Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Need some help with an assembly crash.

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
gifty
How do I cheat?
Reputation: 0

Joined: 05 Aug 2019
Posts: 2

PostPosted: Mon Aug 05, 2019 11:40 am    Post subject: Need some help with an assembly crash. Reply with quote

So far using an basic gamemaker rpg to learn more about scripting and how to assembly, currently stuck on my first script when compare different stack areas.


Quote:
{ Game : unamed
Version:
Date : 2019-08-05
Author : 15198

Notes:
MOVSD - Move scalar double-precision floating-point value.
Therefore it moves a 32 bits float value from xmm0 into the pointing value
}

[ENABLE]

aobscanmodule(INJECT,gamemakerproject.exe,F2 0F 11 07 5F 5E 5D 5B 83 C4 08 C3 8B 06) // should be unique
alloc(newmem,$1000)
alloc(newSpeed, 4)
alloc(newCooldown, 4)

label(playerSpeed)
label(playerCooldown)
label(originalcode)
label(code)
label(return)

newCooldown:
dq (float)0

newSpeed:
dq (double)999

newmem:

code:
//----player movespeed
push edx
mov edx, [ebp-894]
pushf
cmp edx,192E6
je playerSpeed
popf //<--- crash
pop edx //<--- crash
//-----global cooldown
push edx //<--- crash
mov edx, [ebp-2CDDA060] //<--- crash
pushf //<--- crash
cmp edx,1878E //<--- crash

//je playerCooldown
//popf
//pop edx
//-----skill #1 cooldown
//push edx
//mov edx, [ebp-2CDE2A40]
//pushf
//cmp edx,1878F
//je playerCooldown
jmp originalcode

playerCooldown:
movsd xmm0, [newCooldown]
jmp originalcode

playerSpeed:
movsd xmm0, [newSpeed]
jmp originalcode


originalcode:
popf
pop edx
movsd [edi],xmm0
pop edi
jmp return

INJECT:
jmp newmem
return:
registersymbol(INJECT)

[DISABLE]

INJECT:
db F2 0F 11 07 5F

unregistersymbol(INJECT)
dealloc(newmem)
dealloc(newSpeed)
dealloc(newCooldown){
}


So far the movement speed works 100% like I would expect it to however trying to get the cooldown and comparing right now is causing a instant crash and can't figure out why.

Is it the way I'm dealing with trying to compare or perhaps I found a bad pointer to search for?
Back to top
View user's profile Send private message
ParkourPenguin
I post too much
Reputation: 138

Joined: 06 Jul 2014
Posts: 4275

PostPosted: Mon Aug 05, 2019 12:14 pm    Post subject: Reply with quote

gifty wrote:
So far using an basic gamemaker rpg to learn more about scripting and how to assembly

If that engine works by interpreting bytecode, that's a horrific way of learning assembly. Use a compiled language like C/C++ or at least a JIT-compiled language.

  1. Doubles take up 8 bytes (64 bits), not 4.
  2. newSpeed / newCooldown allocs need 8 bytes.
  3. newSpeed initial value needs to be (double)0 and not (float)0. The dq (declare quadword) is fine.
  4. Are you absolutely certain you need to save eflags? Don't do it just because you can. Actually look at the injection point and see what's necessary.
  5. Use mov edx,[esp] instead of pop edx / push edx.
  6. The above point is useless anyway since you're writing something else to edx right after it.
  7. mov edx, [ebp-2CDDA060] looks like a ridiculous instruction regardless of whether or not ebp is being used as a stack frame pointer.
  8. If you do need to back up eflags, you don't need to restore them just to back them up again a few instructions down. (same for edx)

Using {$try} / {$except} might help.
https://forum.cheatengine.org/viewtopic.php?p=5742699#5742699

_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
gifty
How do I cheat?
Reputation: 0

Joined: 05 Aug 2019
Posts: 2

PostPosted: Mon Aug 05, 2019 1:33 pm    Post subject: Reply with quote

ParkourPenguin wrote:
gifty wrote:
So far using an basic gamemaker rpg to learn more about scripting and how to assembly

If that engine works by interpreting bytecode, that's a horrific way of learning assembly. Use a compiled language like C/C++ or at least a JIT-compiled language.

  1. Doubles take up 8 bytes (64 bits), not 4.
  2. newSpeed / newCooldown allocs need 8 bytes.
  3. newSpeed initial value needs to be (double)0 and not (float)0. The dq (declare quadword) is fine.
  4. Are you absolutely certain you need to save eflags? Don't do it just because you can. Actually look at the injection point and see what's necessary.
  5. Use mov edx,[esp] instead of pop edx / push edx.
  6. The above point is useless anyway since you're writing something else to edx right after it.
  7. mov edx, [ebp-2CDDA060] looks like a ridiculous instruction regardless of whether or not ebp is being used as a stack frame pointer.
  8. If you do need to back up eflags, you don't need to restore them just to back them up again a few instructions down. (same for edx)

Using {$try} / {$except} might help.
/viewtopic.php?p=5742699#5742699


Thanks for the help. So didn't actually need the flag thought it was a good safety net in-case it was needed.

Also didn't know the try/except but still can't get the global cooldown so passing it now for in terms of handling player X,Y,Z and hopefully get a basic no-clip going with it. (Looking into handling key presses from /forum/viewtopic.php?t=603212&sid=afa2bd4ed884037e42e888d04336d497 using
Code:
push 56 // VK_V
call user32.GetAsyncKeyState
test ax,ax
jne DoStuff
)

Also any main reason to use *mov edx,[esp]* over the *pop edx / push edx*?
Code:
Back to top
View user's profile Send private message
ParkourPenguin
I post too much
Reputation: 138

Joined: 06 Jul 2014
Posts: 4275

PostPosted: Mon Aug 05, 2019 3:20 pm    Post subject: Reply with quote

"pop edx / push edx" replaces edx with whatever is at the top of the stack (hence its equivalency to "mov edx,[esp]"); however, since you're writing to edx right after that, it does effectively nothing.
_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites