View previous topic :: View next topic |
Author |
Message |
pharaon Advanced Cheater Reputation: 1
Joined: 29 Jun 2012 Posts: 80
|
Posted: Fri Jan 05, 2018 5:05 pm Post subject: assebly code hacking |
|
|
how can i freeze the value of this code, and if some one can explain to me what is xorps
i know xmm6 and xmm0 are registers but how can i mov 0 value to xmm0
subss xmm6,xmm0
xorps xmm10,xmm10
jmp return
|
|
Back to top |
|
|
OldCheatEngineUser Whateven rank Reputation: 20
Joined: 01 Feb 2016 Posts: 1587
|
Posted: Fri Jan 05, 2018 5:40 pm Post subject: |
|
|
xorps is the bitwise XOR, but its exclusive for packed xmm registers.
it your case case xmm10 will be '0' float after the xorps. (all four packed float values)
there is different ways to move 0 into xmm0:
- subss xmm0,xmm0
- pxor xmm0,xmm0
- movss xmm0,xmm X // note moving another xmm register that contain 0 // you use: movss xmm0,xmm10 after xorps xmm10,xmm10
- movss xmm0,[myNewValue] // myNewValue = dd 0
there is more .. but not in my head atm ..
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
STN wrote: | i am a sweetheart. |
|
|
Back to top |
|
|
pharaon Advanced Cheater Reputation: 1
Joined: 29 Jun 2012 Posts: 80
|
Posted: Fri Jan 05, 2018 6:05 pm Post subject: |
|
|
thanks lot
but i'm still noob
hope you can explain more
alsot what about this code
cvttss2si eax,xmm1
mov [r8+00000358],eax
i want to understand what is cvttss2si eax,xmm1
|
|
Back to top |
|
|
TheyCallMeTim13 Wiki Contributor Reputation: 50
Joined: 24 Feb 2017 Posts: 976 Location: Pluto
|
Posted: Fri Jan 05, 2018 6:18 pm Post subject: |
|
|
I can't remember the exact nomenclature of it, but "cvttss2si" is like convert single scalar float to double word signed integer, so it just takes a float and converts it to an integer.
Then "mov" is just a basic move, or set.
So "[{so address}] = eax = convert ( xmm1 )".
_________________
|
|
Back to top |
|
|
OldCheatEngineUser Whateven rank Reputation: 20
Joined: 01 Feb 2016 Posts: 1587
|
Posted: Fri Jan 05, 2018 6:59 pm Post subject: |
|
|
yeah it do convert it to signed dword. (float to dword)
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
STN wrote: | i am a sweetheart. |
|
|
Back to top |
|
|
pharaon Advanced Cheater Reputation: 1
Joined: 29 Jun 2012 Posts: 80
|
Posted: Sat Jan 06, 2018 8:27 am Post subject: |
|
|
and how can i cheat such code
cvttss2si eax,xmm1
mov [r8+00000358],eax
it's responsible about increasing my money value
if i want to increase t each time with fixed value like 1000
how can i do that
i don't know how to use inc with fixed amount
|
|
Back to top |
|
|
OldCheatEngineUser Whateven rank Reputation: 20
Joined: 01 Feb 2016 Posts: 1587
|
Posted: Sat Jan 06, 2018 8:50 am Post subject: |
|
|
Code: | cvttss2si eax,xmm1
mov eax,[r8+00000358]
add word ptr eax,03e8
mov [r8+00000358],eax |
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
STN wrote: | i am a sweetheart. |
|
|
Back to top |
|
|
pharaon Advanced Cheater Reputation: 1
Joined: 29 Jun 2012 Posts: 80
|
Posted: Sat Jan 06, 2018 8:54 am Post subject: |
|
|
OldCheatEngineUser wrote: | Code: | cvttss2si eax,xmm1
mov eax,[r8+00000358]
add word ptr eax,03e8
mov [r8+00000358],eax |
|
can you explain this line
add word ptr eax,03e8
i know 3e8 is 1000 in hex
but why word ptr
|
|
Back to top |
|
|
OldCheatEngineUser Whateven rank Reputation: 20
Joined: 01 Feb 2016 Posts: 1587
|
Posted: Sat Jan 06, 2018 8:58 am Post subject: |
|
|
the final result will be the same, here i just specified the length.
dword = 0000 0000 hex
word = xxxx 0000 <- it adds the 1000 here
there is no difference, add eax,3e8 or add (d)word ptr eax,3e8
i just mixed up things:
btw its my bad, add word ptr eax,3e8 wont work
the reason: because its not referring to memory location (e.g. [eax] )
Code: | just use add eax,3e8 |
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
STN wrote: | i am a sweetheart. |
|
|
Back to top |
|
|
TheyCallMeTim13 Wiki Contributor Reputation: 50
Joined: 24 Feb 2017 Posts: 976 Location: Pluto
|
Posted: Sat Jan 06, 2018 10:18 am Post subject: |
|
|
You can also use just the AX registry to access the lower word of the EAX registry.
See: Assembler - Structure
_________________
|
|
Back to top |
|
|
pharaon Advanced Cheater Reputation: 1
Joined: 29 Jun 2012 Posts: 80
|
Posted: Sat Jan 06, 2018 5:26 pm Post subject: |
|
|
what about this code
mov [eax],ebx
jne StrongholdBase.StrongholdBase::operator>>+3D2
mov eax,[edi+0000039C]
jmp return
it's responsible for increase/decrease the inventory images in Stronghold Crusader 2 stockpile but not the real value
so how can i hack it so it won't decrease
i already hack the real value so i always have stock even if the stockpile looks empty
but i want to hack this one so it wont look empty
|
|
Back to top |
|
|
Csimbi I post too much Reputation: 94
Joined: 14 Jul 2007 Posts: 3110
|
Posted: Thu Jan 11, 2018 12:08 pm Post subject: |
|
|
Dude,
are you going to ask each ASM instruction?
Google for this:
Quote: | Intel 64 Instruction Set Reference, A-Z |
Download PDF and find out yourself.
|
|
Back to top |
|
|
|