| View previous topic :: View next topic |
| Author |
Message |
gaming04
Expert Cheater
![]() Reputation: 0
Joined: 06 Dec 2010
Posts: 189
|
 Posted: Wed Aug 03, 2011 9:11 am Post subject: [Resolved] [Question] This code can't compile in AA!? |
 |
|
| Code: |
mov [[[[["Tutorial-x86_64.exe"+001FD750]+10]+18]+0]+18],(int)1
|
What's wrong with this code?
Last edited by gaming04 on Fri Aug 05, 2011 2:42 am; edited 1 time in total |
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 470
Joined: 09 May 2003
Posts: 25807
Location: The netherlands
|
| Posted: Wed Aug 03, 2011 10:34 am Post subject: |
|
|
try:
| Code: |
[[[["Tutorial-x86_64.exe"+001FD750]+10]+18]+0]+18:
dd 1
|
alternatively:
| Code: |
push rax
mov rax,["Tutorial-x86_64.exe"+001FD750]
mov rax,[rax+10]
mov rax,[rax+18]
mov rax,[rax+0]
mov [rax+18],(int)1
pop rax
|
and then make sure that code is executed using a hook in the code or createthread
I'd go with the first method though
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
gaming04
Expert Cheater
![]() Reputation: 0
Joined: 06 Dec 2010
Posts: 189
|
| Posted: Wed Aug 03, 2011 1:22 pm Post subject: |
|
|
This code isn't working either:
| Code: |
cmp byte ptr [[edx+148]+2af],64
|
Is there any other way I can temper with at least, second level pointers?
Perhaps I can store a pointer into an allocated space, but that is not really practical.
|
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 470
Joined: 09 May 2003
Posts: 25807
Location: The netherlands
|
| Posted: Wed Aug 03, 2011 2:11 pm Post subject: |
|
|
you do this in the form of
| Code: |
push eax
mov eax,[edx+148]
cmp byte ptr [eax+2af],64
pop eax //pop does not affect flags
jxx bla
|
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
gaming04
Expert Cheater
![]() Reputation: 0
Joined: 06 Dec 2010
Posts: 189
|
| Posted: Fri Aug 05, 2011 12:37 am Post subject: |
|
|
I used that method in a few games and have never been successful with that--other than having my game crash the moment I activate the script. I'm at a lost when it comes to pointers because every method I use just can't address the pointer, properly.
By the way, here's another code that did differently than expect:
| Code: |
mov qword ptr [rbx+780],(double)6000
|
Taken from [cheatengine-x86_64.exe], Step 4. When pressing decrease Ammo, the number jumps to -0.5 instead of the predefined amount: (double)6000.
I have attached my Cheat table made for your 64-bit tutorial here. Take a look at the script: Step 4 - 2. Apparently, the conversion code, (double), does not work correctly and/or I may be using it improperly.
| Description: |
|
Download |
| Filename: |
cheatengine-x86_64.CT |
| Filesize: |
16.92 KB |
| Downloaded: |
563 Time(s) |
|
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 470
Joined: 09 May 2003
Posts: 25807
Location: The netherlands
|
| Posted: Fri Aug 05, 2011 1:53 am Post subject: |
|
|
There is no qword instruction for specific value memory writes. This gets downgraded to a 32bit version.
Use:
mov rax,(double)9000
mov [rbx+780],rax
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
gaming04
Expert Cheater
![]() Reputation: 0
Joined: 06 Dec 2010
Posts: 189
|
| Posted: Fri Aug 05, 2011 2:41 am Post subject: |
|
|
Silly code, without writing to a specific register, the conversion (double) would not do its magic. Thanks Dark Byte, apparently what I needed to learn to progress further in memory hacking is the use of Push and Pop.
I never got that to work until you presented a full example.
I will just note it here that (double) will not work without sending it into a register.
Pointer problems, apparently, require placing level 1 pointer into registers as well. I just finished writing a 3 level pointer using push and pop techniques, taking advantage of two registers.
Thanks for the help! Got a lot more to learn before I'm done with the basics.
|
|
| Back to top |
|
|
Freiza
Grandmaster Cheater
 Reputation: 22
Joined: 28 Jun 2010
Posts: 662
|
| Posted: Mon Apr 02, 2012 10:54 am Post subject: |
|
|
If i write this code
mov rax,(double)9000
mov [rbx+780],rax
What will happen if I distribute my ct to the people having 32-bit OS and using 32 bit CE? Will it work properly then?
_________________
|
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 470
Joined: 09 May 2003
Posts: 25807
Location: The netherlands
|
| Posted: Mon Apr 02, 2012 11:37 am Post subject: |
|
|
Then absolutely nothing will happen as those people wouldn't be able to run the game in the first place. a 32-bit OS can not run a 64-bit program.
And if you did use that code on a 32-bit process, it wouldn't even work for you
If you wish to use qword writes in 64-bit use a storage for the value
alloc(storage,8)
storage:
dq (double)value
mov eax,[value]
mov [targetaddress],eax
mov eax,[value+4]
mov [targetaddress+4],eax
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
