|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
unkn0wn123 How do I cheat? Reputation: 0
Joined: 08 Jul 2017 Posts: 2
|
Posted: Sat Jul 08, 2017 5:50 am Post subject: How To Add a Value To The Stack? |
|
|
So I'm hacking GMP in Metal Gear Solid V: The Phantom Pain and all is good, I can put 5mill GMP in easy but when I turn on the script it only gives you the money when you loose money not when you earn it or both.
Which is annoying and confusing me, I'm guessing they have different operations, so I'd like to know how to add money and manipulate the stack sort of like this, like a code cave/injection. I have tried to do it on my own but it doesn't work, it just works like my script. It is OCD but I'd like to know if it's possible for education on asm...
push ecx
mov ecx,(int)5000000
mov [rdi],ecx
pop ecx
Can anyone help?
Current script:
Code: | [ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(inf_gmp,mgsvtpp.exe,89 07 80 8B 88 0E 00 00 05) // should be unique
alloc(newmem,$100,"mgsvtpp.exe"+3E97754)
label(code)
label(return)
newmem:
code:
mov eax,(int)5000000
mov [rdi],eax
or byte ptr [rbx+00000E88],05
jmp return
inf_gmp:
jmp newmem
nop
nop
nop
nop
return:
registersymbol(inf_gmp)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
inf_gmp:
db 89 07 80 8B 88 0E 00 00 05
unregistersymbol(inf_gmp)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "mgsvtpp.exe"+3E97754
"mgsvtpp.exe"+3E97732: 48 C1 E8 20 - shr rax,20
"mgsvtpp.exe"+3E97736: 41 89 01 - mov [r9],eax
"mgsvtpp.exe"+3E97739: 48 8B 83 B8 0A 00 00 - mov rax,[rbx+00000AB8]
"mgsvtpp.exe"+3E97740: 89 08 - mov [rax],ecx
"mgsvtpp.exe"+3E97742: 44 89 D8 - mov eax,r11d
"mgsvtpp.exe"+3E97745: 44 29 D0 - sub eax,r10d
"mgsvtpp.exe"+3E97748: 3D C0 87 82 FE - cmp eax,FE8287C0
"mgsvtpp.exe"+3E9774D: 7C 1A - jl mgsvtpp.exe+3E97769
"mgsvtpp.exe"+3E9774F: 44 39 D8 - cmp eax,r11d
"mgsvtpp.exe"+3E97752: 7F 15 - jg mgsvtpp.exe+3E97769
// ---------- INJECTING HERE ----------
"mgsvtpp.exe"+3E97754: 89 07 - mov [rdi],eax
"mgsvtpp.exe"+3E97756: 80 8B 88 0E 00 00 05 - or byte ptr [rbx+00000E88],05
// ---------- DONE INJECTING ----------
"mgsvtpp.exe"+3E9775D: 48 8B 5C 24 30 - mov rbx,[rsp+30]
"mgsvtpp.exe"+3E97762: 48 83 C4 20 - add rsp,20
"mgsvtpp.exe"+3E97766: 5F - pop rdi
"mgsvtpp.exe"+3E97767: C3 - ret
"mgsvtpp.exe"+3E97768: E8 C7 07 C0 87 - call CBA97F34
"mgsvtpp.exe"+3E9776D: 82 FE 48 - cmp dh,48
"mgsvtpp.exe"+3E97770: 8B 5C 24 30 - mov ebx,[rsp+30]
"mgsvtpp.exe"+3E97774: 48 83 C4 20 - add rsp,20
"mgsvtpp.exe"+3E97778: 5F - pop rdi
"mgsvtpp.exe"+3E97779: F3 C3 - repe ret
} |
|
|
Back to top |
|
|
OldCheatEngineUser Whateven rank Reputation: 20
Joined: 01 Feb 2016 Posts: 1587
|
Posted: Sat Jul 08, 2017 9:13 am Post subject: |
|
|
unkn0wn123 wrote: | it only gives you the money when you loose money not when you earn it or both. |
not all games changes the amount of that thing immediately, if you want it to be immediately then grab an instruction that accesses your address.
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
STN wrote: | i am a sweetheart. |
|
|
Back to top |
|
|
unkn0wn123 How do I cheat? Reputation: 0
Joined: 08 Jul 2017 Posts: 2
|
Posted: Sun Jul 09, 2017 12:41 am Post subject: |
|
|
OldCheatEngineUser wrote: | unkn0wn123 wrote: | it only gives you the money when you loose money not when you earn it or both. |
not all games changes the amount of that thing immediately, if you want it to be immediately then grab an instruction that accesses your address. |
Thank you for the tip, I went through a couple of addresses but when none of them worked how I liked I used one that was being accessed constantly and now the second I use the script it gives GMP. And when you try to spend it it just tops it back up automatically. Thanks!
For reference:
Code: | [ENABLE]
aobscanmodule(INJECT,mgsvtpp.exe,8B 08 B8 0F 05 C3 90) // should be unique
alloc(newmem,$1000,"mgsvtpp.exe"+371858A)
label(code)
label(return)
newmem:
code:
mov [rax],(int)5000000
mov ecx,[rax]
mov eax,90C3050F
jmp return
INJECT:
jmp newmem
nop
nop
return:
registersymbol(INJECT)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
INJECT:
db 8B 08 B8 0F 05 C3 90
unregistersymbol(INJECT)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "mgsvtpp.exe"+371858A
"mgsvtpp.exe"+3718562: 48 8B 88 98 00 00 00 - mov rcx,[rax+00000098]
"mgsvtpp.exe"+3718569: 48 8B 81 10 01 00 00 - mov rax,[rcx+00000110]
"mgsvtpp.exe"+3718570: 48 85 C0 - test rax,rax
"mgsvtpp.exe"+3718573: 75 08 - jne mgsvtpp.exe+371857D
"mgsvtpp.exe"+3718575: 41 89 F6 - mov r14d,esi
"mgsvtpp.exe"+3718578: EB 30 - jmp mgsvtpp.exe+37185AA
"mgsvtpp.exe"+371857A: 57 - push rdi
"mgsvtpp.exe"+371857B: 3C 2D - cmp al,2D
"mgsvtpp.exe"+371857D: 48 8B 80 10 0A 00 00 - mov rax,[rax+00000A10]
"mgsvtpp.exe"+3718584: 41 BE 0F A2 47 C3 - mov r14d,C347A20F
// ---------- INJECTING HERE ----------
"mgsvtpp.exe"+371858A: 8B 08 - mov ecx,[rax]
"mgsvtpp.exe"+371858C: B8 0F 05 C3 90 - mov eax,90C3050F
// ---------- DONE INJECTING ----------
"mgsvtpp.exe"+3718591: 8D 80 B1 82 BF 6D - lea eax,[rax+6DBF82B1]
"mgsvtpp.exe"+3718597: 39 C1 - cmp ecx,eax
"mgsvtpp.exe"+3718599: 45 8D B6 31 A9 04 3D - lea r14d,[r14+3D04A931]
"mgsvtpp.exe"+37185A0: 0F 4F C1 - cmovg eax,ecx
"mgsvtpp.exe"+37185A3: 44 39 F0 - cmp eax,r14d
"mgsvtpp.exe"+37185A6: 44 0F 4C F0 - cmovl r14d,eax
"mgsvtpp.exe"+37185AA: E8 A1 3E 3B 00 - call mgsvtpp.exe+3ACC450
"mgsvtpp.exe"+37185AF: 48 8B 88 98 00 00 00 - mov rcx,[rax+00000098]
"mgsvtpp.exe"+37185B6: 48 8B 81 10 01 00 00 - mov rax,[rcx+00000110]
"mgsvtpp.exe"+37185BD: 48 85 C0 - test rax,rax
} |
May modify it to nop it out once the GMP is given but since it's used on access that seems rather mute. Cheers once again!
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|