 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Jiehfeng
Expert Cheater
 Reputation: 0
Joined: 03 Jan 2014
Posts: 107
|
 Posted: Tue Aug 16, 2016 11:36 am Post subject: Compare Strings? |
 |
|
A simple as that. Is there a way to use "cmp" with a string word?
Say [ecs+95] to Potato?
_________________
I know you're reading this, Hitler. |
|
| Back to top |
|
 |
Matze500
Expert Cheater
![]() Reputation: 8
Joined: 25 Jan 2012
Posts: 241
Location: Germany
|
| Posted: Tue Aug 16, 2016 11:49 am Post subject: |
|
|
Hi its easy
cmp dword ptr [ecx+95],'Pota'
jne location
cmp word ptr [ecx+99],'to'
jne location
Greets Matze
_________________
Last edited by Matze500 on Wed Aug 17, 2016 7:30 am; edited 1 time in total |
|
| Back to top |
|
|
ParkourPenguin
I post too much
 Reputation: 152
Joined: 06 Jul 2014
Posts: 4702
|
|
| Back to top |
|
|
Zanzer
I post too much
![]() Reputation: 126
Joined: 09 Jun 2013
Posts: 3278
|
| Posted: Tue Aug 16, 2016 5:27 pm Post subject: |
|
|
Need to change that second one to:
| Code: | | cmp word ptr [ecx+99],'to' |
|
|
| Back to top |
|
|
Jiehfeng
Expert Cheater
Reputation: 0
Joined: 03 Jan 2014
Posts: 107
|
| Posted: Tue Aug 16, 2016 10:42 pm Post subject: |
|
|
| Zanzer wrote: | Need to change that second one to:
| Code: | | cmp word ptr [ecx+99],'to' |
|
So 4 characters max?
| Code: |
cmp word ptr [ecx+95],'Pota'
cmp word ptr [ecx+99],'to'
|
And the offset must be added to the number of characters compared to?[/code]
_________________
I know you're reading this, Hitler. |
|
| Back to top |
|
|
Dark Byte
Site Admin
 Reputation: 470
Joined: 09 May 2003
Posts: 25796
Location: The netherlands
|
| Posted: Wed Aug 17, 2016 4:26 am Post subject: |
|
|
| Code: |
cmp dword ptr [ecx+95],'Pota'
cmp word ptr [ecx+95+4],'to'
|
(
you could also use rep movs*[b, w, d].
set esi to the source string
set edi to the destination string
set ecx to the number of steps.
movsb is 1 byte at a time
movsw is 2 bytes at a time
movsd is 4 bytes at a time
)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Redouane
Master Cheater
![]() Reputation: 3
Joined: 05 Sep 2013
Posts: 363
Location: Algeria
|
| Posted: Wed Aug 17, 2016 10:58 am Post subject: |
|
|
| Dark Byte wrote: | | Code: |
cmp dword ptr [ecx+95],'Pota'
cmp word ptr [ecx+95+4],'to'
|
(
you could also use rep movs*[b, w, d].
set esi to the source string
set edi to the destination string
set ecx to the number of steps.
movsb is 1 byte at a time
movsw is 2 bytes at a time
movsd is 4 bytes at a time
) |
That operation is to move strings (like lstrcpy), he asked to compare them.
Do this, it's like Dark Byte's solution:
set rcx (or ecx) to the length of the strings, set rsi (or esi) to point to the first string, and rdi (or edi) to the second one, then run rep cmps[b, w, d]
|
|
| Back to top |
|
|
Jiehfeng
Expert Cheater
Reputation: 0
Joined: 03 Jan 2014
Posts: 107
|
| Posted: Wed Aug 17, 2016 11:10 am Post subject: |
|
|
I'm sorry but I don't understand completely. Maybe an example?
But I managed to get it right using this:
| Code: |
cmp word ptr [ebx+15],'Da'
cmp word ptr [ebx+17],'ve'
|
Apparently two characters max per cmp is only possible.
_________________
I know you're reading this, Hitler. |
|
| Back to top |
|
|
ParkourPenguin
I post too much
Reputation: 152
Joined: 06 Jul 2014
Posts: 4702
|
| Posted: Wed Aug 17, 2016 11:28 am Post subject: |
|
|
Selectively ignoring help won't help you.
| Dark Byte wrote: | | Code: | cmp dword ptr [ecx+95],'Pota'
cmp word ptr [ecx+95+4],'to' |
|
Use "dataSize ptr" to specify the size of the value at the memory region being accessed. word ptr = 2 bytes, dword ptr = 4 bytes.
Example using rep cmpsb:
| Code: | createthread(derp)
derp:
mov esi,str1
mov edi,str2
mov ecx,6
mov eax,ecx
rep cmpsb
sub eax,ecx
mov [differentCharPos],eax
ret
str1:
db 'abcde',0
str2:
db 'abcgh',0
differentCharPos: // will be set to 4 when derp is executed
dd 0 |
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
Redouane
Master Cheater
![]() Reputation: 3
Joined: 05 Sep 2013
Posts: 363
Location: Algeria
|
| Posted: Wed Aug 17, 2016 11:36 am Post subject: |
|
|
| Jiehfeng wrote: | I'm sorry but I don't understand completely. Maybe an example?
But I managed to get it right using this:
| Code: |
cmp word ptr [ebx+15],'Da'
cmp word ptr [ebx+17],'ve'
|
Apparently two characters max per cmp is only possible. |
To compare the string pointed to by ebx+15 with Dave, we could do the following:
1) one line comparison
| Code: | | cmp dword ptr [ebx+15], "Dave" |
Case sensitive? : Yes
Works only on 4 byte strings (you'll have to chain comparisons for longer strings)
2) rep cmps[b,w,d]
| Code: |
label(davestring)
davestring:
db 'Dave', 0
// CODE
mov ecx, 4 // string is 4 bytes
lea esi, [ebx+15] // esi now contains the address to the first string
mov edi, davestring // edi now points to "Dave"
rep cmpsb
je label // if the two strings are equal, it'll jump
// other code : not equal |
Case sensitive? : Yes
Will also work on long strings
3) Windows API
| Code: |
label(davestring)
davestring:
db 'Dave', 0
// CODE
// in C/C++, we call lStrCmp(pointer to string1,pointer to string2) and it returns 0 if the two strings are equal
// you must push pointers to the two strings, we push in the reverse order
push ebx
add [esp], 15 // after this, we have ebx+15 on the top of the stack
push davestring
call lstrcmpA // A because it's ASCII, not unicode
cmp eax, 0
je label // if it jumps, they are equal
// They aren't equal |
Case Sensitive? : Yes, can be made insensitive by calling lstrcmpiA instead of lstrcmpA.
Will also work on longer strings.
|
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Wed Aug 17, 2016 4:35 pm Post subject: |
|
|
There are a lot of ways to do it. Here is an excerpt from one of my Banished tables that shows a compare of two strings (bean and beef). Since they are both similar, I incorporated a filter. I used hex instead of strings, but that doesn't matter:
| Code: | newmem:
push edi
mov edi,[ebx+0]
mov edi,[edi+18]
mov edi,[edi+0]
mov edi,[edi+4]
mov edi,[edi+28]
cmp edi,00650042
pop edi
je filter_be
jmp originalcode
filter_be:
push edi
mov edi,[ebx+0]
mov edi,[edi+18]
mov edi,[edi+0]
mov edi,[edi+4]
mov edi,[edi+2C]
cmp edi,006E0061
pop edi
je bean
push edi
mov edi,[ebx+0]
mov edi,[edi+18]
mov edi,[edi+0]
mov edi,[edi+4]
mov edi,[edi+2C]
cmp edi,00660065
pop edi
je beef
jmp originalcode |
|
|
| Back to top |
|
|
Jiehfeng
Expert Cheater
Reputation: 0
Joined: 03 Jan 2014
Posts: 107
|
| Posted: Sat Aug 20, 2016 8:07 am Post subject: |
|
|
Tried everything, thanks everyone! ^o^
_________________
I know you're reading this, Hitler. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
