Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Float values

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials
View previous topic :: View next topic  
Author Message
NoMoreBSoD
Advanced Cheater
Reputation: 3

Joined: 03 Sep 2013
Posts: 85

PostPosted: Thu Apr 24, 2014 7:53 pm    Post subject: Float values Reply with quote

I found the assembly code that update current stamina in Dark Souls 2 and it's a float value :
Code:
fstp dword ptr [eax+00000140]


I also now that the max value is stored very close in eax+148.

How do I make it so that my max stamina is always copied in my current stamina ? I can do it easily with 4 bytes values but float (and doubles) are a mystery to me.
Back to top
View user's profile Send private message
justa_dude
Grandmaster Cheater
Reputation: 23

Joined: 29 Jun 2010
Posts: 891

PostPosted: Thu Apr 24, 2014 10:26 pm    Post subject: Re: Float values Reply with quote

NoMoreBSoD wrote:
I found the assembly code that update current stamina in Dark Souls 2 and it's a float value :
Code:
fstp dword ptr [eax+00000140]


I also now that the max value is stored very close in eax+148.

How do I make it so that my max stamina is always copied in my current stamina ? I can do it easily with 4 bytes values but float (and doubles) are a mystery to me.


Since both values are already encoded as floats, you merely overwrite one with the other. You can use your normal mov operations to do so, as a float is merely a four-byte chunk of memory.

_________________
A nagy kapu mellett, mindig van egy kis kapu.
----------------------
Come on...
Back to top
View user's profile Send private message
NoMoreBSoD
Advanced Cheater
Reputation: 3

Joined: 03 Sep 2013
Posts: 85

PostPosted: Thu Apr 24, 2014 10:31 pm    Post subject: Reply with quote

Thank you Justa_dude ! Very Happy

But let's say I want to create an easy kill script that would store the float value 1 as long as the enemy health value is higher than 1. How would I do that ? It's easy with 4 bytes, but mysterious in float/double.
Back to top
View user's profile Send private message
justa_dude
Grandmaster Cheater
Reputation: 23

Joined: 29 Jun 2010
Posts: 891

PostPosted: Fri Apr 25, 2014 1:32 am    Post subject: Reply with quote

NoMoreBSoD wrote:
Thank you Justa_dude ! :D

But let's say I want to create an easy kill script that would store the float value 1 as long as the enemy health value is higher than 1. How would I do that ? It's easy with 4 bytes, but mysterious in float/double.


I don't know anything about the game you're trying to hack, and you haven't given me any information whatsoever about enemy health values. If it works like the health you've described above, though, you'd fld the constant 1.0 and fcomp it to the location you've already found and branch accordingly.

_________________
A nagy kapu mellett, mindig van egy kis kapu.
----------------------
Come on...
Back to top
View user's profile Send private message
mgr.inz.Player
I post too much
Reputation: 218

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Fri Apr 25, 2014 7:44 am    Post subject: Reply with quote

Sometimes two hit kill is better. One hit kill cheat can cause some issues (for example DeadSpace2 and DeadSpace3 miniboss fights. After "one hit kill" that boss, doors are still locked)

Example, for HL1 mod:

Code:
hl.dll+AB846 - D9 81 64010000        - fld dword ptr [ecx+00000164]  // load health to ST0
hl.dll+AB84C - D8 65 F8              - fsub dword ptr [ebp-08] // subtract (damage dealt)
hl.dll+AB84F - 8B 55 FC              - mov edx,[ebp-04]
hl.dll+AB852 - 8B 42 04              - mov eax,[edx+04]
hl.dll+AB855 - D9 98 64010000        - fstp dword ptr [eax+00000164] // save "decreased" health value


This piece of code touches player health and enemy health. So, it is "shared" code (function). Player and monsters inherit from some base class which implements a method which deducts health.


Cheat:
Code:
[ENABLE]
alloc(newmem,2048)
label(returnhere)
label(exit)

newmem:
cmp [ebp+04],hl.player+B97
je exit

cmp dword ptr [ecx+00000164],(float)6.0
jnge exit
mov dword ptr [ecx+00000164],(float)5.0

exit:
fld dword ptr [ecx+00000164]
jmp returnhere

"hl.dll"+AB846:
jmp newmem
nop
returnhere:

[DISABLE]
dealloc(newmem)
"hl.dll"+AB846:
fld dword ptr [ecx+00000164]
//Alt: db D9 81 64 01 00 00




As mentioned earlier, this code access player health and enemies health, so we have to take that into account.
You need a way of identifying whether or not the receiver object is your main character. For this, you need to reverse engineer the object and try to find something which would be unique to your character. For example, is some games I analyze those:
call stack (return addresses kept in stack), stack, data structure, registers.

Read tutorials, "filtering", "compare structures", do tutorial step 9.

I found out I can use call stack:
Code:
cmp [ebp+04],hl.player+B97   // compare value kept in [ebp+4] with hl.player+B97
je exit                                    // if equal, this is player, so skip cheat




Because, in this game, health is "float value" and is always bigger than zero (or equal to zero when dead) we can use cmp and jl jle jnle jnl jg jge jnge jng ja jae jnae jna jb jbe jnbe jnb instructions. (note, jle==jng, jg==jnle, and so on)
It will work because we compare positive value (bigger or equal to zero) with another positive value.


This piece of code checks monster (enemy) health. If it is less than 6.0, just skip cheat.
Code:
cmp dword ptr [ecx+00000164],(float)6.0
jnge exit    // jump if not greater or equal, so ( NOT >= ) == ( < ), so, jump if less


If it is not lower, write 5.0
Code:
mov dword ptr [ecx+00000164],(float)5.0

_________________
Back to top
View user's profile Send private message MSN Messenger
NoMoreBSoD
Advanced Cheater
Reputation: 3

Joined: 03 Sep 2013
Posts: 85

PostPosted: Fri Apr 25, 2014 9:27 am    Post subject: Reply with quote

Wow thanks a lot ! I was getting in assembly hell by trying to do it with compss, fcomip, comisd, ucomisd and even converting values with cvtss2sd and the like when all I had to add was use a dword ptr argument and a (float). Your explanation should simplify by Cheat Engine life by a lot.
Back to top
View user's profile Send private message
mgr.inz.Player
I post too much
Reputation: 218

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Fri Apr 25, 2014 11:02 am    Post subject: Reply with quote

Yes, for simple tasks, cmp and jl jle jg jge is enough.
_________________
Back to top
View user's profile Send private message MSN Messenger
justa_dude
Grandmaster Cheater
Reputation: 23

Joined: 29 Jun 2010
Posts: 891

PostPosted: Fri Apr 25, 2014 3:07 pm    Post subject: Reply with quote

mgr.inz.Player wrote:
NoMoreBSoD wrote:
Wow thanks a lot ! I was getting in assembly hell by trying to do it with compss, fcomip, comisd, ucomisd and even converting values with cvtss2sd and the like when all I had to add was use a dword ptr argument and a (float). Your explanation should simplify by Cheat Engine life by a lot.

Yes, for simple tasks, cmp and jl jle jg jge is enough.


No offense to miP, who knows a lot about a lot of things, but your first inclination is the correct one. It isn't safe to assume that for two floats, the largest will have a correspondingly larger encoding. Eg, 2.0 = 0x40000000 while -2.0 = 0xc0000000. It's easy enough to use the x87 float routines, so if you're doing arithmetic with floats or doubles that's probably what you should be doing.

_________________
A nagy kapu mellett, mindig van egy kis kapu.
----------------------
Come on...
Back to top
View user's profile Send private message
mgr.inz.Player
I post too much
Reputation: 218

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Fri Apr 25, 2014 3:54 pm    Post subject: Reply with quote

Quote:
Because, in this game, health is "float value" and is always bigger than zero (or equal to zero when dead)

Quote:
It will work because we compare positive value (bigger or equal to zero) with another positive value.

Quote:
Yes, for simple tasks, cmp and jl jle jg jge is enough.

simple tasks == the one discussed in this topic + other "health", "stamina", "char attributes bigger than zero" cheats.

_________________
Back to top
View user's profile Send private message MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites