|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
Evoked100 How do I cheat? Reputation: 0
Joined: 27 Jul 2020 Posts: 0
|
Posted: Mon Jul 27, 2020 7:08 am Post subject: [Help] Assembly Float Value |
|
|
i have one problem for "fmul dword ptr"
for search fmul dword used : D8 0D 74 50 XX XX D9 5D << XX is variable open/close game
Code: | trove.AK::SoundEngine::GetGlobalPluginContext+18D5 - D8 0D 7450B001 - fmul dword ptr [trove.exe+C15074] { [0.10] }
trove.AK::SoundEngine::GetGlobalPluginContext+18DB - D9 5D FC - fstp dword ptr [ebp-04]
trove.AK::SoundEngine::GetGlobalPluginContext+18DE - 74 14 - je trove.AK::SoundEngine::GetGlobalPluginContext+18F4
trove.AK::SoundEngine::GetGlobalPluginContext+18E0 - F3 0F10 86 DC000000 - movss xmm0,[esi+000000DC]
trove.AK::SoundEngine::GetGlobalPluginContext+18E8 - F3 0F59 45 FC - mulss xmm0,[ebp-04]
trove.AK::SoundEngine::GetGlobalPluginContext+18ED - F3 0F11 45 FC - movss [ebp-04],xmm0
trove.AK::SoundEngine::GetGlobalPluginContext+18F2 - EB 05 - jmp trove.AK::SoundEngine::GetGlobalPluginContext+18F9
trove.AK::SoundEngine::GetGlobalPluginContext+18F4 - F3 0F10 45 FC - movss xmm0,[ebp-04]
trove.AK::SoundEngine::GetGlobalPluginContext+18F9 - 80 BE CB000000 00 - cmp byte ptr [esi+000000CB],00 { 0 }
trove.AK::SoundEngine::GetGlobalPluginContext+1900 - 74 0D - je trove.AK::SoundEngine::GetGlobalPluginContext+190F
trove.AK::SoundEngine::GetGlobalPluginContext+1902 - F3 0F59 05 50BCAD01 - mulss xmm0,[trove.exe+BEBC50] { [0.40] }
|
how to i pick this 0.10 and change for 0.40?
Quote: | trove.AK::SoundEngine::GetGlobalPluginContext+18D5 - D8 0D 7450B001 - fmul dword ptr [trove.exe+C15074] { [0.10] } |
i have created this code for get original float for restore normal 0.10
Code: | define(penaddy,"trove.exe"+3FF595)
[ENABLE]
alloc(original,06)
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
label(myfloatvar)
registersymbol(original)
/////////////////////////////
original:
readmem(penaddy,06)
///////////////////////////
newmem:
originalcode:
fmul dword ptr [myfloatvar]
exit:
jmp returnhere
myfloatvar:
dd (float)99
penaddy:
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
penaddy:
readmem(original,06)
//Alt: db D8 0D 74 50 B0 01
dealloc(original)
unregistersymbol(original) |
thanks for help!!!
or 2 option :
Description: |
|
Filesize: |
91.88 KB |
Viewed: |
6254 Time(s) |
|
Description: |
|
Filesize: |
97.57 KB |
Viewed: |
6305 Time(s) |
|
|
|
Back to top |
|
|
OmegaXis How do I cheat? Reputation: 0
Joined: 21 Sep 2020 Posts: 1
|
Posted: Sat Sep 26, 2020 3:19 am Post subject: I'm not sure if it work since FPU reg was really confusing! |
|
|
Code: |
define(penaddy,"trove.exe"+3FF595)
[ENABLE]
alloc(original,06)
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
label(myfloatvar)
registersymbol(original)
/////////////////////////////
original:
readmem(penaddy,06)
///////////////////////////
newmem:
//Tip : since i don't know much about call function which might be very effective.
//place some compare or it will corrupt your data
//better to test your result in cheat engine tutorial application step 4 or 5 which have floating value in assemebly
//make sure to have backup of game saved file
originalcode:
push ebp //backup old stack in memory
push eax //for interger value storing
mov ebp,esp //createring new stack for float value
sub esp,10 //alloc space for new floating value
mov eax,(int)99
mov [ebp+8],eax //storing value in ebp+8
fstp dword ptr [ebp+8] //storing floating data in [ebp+8] and push out from stack : old value st(1) --> st(0)
// old value st(1) which restore it's position to st(0) which might be value you wanted to multiply by whatever you desire to
// set break point on your code to test out whether it works.
fild dword ptr [ebp+8] //loading floating interger value in stack --> st(0) ; old value st(0) --> st(1)
fmul dword ptr [ebp+8] // mulitiply st(0) with [ebp+8] and store in st(0) // st mean stack register
fstp dword ptr [ebp-04] // storing st(0) value --> [ebp-04]
pop eax
pop ebp //restoring old stack from memory
jmp returnhere
//your code:
fmul dword ptr [myfloatvar]
exit:
jmp returnhere
myfloatvar:
dd (float)99
penaddy:
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
penaddy:
readmem(original,06)
//Alt: db D8 0D 74 50 B0 01
dealloc(original)
unregistersymbol(original)
|
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|