| View previous topic :: View next topic |
| Author |
Message |
hiro928
Newbie cheater
![]() Reputation: 0
Joined: 15 Aug 2016
Posts: 16
|
 Posted: Wed Dec 21, 2016 4:29 pm Post subject: inf. health problem |
 |
|
hey everyone, i'm trying to make an inf. health code for Bioshock 2, and i ran into something wierd, i found my health value, and clicked to see what writes to it, then took a hit, and 2 OP codes came up, one that looked like this
movss [esi+000005C0],xmm1
and one that looked like this
fstp dword ptr [esi+000005C0]
i tried nop'ing one, then the other, and health still went down, and when i nop'ed both at the same time, the game crashed, what am i doing wrong? any help would be appriciated
i ran into this same problem with Alan Wake and couldn't figure it out either
|
|
| Back to top |
|
 |
Kronogenics
Advanced Cheater
 Reputation: 0
Joined: 01 Dec 2016
Posts: 82
|
| Posted: Wed Dec 21, 2016 6:19 pm Post subject: |
|
|
Well noping isn't always the end all be all for things. Making a script may be useful. For example just make a simple script that will compare to a known value around your players health and then have it set a variable. If you can get it to set a variable then you can try to alter your health. A screen shot of the surrounding instructions would prove useful. From what it looks like a simple
| Code: | | mov [ecx+000005C0], (float)10000 |
should do the trick.
_________________
|
|
| Back to top |
|
|
hiro928
Newbie cheater
![]() Reputation: 0
Joined: 15 Aug 2016
Posts: 16
|
| Posted: Wed Dec 21, 2016 6:56 pm Post subject: |
|
|
| Kronogenics wrote: | Well noping isn't always the end all be all for things. Making a script may be useful. For example just make a simple script that will compare to a known value around your players health and then have it set a variable. If you can get it to set a variable then you can try to alter your health. A screen shot of the surrounding instructions would prove useful. From what it looks like a simple
| Code: | | mov [ecx+000005C0], (float)10000 |
should do the trick. |
i get more or less script making and comparisons (still learning) and i'm trying to make a script, the question i'm asking, is which OP code do i make the script for, there are 2 and i don't know which is the right one
|
|
| Back to top |
|
|
Kronogenics
Advanced Cheater
Reputation: 0
Joined: 01 Dec 2016
Posts: 82
|
| Posted: Wed Dec 21, 2016 6:57 pm Post subject: |
|
|
The first one looks like what you are looking for.
_________________
|
|
| Back to top |
|
|
hiro928
Newbie cheater
![]() Reputation: 0
Joined: 15 Aug 2016
Posts: 16
|
| Posted: Wed Dec 21, 2016 7:01 pm Post subject: |
|
|
| Kronogenics wrote: | | The first one looks like what you are looking for. |
so the one moving the xmm1 registry over, can i ask why? again, i'm still learning, and like to know new things, so if i run into this in the future, i'll be better informed to tackle the problem
so why the movss and not the fstp, and what do those commands even mean? sorry if i'm asking alot, if it would be easier to just link me somewhere that will answer these questions go ahead, again, i'm just eager to learn more
|
|
| Back to top |
|
|
Kronogenics
Advanced Cheater
Reputation: 0
Joined: 01 Dec 2016
Posts: 82
|
| Posted: Wed Dec 21, 2016 7:14 pm Post subject: |
|
|
movss means move scalar single (single floating point value) from the second operand (xmm1) to the first operand ([ecx+000005C0) fstp means float store pop so it stores the float at whatever address it is referencing ([ecx+000005C0) and then pops the stack. I don't have the game and am working with not very much so out of the two operands it looks as if the movss is what you want. But, I am not totally sure.
_________________
|
|
| Back to top |
|
|
hiro928
Newbie cheater
![]() Reputation: 0
Joined: 15 Aug 2016
Posts: 16
|
| Posted: Wed Dec 21, 2016 7:24 pm Post subject: |
|
|
| Kronogenics wrote: | | movss means move scalar single (single floating point value) from the second operand (xmm1) to the first operand ([ecx+000005C0) fstp means float store pop so it stores the float at whatever address it is referencing ([ecx+000005C0) and then pops the stack. I don't have the game and am working with not very much so out of the two operands it looks as if the movss is what you want. But, I am not totally sure. |
well thank you for your time, i'll definetly give this a try, and thank you for that info as well, again i'm always trying to learn more about Auto Assembly, cause scripts seem to always be a wonderful way to make hacks such as this, all i'm doing is trying to learn more and more as i go along, learn by doing i guess you could say, anyway, thanks again for your time and info, i'll update what happens
update: it turns out that was the OP code i was looking for, and i had little trouble finding a comparison, again, thanks for all your help, i truly do appreciate it
|
|
| Back to top |
|
|
Flux.
Advanced Cheater
![]() Reputation: 0
Joined: 10 Nov 2016
Posts: 84
Location: Another World - N5X2 106311411+2123518
|
| Posted: Wed Dec 21, 2016 8:50 pm Post subject: |
|
|
Hi hiro928,
I am new to this aswell, do try what Kronogenics said, i would also try the second op in your table like this -
| Code: | newmem:
code:
//fstp dword ptr [esi+000005C0]
fstp st(0)
jmp return |
good luck.
|
|
| Back to top |
|
|
hiro928
Newbie cheater
![]() Reputation: 0
Joined: 15 Aug 2016
Posts: 16
|
| Posted: Wed Dec 21, 2016 11:02 pm Post subject: |
|
|
| Flux. wrote: | Hi hiro928,
I am new to this aswell, do try what Kronogenics said, i would also try the second op in your table like this -
| Code: | newmem:
code:
//fstp dword ptr [esi+000005C0]
fstp st(0)
jmp return |
good luck. |
thanks, i'll look into that too if i run into this problem again, but so far it seems to be working, but again if i may ask, what is that supposed to mean, that is "fstp st(0)" supposed to do? if i may ask? again, just trying to gather all the knowledge i can, and whenever i see something new, i always wonder "why" as well 
|
|
| Back to top |
|
|
Kronogenics
Advanced Cheater
Reputation: 0
Joined: 01 Dec 2016
Posts: 82
|
| Posted: Wed Dec 21, 2016 11:04 pm Post subject: |
|
|
fstp st(0) will essentially take the value inside of st(0) and put it inside of st(0) then popping the stack.
_________________
|
|
| Back to top |
|
|
STN
I post too much
 Reputation: 42
Joined: 09 Nov 2005
Posts: 2672
|
| Posted: Wed Dec 21, 2016 11:27 pm Post subject: |
|
|
If you want to nop, then use Find out what "accesses" instead of write and look for a sub instruction.
If you don't care for that then do code injection at either of those instructions and write your desired value to [esi+000005C0]
Make sure the instructions only acceseses your health so enemy doesnt get the benefit.
_________________
|
|
| Back to top |
|
|
hiro928
Newbie cheater
![]() Reputation: 0
Joined: 15 Aug 2016
Posts: 16
|
| Posted: Thu Dec 22, 2016 6:36 am Post subject: |
|
|
| STN wrote: | If you want to nop, then use Find out what "accesses" instead of write and look for a sub instruction.
If you don't care for that then do code injection at either of those instructions and write your desired value to [esi+000005C0]
Make sure the instructions only acceseses your health so enemy doesnt get the benefit. |
so is code injection permanent? i usually just do an AOB injection and then look for comparisons, yeah it's a lot of times a pain in the butt to find comparisons, but it gets the job done in the end, is code injections different or superior in some way? again, always willing to learn more
|
|
| Back to top |
|
|
STN
I post too much
Reputation: 42
Joined: 09 Nov 2005
Posts: 2672
|
| Posted: Thu Dec 22, 2016 8:09 am Post subject: |
|
|
Aob injection is code injection. Code injection means injecting your code which you do with aob injection 
It can either be permanent if you write to the file or temporary if you just edit memory which you are.
_________________
|
|
| Back to top |
|
|
hiro928
Newbie cheater
![]() Reputation: 0
Joined: 15 Aug 2016
Posts: 16
|
| Posted: Fri Dec 23, 2016 2:27 am Post subject: |
|
|
| STN wrote: | Aob injection is code injection. Code injection means injecting your code which you do with aob injection
It can either be permanent if you write to the file or temporary if you just edit memory which you are. |
so is either one better or worse than the other? cause if their the same i don't see why they would have both options?
|
|
| Back to top |
|
|
Kronogenics
Advanced Cheater
Reputation: 0
Joined: 01 Dec 2016
Posts: 82
|
| Posted: Fri Dec 23, 2016 2:29 am Post subject: |
|
|
Usually it would be more beneficial to use the AOB injection technique (unless the injection point is static) AOB also helps to combat games that update.
_________________
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
