| View previous topic :: View next topic |
| Author |
Message |
KryziK
Expert Cheater
![]() Reputation: 3
Joined: 16 Aug 2009
Posts: 199
|
 Posted: Wed Jul 07, 2010 8:07 pm Post subject: How to Read or Edit Registers? |
 |
|
I have these lines:
| Code: | 00440DDF |. DD05 D0854D00 FLD QWORD PTR DS:[4D85D0] ; FLOAT 45.00000000000000
00440DE5 |. E8 761A0500 CALL 00492860
00440DEA |. 50 PUSH EAX ; <%d> = 45.
|
If I set a breakpoint on that last line, I get the following information in the registers:
| Code: | EAX 0000002D
ST7 empty 45.000000000000000000
|
I need to, at MINIMUM, edit this float (outside of Cheat Engine).
How would I go about doing this?
Do I need to provide more lines?
Thanks, John.
|
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 470
Joined: 09 May 2003
Posts: 25796
Location: The netherlands
|
| Posted: Wed Jul 07, 2010 8:32 pm Post subject: |
|
|
call SetThreadContext (or other context changing routine) after the breakpoint hits
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
KryziK
Expert Cheater
![]() Reputation: 3
Joined: 16 Aug 2009
Posts: 199
|
| Posted: Wed Jul 07, 2010 8:34 pm Post subject: |
|
|
I'm not quite sure what you mean.
I found these registers with OllyDbg, and I want to edit them through programming. The programming part will be automated and so there will not be any breakpoint when running like it should, unless there NEEDS to be...
|
|
| Back to top |
|
|
justa_dude
Grandmaster Cheater
 Reputation: 23
Joined: 29 Jun 2010
Posts: 891
|
| Posted: Wed Jul 07, 2010 9:27 pm Post subject: |
|
|
You say that you want to edit it via programming, but you don't say what language or methodology.
programmers-corner dot com/tutorial/31 is a pretty good asm tutorial on floating-point operations. I presume that you could inject some code to FST the value before the function call.
|
|
| Back to top |
|
|
KryziK
Expert Cheater
![]() Reputation: 3
Joined: 16 Aug 2009
Posts: 199
|
| Posted: Wed Jul 07, 2010 9:41 pm Post subject: |
|
|
Well, I figured the language didn't matter much because it never has. DarkByte usually just posts links to functions found on MSDN.
To be specific though, I'm using DLL Calls through AutoIt.
Functions like WriteProcessMemory, ReadProcessMemory, VirtualQueryEx are what I understand, to give you an idea of what I'm used to getting from DB. 
|
|
| Back to top |
|
|
igoticecream
Grandmaster Cheater Supreme
 Reputation: 0
Joined: 23 Apr 2006
Posts: 1807
Location: 0x00400000
|
| Posted: Wed Jul 21, 2010 11:07 am Post subject: |
|
|
I don't quite understand your question... anyways, this is how you read and change registers
| Code: |
#include <windows.h>
#include <process.h>
#include <stdio.h>
#include <assert.h>
void mythreadfunc(void *data)
{
...
_exitthread();
}
void changeThreadState()
{
HANDLE thread = (HANDLE)_beginthread( mythreadfunc, 0, NULL );
CONTEXT context;
BOOL success;
SuspendThread(thread);
// get context
context.ContextFlags = (CONTEXT_FULL);
success = GetThreadContext(thread, &context);
assert(success);
printf( "eax=%08X, ebx=%08X, ecx=%08X\n",
context.Eax, context.Ebx, context.Ecx );
// change context (dangerous, can crash program)
context.Eax = 0x1234BBBB;
context.Ecx = 0x2468ABCD;
success = SetThreadContext(thread, &context);
assert(success);
ResumeThread(thread);
// the resumed thread should see different values of eax, and ecx
}
|
Example belong to this link: http://msdn.microsoft.com/en-us/library/ms679362%28VS.85%29.aspx
_________________
+~ |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
