View previous topic :: View next topic |
Author |
Message |
tahseenmuneer How do I cheat? Reputation: 0
Joined: 15 Jul 2017 Posts: 5
|
Posted: Sat Jul 15, 2017 8:06 am Post subject: Help Me With This Auto Assemble code |
|
|
Hello Cheat Engine Masters I Am New To Cheat Engine And I Was Trying To Crack My Game Health Code And This Code Came To Me Which I Can't Understand. Can You Please Tell Me What This Code Does And How To Reverse It. Thank You
The Code Is
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
originalcode:
fstp dword ptr [esi+30]
fld dword ptr [esi+34]
exit:
jmp returnhere
00556F6E:
jmp newmem
nop
returnhere:
|
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Sat Jul 15, 2017 9:58 am Post subject: |
|
|
Code: | originalcode:
fstp st(0)
fld dword ptr [esi+34]
fst dword ptr [esi+30] |
|
|
Back to top |
|
|
FreeER Grandmaster Cheater Supreme Reputation: 53
Joined: 09 Aug 2013 Posts: 1091
|
Posted: Sat Jul 15, 2017 10:13 am Post subject: |
|
|
Code: | alloc(newmem,2048) // allocate 2048 bytes linked to the label newmem
label(returnhere) // create a label called returnhere which can refer to a memory address
label(originalcode) // ^
label(exit) // ^
newmem: // use the label newmem to specify a memory location (in this case where to write code)
originalcode: // first use of label not already set will associate an address with it
// in this case originalcode refers to the same address as newmem, that will change
// if you add code inbetween newmem and original code
// Floating Point Unit aka FPU code, uses a "stack" of floats to manipulate values
fstp dword ptr [esi+30] // Floating-point STore and Pop, dword ptr - size of float, [esi+30] location to store top float then removes the top float on the stack
fld dword ptr [esi+34] // Floating-point LoaD, dword ptr - float, [esi+34] location to push onto top of stack
exit: // first use associates exit at the address after fld instruction
jmp returnhere // code to jmp to where the returnhere label is
00556F6E: // address you're injecting at
jmp newmem // new code to cause it to jmp to the code at the new memory
nop
returnhere: // first use associates returnhere with the address after the jmp newmem
// that way you can jmp back to the instruction after the ones you're hooking instead
// of continuing to execute random memory after the newmem and crashing |
Presumably you want to stop a float value from changing, so what you'd want to do is change the fstp ... to a fstp st(0) which will store the value at the top of the Floating Point Unit's stack into the top of the stack (eg. same place) and then pop the top of the stack (removing the value).
Basic info from googling "fpu instructions": https://cs.fit.edu/~mmahoney/cse3101/float.html
|
|
Back to top |
|
|
|