 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
ParkourPenguin
I post too much
 Reputation: 152
Joined: 06 Jul 2014
Posts: 4695
|
 Posted: Tue Oct 01, 2024 11:27 am Post subject: |
 |
|
The easiest thing is to set it to a constant value.
| Code: | ...
newmem:
cmp eax,008C775C
jne exit
mov ecx,(float)67.46270752
exit:
mov [eax+08],ecx
ret 0004
... |
You could also change this so that it sets ecx to the value of a registered symbol so you can control it from the address list.
If you need the game to control it, that's going to be annoying. I don't think what you're trying will work- I'd guess the `fld` / `fsub` instructions that access that address probably indirectly affect the value being written to that same address in the `mov` instruction.
Perhaps one of those two instructions is used to render the view, while the other is used to update the value.
Try injecting code at `fld dword ptr [ecx+08]` instead (again, use either the full injection or the aobscan templates). The injected code will look something like this:
| Code: | alloc(newmem,2048)
alloc(offsetVal,4)
label(exit)
registersymbol(offsetVal) // don't forget `unregistersymbol` in disable
offsetVal:
dd (float)30
newmem:
fld dword ptr [ecx+08]
cmp ecx,008C775C // this might not be necessary if the previous `fld` doesn't access any other addresses
jne exit
fadd dword ptr [offsetVal]
exit:
// other original code here
jmp return
... |
(try only this- don't have other code injections active)
If that doesn't work, you could try the same thing on the `fsub` instruction, but instead of `fadd dword ptr [offsetVal]` you'd use `fsub dword ptr [offsetVal]` (because `a - ( b + c ) == a - b - c`)
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
 |
icebox616
How do I cheat?
![]() Reputation: 0
Joined: 28 Sep 2024
Posts: 6
|
| Posted: Tue Oct 29, 2024 11:21 am Post subject: |
|
|
As un update on this, I ultimately did manage to successfully achieve what I wanted to make and wouldn't had done it without your help, so thank you truly.
I am now in the process of doing the same (camera) mod for another game, given I now know how the general implementation of it will be, based off the previous one, I figured it would be pretty quick work.
But I'm stuck on something.
This is the original code of interest
Similarly to what I ended up doing for the other game.
I just need to take r10d and increase it by X amount (defined by the value of my addvalCamZ address before pushing it into rdx).
I assume something similar to what we did previously, but I can't quite figure out how to adapt this code to this new 64-bit context
| Code: |
// backup xmm0
sub esp,10
movups [esp],xmm0
//we get our increased ecx
movd xmm0,ecx
addss xmm0,[addvalCamZ]
movd ecx,xmm0
// restore xmm0
movups xmm0,[esp]
add esp,10
mov [eax+08],ecx
|
Edit:
Figured it out, it wasn't that hard after all
| Code: |
// backup xmm4
sub rsp,10
movups [rsp],xmm4
//we get our increased r10d
movd xmm4,r10d
addss xmm4,[addvalCamZ]
movd r10d,xmm4
// restore xmm4
movups xmm4,[rsp]
add rsp,10
|
but on the other hand while trying to do a compare I can't seem to compile
| Code: |
cmp rdx,29273C1C240
|
while used to work just fine |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
