| View previous topic :: View next topic |
| Author |
Message |
Qvintus
Cheater
![]() Reputation: 0
Joined: 07 Nov 2013
Posts: 32
|
 Posted: Sun Jun 01, 2014 3:36 pm Post subject: ASM Question xmm0 |
 |
|
Hi there, sorry for newbish question. Still getting the hang of ASM.
Read some guides here and there on the forum but none has mentioned
movss and xmm#
I'm assuming it's a 64 bit thing?
Any way I found and address and thought I'd try find an offset using 'See what accesses this address'
However it turned out with:
| Code: |
004674FC - 8B EC - mov ebp,esp
004674FE - F3 0F10 45 08 - movss xmm0,[ebp+08]
00467503 - F3 0F11 01 - movss [ecx],xmm0 <<
00467507 - 0F57 C0 - xorps xmm0,xmm0
0046750A - F3 0F11 41 04 - movss [ecx+04],xmm0
EAX=04FE9BC0
EBX=00000000
ECX=04C7A1E0
EDX=0000001B
ESI=05279168
EDI=28CBA648
ESP=0020F2E8
EBP=0020F2E8
EIP=00467507 |
Not really sure what the offset would be in this case? I see +04
ecx further down but not really sure..
|
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 470
Joined: 09 May 2003
Posts: 25796
Location: The netherlands
|
| Posted: Sun Jun 01, 2014 3:54 pm Post subject: |
|
|
movss writes the floating point value stored in the 128 bit sse register
anyhow, you can rewrite this instruction to movss [ecx+00000000], xmm0
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Qvintus
Cheater
![]() Reputation: 0
Joined: 07 Nov 2013
Posts: 32
|
| Posted: Sun Jun 01, 2014 4:41 pm Post subject: |
|
|
Ahh ok, thanks Dark Byte
Soo... that means the offset is 0 ?
If that the case I will simply look at this as the base address?
meaning I should be able to make an AoBscan from this?
Again sorry if I'm totally misunderstanding this.
|
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 470
Joined: 09 May 2003
Posts: 25796
Location: The netherlands
|
| Posted: Sun Jun 01, 2014 5:06 pm Post subject: |
|
|
no, it just means the offset is 0
there is no connection with an offset being 0 and base addresses.
base addresses are located on a static address
offsets are offsets
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Qvintus
Cheater
![]() Reputation: 0
Joined: 07 Nov 2013
Posts: 32
|
| Posted: Sun Jun 01, 2014 6:56 pm Post subject: |
|
|
Oh sorry...
What I meant is the address for an AoB Scan?
In 'Rydian's Guide To Modern Pointers + AOB To Data' I understood it as he subtracts those +118 (offset) from what ever address and uses that as his base player structure.
I guess 'base' is misleading, or again I misunderstood something.
Really trying my best to understand.
Thanks a lot for your patience!
|
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 470
Joined: 09 May 2003
Posts: 25796
Location: The netherlands
|
| Posted: Sun Jun 01, 2014 7:27 pm Post subject: |
|
|
you could try it, but I don't think this is a "modern pointer" as it's a pointer directly to the value and not a pointer to a class object that contains the value
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Qvintus
Cheater
![]() Reputation: 0
Joined: 07 Nov 2013
Posts: 32
|
| Posted: Sun Jun 01, 2014 7:36 pm Post subject: |
|
|
Excuse me asking this then since I feel a little stuck then.
How would you go about proceeding then?
- Do the hex search and add the offset, see what accesses.
- Pointer Search for end offset 0
- ??
Again thank you so much for time.
|
|
| Back to top |
|
|
Rissorr
Master Cheater
![]() Reputation: 3
Joined: 17 Sep 2013
Posts: 273
Location: Israel!
|
| Posted: Mon Jun 02, 2014 1:57 am Post subject: |
|
|
| Qvintus wrote: | Excuse me asking this then since I feel a little stuck then.
How would you go about proceeding then?
- Do the hex search and add the offset, see what accesses.
- Pointer Search for end offset 0
- ??
Again thank you so much for time. |
You mean: "How do i find base pointer?"
if yes you just take ECX and hex-scan it in 4bytes ,
then take the address that you found to 'Add Address Manualy' with offset 0
then your pointer leveld up 
|
|
| Back to top |
|
|
Qvintus
Cheater
![]() Reputation: 0
Joined: 07 Nov 2013
Posts: 32
|
| Posted: Mon Jun 02, 2014 1:17 pm Post subject: |
|
|
| mixmax35 wrote: | | Qvintus wrote: | Excuse me asking this then since I feel a little stuck then.
How would you go about proceeding then?
- Do the hex search and add the offset, see what accesses.
- Pointer Search for end offset 0
- ??
Again thank you so much for time. |
You mean: "How do i find base pointer?"
if yes you just take ECX and hex-scan it in 4bytes ,
then take the address that you found to 'Add Address Manualy' with offset 0
then your pointer leveld up |
Well except that for some games you'll end up being stuck if your going the route. This case is one of them... which is why I was somewhat hoping to hear what the creator of CE would've done in this situation.
I know very well that I can just hex scan and add the offset. However in this case you'll eventually get stuck on some addresses that gives no feed back on accesses to, or writes to. However I've managed to find pointers using the pointer scan instead.
The whole meaning with this topic was to get a better knowledge as to how I get an array of bytes so I could start trying out make asm scripts with aob scans instead.
|
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 470
Joined: 09 May 2003
Posts: 25796
Location: The netherlands
|
| Posted: Mon Jun 02, 2014 1:22 pm Post subject: |
|
|
You could check the callstack to see how it got that pointer by looking at the assembly code of that function that called the current one
But honestly i would have grabbed the pointerscan myself
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Qvintus
Cheater
![]() Reputation: 0
Joined: 07 Nov 2013
Posts: 32
|
| Posted: Mon Jun 02, 2014 1:31 pm Post subject: |
|
|
| I see, thanks a lot for your input! I've become rather fond of the pointer scan by now, seem to get the jobs done almost every time.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
