Cheat Engine :: View topic - About the "X18 XOR" Custom Type

Cheat Engine
The Official Site of Cheat Engine

FAQ

Memberlist

Usergroups

Profile

About the "X18 XOR" Custom Type

Cheat Engine Forum Index -> Cheat Engine

View previous topic :: View next topic

Author

Message

liekong1991
How do I cheat?

Reputation: 0

Joined: 08 Feb 2020
Posts: 6

Posted: Sat Feb 08, 2020 5:35 am Post subject: About the "X18 XOR" Custom Type

I just dont really understand the code's meaning, "X18" means what?

Code:

alloc(ConvertRoutine,1024)
alloc(ConvertBackRoutine,1024)
alloc(TypeName,256)
alloc(ByteSize,4)
alloc(UsesFloat,1)
alloc(CallMethod,1)
alloc(PREFEREDALIGNMENT,4)
PREFEREDALIGNMENT:
dd 4

TypeName:
db 'X18 XOR',0

ByteSize:
dd 36

UsesFloat:
db 0 //Change to 1 if this custom type should be treated as a float

CallMethod:
db 1 //Remove or change to 0 for legacy call mechanism

//The convert routine should hold a routine that converts the data to an integer (in eax)
//function declared as: cdecl int ConvertRoutine(unsigned char *input, PTR_UINT address);
//Note: Keep in mind that this routine can be called by multiple threads at the same time.
ConvertRoutine:
//jmp dllname.functionname
[64-bit]
//or manual:
//parameters: (64-bit)
//rcx=address of input
//rdx=address
mov eax,[rcx] //eax now contains the bytes 'input' pointed to
xor eax,[rcx+18]

ret
[/64-bit]

[32-bit]
//jmp dllname.functionname
//or manual:
//parameters: (32-bit)
push ebp
mov ebp,esp
//[ebp+8]=address of input
//[ebp+c]=address
//example:

push ebx
mov ebx,[ebp+8] //place the address that contains the bytes into eax
mov eax,[ebx] //place the bytes into eax so it's handled as a normal 4 byte value
xor eax,[ebx+18]

pop ebx

pop ebp
ret
[/32-bit]

//The convert back routine should hold a routine that converts the given integer back to a row of bytes (e.g when the user wats to write a new value)
//function declared as: cdecl void ConvertBackRoutine(int i, PTR_UINT address, unsigned char *output);
ConvertBackRoutine:
//jmp dllname.functionname
//or manual:
[64-bit]
//parameters: (64-bit)
//ecx=input
//rdx=address
//r8=address of output
//example:
xor ecx,[r8+18]
mov [r8],ecx //place the integer at the 4 bytes pointed to by r8

ret
[/64-bit]

[32-bit]
//parameters: (32-bit)
push ebp
mov ebp,esp
//[ebp+8]=input
//[ebp+c]=address
//[ebp+10]=address of output
//example:
push eax
push ebx
mov eax,[ebp+8] //load the value into eax
mov ebx,[ebp+10] //load the output address into ebx
xor eax,[ebx+18]
mov [ebx],eax //write the value into the address
pop ebx
pop eax

pop ebp
ret
[/32-bit]

[/code]

Dark Byte
Site Admin

Reputation: 470

Joined: 09 May 2003
Posts: 25807
Location: The netherlands

Posted: Sat Feb 08, 2020 5:41 am Post subject:

looks like that 0x18 bytes after the value is a xor key , so it 'decodes' the value with the key _________________ Do not ask me about online cheats. I don't know any and wont help finding them. Like my help? Join me on Patreon so i can keep helping

liekong1991
How do I cheat?

Reputation: 0

Joined: 08 Feb 2020
Posts: 6

Posted: Sat Feb 08, 2020 6:21 am Post subject:

Dark Byte wrote:

looks like that 0x18 bytes after the value is a xor key , so it 'decodes' the value with the key

Anywhere shows the value's length? Is it a 4 byte long value ?

Display posts from previous:

	Cheat Engine Forum Index -> Cheat Engine	All times are GMT - 6 Hours
Page 1 of 1

Jump to:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum