut.exe"+5EC3B0: 48 8B 88 D0 01 00 00  -  mov rcx,[rax+000001D0]
"HelpHimOut.exe"+5EC3B7: E8 54 94 E0 FF        -  call HelpHimOut.exe+3F5810
"HelpHimOut.exe"+5EC3BC: F3 0F 11 43 58        -  movss [rbx+58],xmm0
"HelpHimOut.exe"+5EC3C1: EB 16                 -  jmp HelpHimOut.exe+5EC3D9
"HelpHimOut.exe"+5EC3C3: 48 8D 8B 98 00 00 00  -  lea rcx,[rbx+00000098]
"HelpHimOut.exe"+5EC3CA: E8 71 60 04 00        -  call HelpHimOut.exe+632440
"HelpHimOut.exe"+5EC3CF: EB 08                 -  jmp HelpHimOut.exe+5EC3D9
"HelpHimOut.exe"+5EC3D1: 48 8B CB              -  mov rcx,rbx
"HelpHimOut.exe"+5EC3D4: E8 B7 C6 FF FF        -  call HelpHimOut.exe+5E8A90
"HelpHimOut.exe"+5EC3D9: 80 7B 54 0B           -  cmp byte ptr [rbx+54],0B
// ---------- INJECTING HERE ----------
"HelpHimOut.exe"+5EC3DD: 40 88 7B 54           -  mov [rbx+54],dil
// ---------- DONE INJECTING  ----------
"HelpHimOut.exe"+5EC3E1: 74 13                 -  je HelpHimOut.exe+5EC3F6
"HelpHimOut.exe"+5EC3E3: C6 43 5C 00           -  mov byte ptr [rbx+5C],00
"HelpHimOut.exe"+5EC3E7: 48 8B 5C 24 30        -  mov rbx,[rsp+30]
"HelpHimOut.exe"+5EC3EC: 48 83 C4 20           -  add rsp,20
"HelpHimOut.exe"+5EC3F0: 5F                    -  pop rdi
"HelpHimOut.exe"+5EC3F1: C3                    -  ret
"HelpHimOut.exe"+5EC3F2: 40 88 79 54           -  mov [rcx+54],dil
"HelpHimOut.exe"+5EC3F6: 48 8B 5C 24 30        -  mov rbx,[rsp+30]
"HelpHimOut.exe"+5EC3FB: 48 83 C4 20           -  add rsp,20
"HelpHimOut.exe"+5EC3FF: 5F                    -  pop rdi
"HelpHimOut.exe"+5EC400: C3                    -  ret
Back to top
View user's profile Send private message
STN
I post too much
Reputation: 42

Joined: 09 Nov 2005
Posts: 2672
PostPosted: Mon Jun 05, 2017 9:39 pm    Post subject: Reply with quote
least significant (8 bit) value of rdi. In 64 bit they're dil, in 32 di

Trace through the code until you reach the ret and it should let you to the caller function. You can then see how dl gets its value (or simply scroll up in function and bp at the start)
_________________
Cheat Requests/Tables- Fearless Cheat Engine
https://fearlessrevolution.com
Back to top
View user's profile Send private message
geesve
Cheater
Reputation: 0

Joined: 15 Feb 2017
Posts: 25
PostPosted: Tue Jun 06, 2017 10:44 am    Post subject: Reply with quote
edi, rdi, di, dil? That's makes sense now Smile
Thank you!
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites