The easiest thing is to set it to a constant value.
Code:
...
newmem:
cmp eax,008C775C
jne exit
mov ecx,(float)67.46270752
exit:
mov [eax+08],ecx
ret 0004
...
You could also change this so that it sets ecx to the value of a registered symbol so you can control it from the address list.
If you need the game to control it, that's going to be annoying. I don't think what you're trying will work- I'd guess the `fld` / `fsub` instructions that access that address probably indirectly affect the value being written to that same address in the `mov` instruction.
Perhaps one of those two instructions is used to render the view, while the other is used to update the value.
Try injecting code at `fld dword ptr [ecx+08]` instead (again, use either the full injection or the aobscan templates). The injected code will look something like this:
Code:
alloc(newmem,2048)
alloc(offsetVal,4)
label(exit)
registersymbol(offsetVal) // don't forget `unregistersymbol` in disable
offsetVal:
dd (float)30
newmem:
fld dword ptr [ecx+08]
cmp ecx,008C775C // this might not be necessary if the previous `fld` doesn't access any other addresses
jne exit
fadd dword ptr [offsetVal]
exit:
// other original code here
jmp return
...
(try only this- don't have other code injections active)
If that doesn't work, you could try the same thing on the `fsub` instruction, but instead of `fadd dword ptr [offsetVal]` you'd use `fsub dword ptr [offsetVal]` (because `a - ( b + c ) == a - b - c`) _________________
I don't know where I'm going, but I'll figure it out when I get there.
All times are GMT - 6 Hours Goto page Previous1, 2
Page 2 of 2
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum