 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Doctor Death
Cheater
![]() Reputation: 1
Joined: 26 Apr 2014
Posts: 42
Location: Breaking Code
|
 Posted: Sun Feb 08, 2015 10:46 pm Post subject: Need.... More.... Info....! |
 |
|
im starving for information about assembler.. :/
so far, i know how to
pointerscan
change bytes to represent character
replace bytes to characters
use static addresses and their offsets
+ lots more
I can barely find anything on google about it, and I don't want to spam this place with questions... :/
There are some stuff I want to know
How to follow pointers in assembler
What flags are
What base pointers are
What offsets are
.....
That's pretty much it...
Do any of you know any super helpful links that explain all of these? I can't find any. :V
thanks!
|
|
| Back to top |
|
 |
TwoSpooky
Cheater
 Reputation: 1
Joined: 03 Feb 2015
Posts: 36
|
| Posted: Sun Feb 08, 2015 11:17 pm Post subject: |
|
|
Have you read all the tutorials in the,
| Code: | | Cheat Engine Tutorials/Auto Assembly Tutorials |
Because I know at the very least they cover flags.
|
|
| Back to top |
|
|
SteveAndrew
Master Cheater
 Reputation: 30
Joined: 02 Sep 2012
Posts: 323
|
| Posted: Sun Feb 08, 2015 11:48 pm Post subject: |
|
|
Well for one, I think these days the pointer scanner will find any pointer you need even if you have to adjust it with a higher offset for certain games so manually trying to find them is painful and not worth it! lol
For two, flags are basically little indicators that show the results of a comparison of some sort (most commonly) for the way or direction the branching code (je/jne/ja/jb/jg/jl/etc...) after it will take. ZF is one of the main flags with the conditional jumps. Or if you add two unsigned numbers together that don't fit the carry flag will be set. Or if you add two signed numbers together and it goes into the negative the overflow flag will be set, etc... The parity flag is set if the result of an operation is even, and unset if it is not. Sign flag indicates whether the result is negative or not. And that's about all the flags, oh and there's also the AF flag auxiliary carry flag used in special cases as a carry flag.
Conditional Jump (and what flags effect them) reference:
http://faydoc.tripod.com/cpu/je.htm
Carry / Overflow flag reference:
http://teaching.idallen.com/dat2343/10f/notes/040_overflow.txt
A post I did a while ago about the ZF flag in particular (9 posts down):
http://forum.cheatengine.org/viewtopic.php?p=5464232
Parity flag:
http://en.wikipedia.org/wiki/Parity_flag
ASM flags:
http://www.cavestory.org/guides/csasm/guide/asm_flags.html
A base pointer is just a pointer that stays the same every single time you reload the game. Since it is always there, you can use it as a "base", to get to your value you want to always be able to reference.
An offset is arbitrary, can really be almost anything. It just is saying a certain something (another pointer or a value) is a certain number of bytes away from a certain address.
pseudo code:
mov rax,[BasePointer+Offset]
mov rax,[rax+SecondOffset]
mov rax,[rax+ThirdOffset]
//etc...
each successive read gets you closer to your value... You could have a pointer that only has 1 offset, or it could have 5 or more, or any number of offsets.
Say Game.exe+123456 is your base pointer
| Code: |
mov rax,[Game.exe+123456]
|
This will take the static / always there address of Game.exe+123456 and get the value of it, and put it into rax...
Now say your health value has offsets 14, 104, 8c
So one of CE's formats of a written in text pointer is like [[[Game.exe+123456]+14]+104]+8c]
You add the offset and read the value, successively, in order, before you can add the next offset and read the value again.
| Code: |
mov rax,[Game.exe+123456]
mov rax,[rax+14]
mov rax,[rax+104]
//the last offset leads to the value of your health rather than a pointer like these lines of code
mov edx,[rax+8c] //health is usually a 32-bit value even in 64-bit land
//edx now contains health value
//do something with it if you want, usually we just write to it as below
mov ecx,[FullHealthValue]
mov [rax+8c],ecx
//Full Health Value just written to current live health address
|
That should clear things up a bit 
_________________
|
|
| Back to top |
|
|
Doctor Death
Cheater
![]() Reputation: 1
Joined: 26 Apr 2014
Posts: 42
Location: Breaking Code
|
| Posted: Mon Feb 09, 2015 7:20 am Post subject: |
|
|
| SteveAndrew wrote: | Well for one, I think these days the pointer scanner will find any pointer you need even if you have to adjust it with a higher offset for certain games so manually trying to find them is painful and not worth it! lol
For two, flags are basically little indicators that show the results of a comparison of some sort (most commonly) for the way or direction the branching code (je/jne/ja/jb/jg/jl/etc...) after it will take. ZF is one of the main flags with the conditional jumps. Or if you add two unsigned numbers together that don't fit the carry flag will be set. Or if you add two signed numbers together and it goes into the negative the overflow flag will be set, etc... The parity flag is set if the result of an operation is even, and unset if it is not. Sign flag indicates whether the result is negative or not. And that's about all the flags, oh and there's also the AF flag auxiliary carry flag used in special cases as a carry flag.
Conditional Jump (and what flags effect them) reference:
http://faydoc.tripod.com/cpu/je.htm
Carry / Overflow flag reference:
http://teaching.idallen.com/dat2343/10f/notes/040_overflow.txt
A post I did a while ago about the ZF flag in particular (9 posts down):
http://forum.cheatengine.org/viewtopic.php?p=5464232
Parity flag:
http://en.wikipedia.org/wiki/Parity_flag
ASM flags:
http://www.cavestory.org/guides/csasm/guide/asm_flags.html
A base pointer is just a pointer that stays the same every single time you reload the game. Since it is always there, you can use it as a "base", to get to your value you want to always be able to reference.
An offset is arbitrary, can really be almost anything. It just is saying a certain something (another pointer or a value) is a certain number of bytes away from a certain address.
pseudo code:
mov rax,[BasePointer+Offset]
mov rax,[rax+SecondOffset]
mov rax,[rax+ThirdOffset]
//etc...
each successive read gets you closer to your value... You could have a pointer that only has 1 offset, or it could have 5 or more, or any number of offsets.
Say Game.exe+123456 is your base pointer
| Code: |
mov rax,[Game.exe+123456]
|
This will take the static / always there address of Game.exe+123456 and get the value of it, and put it into rax...
Now say your health value has offsets 14, 104, 8c
So one of CE's formats of a written in text pointer is like [[[Game.exe+123456]+14]+104]+8c]
You add the offset and read the value, successively, in order, before you can add the next offset and read the value again.
| Code: |
mov rax,[Game.exe+123456]
mov rax,[rax+14]
mov rax,[rax+104]
//the last offset leads to the value of your health rather than a pointer like these lines of code
mov edx,[rax+8c] //health is usually a 32-bit value even in 64-bit land
//edx now contains health value
//do something with it if you want, usually we just write to it as below
mov ecx,[FullHealthValue]
mov [rax+8c],ecx
//Full Health Value just written to current live health address
|
That should clear things up a bit |
So how would you modify the value and/or get the memory address that's inside of the register? (After you added all the offsets and put it inside rax)
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
