| View previous topic :: View next topic |
| Author |
Message |
Spazzin
How do I cheat?
![]() Reputation: 0
Joined: 22 Mar 2006
Posts: 2
|
 Posted: Wed Mar 22, 2006 2:57 am Post subject: Can CE do multiplicative pointers? |
 |
|
Hello all.
I just ran into a type of pointer I've never used CE to hack. Any advice on how to set up a pointer for this bad boy?
mov [eax+edi*8+04],ecx
EAX changes, and EDI changes upon reload of the software.
|
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 458
Joined: 09 May 2003
Posts: 25288
Location: The netherlands
|
| Posted: Wed Mar 22, 2006 4:41 am Post subject: |
|
|
No, tracking EDI isn't possible with ce. (it is but you'll have to resort to code injection)
But it is still possible to use this instruction for pointers. You may notice that for the same object and element of the object edi is always the same value (0, 1 or 2) so just add that value to the offset. so if edi is always 1 then use as offset 1*8+4=c . if it is 2 then use as offset 2*8+4=14, ....
and for those that want more info: (ignore this if you're not interested in assembler)
mov [eax+edi*8+04],ecx
eax holds the base pointer
edi*8 is a pointer to a ellement in a array, in this case the array consists out of objects that are 8 bytes long. (probably a structure in this case)
+4 means that it points to the center of the element in that array.
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Spazzin
How do I cheat?
![]() Reputation: 0
Joined: 22 Mar 2006
Posts: 2
|
| Posted: Wed Mar 22, 2006 6:49 am Post subject: |
|
|
| Dark Byte wrote: | No, tracking EDI isn't possible with ce. (it is but you'll have to resort to code injection)
But it is still possible to use this instruction for pointers. You may notice that for the same object and element of the object edi is always the same value (0, 1 or 2) so just add that value to the offset. so if edi is always 1 then use as offset 1*8+4=c . if it is 2 then use as offset 2*8+4=14, ....
and for those that want more info: (ignore this if you're not interested in assembler)
mov [eax+edi*8+04],ecx
eax holds the base pointer
edi*8 is a pointer to a ellement in a array, in this case the array consists out of objects that are 8 bytes long. (probably a structure in this case)
+4 means that it points to the center of the element in that array. |
EDI changes throughout sessions, though. I've seen it as 56 or 1A, etc.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
