 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Loset
Cheater
![]() Reputation: 0
Joined: 18 Apr 2015
Posts: 34
|
 Posted: Wed May 01, 2019 1:25 pm Post subject: Why does changing rsp, Crash my game in a new thread? |
 |
|
| Code: | [ENABLE]
//alloc(newmem,256)
alloc(threadMem,512)
alloc(context,256)
alloc(argumentArray, 256)
alloc(var1,16)
alloc(nativeRes, 512)
registersymbol(context)
registersymbol(threadMem)
registersymbol(argumentArray)
registersymbol(var1)
registersymbol(nativeRes)
threadMem:
mov [context],argumentArray
mov [context+8],0x00
mov [var1], 0x43A66C31C68491C0
mov [argumentArray], var1
push rsp
//mov rsp, nativeRes <---- This causes crash
mov rdx, context
mov rcx,0x43A66C31C68491C0
pop rsp
ret
createThread(threadMem)
//newmem:
//push rax
//mov rax,context
//push ebx
//mov rbx,0x43A66C31C68491C0
[DISABLE]
//dealloc(newmem)
dealloc(context)
dealloc(threadMem)
dealloc(argumentArray)
dealloc(var1)
dealloc(nativeRes)
unregistersymbol(context)
unregistersymbol(threadMem)
unregistersymbol(argumentArray)
unregistersymbol(var1)
unregistersymbol(nativeRes)
|
With the code above I'm creating a struct I need to call a function later,
but as soon as I mov to rsp, I crash, Not sure why? this is a new thread I'm running it in.
|
|
| Back to top |
|
 |
ParkourPenguin
I post too much
 Reputation: 152
Joined: 06 Jul 2014
Posts: 4702
|
| Posted: Wed May 01, 2019 8:55 pm Post subject: |
|
|
rsp is the stack pointer. It's what's used for push/pop instructions. When you move a random value into it, that changes where push/pop instructions access memory. Use some other register.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
Dark Byte
Site Admin
 Reputation: 470
Joined: 09 May 2003
Posts: 25794
Location: The netherlands
|
| Posted: Wed May 01, 2019 8:58 pm Post subject: |
|
|
pop RSP will read the value stored at nativeRes and place that in RSP. Since it's uninitialized, it's likely 0
You need to store the original RSP value in either a register or in nativeRes or another known memory location
| Code: |
alloc(oldrsp,8)
mov [oldrsp],rsp
.. do stuff..
mov rsp,[oldrsp]
|
Also, RSP tends to go down, so I recommend changing RSP nativeRes+1f8
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Loset
Cheater
![]() Reputation: 0
Joined: 18 Apr 2015
Posts: 34
|
| Posted: Fri May 03, 2019 5:02 am Post subject: |
|
|
| Dark Byte wrote: | pop RSP will read the value stored at nativeRes and place that in RSP. Since it's uninitialized, it's likely 0
You need to store the original RSP value in either a register or in nativeRes or another known memory location
| Code: |
alloc(oldrsp,8)
mov [oldrsp],rsp
.. do stuff..
mov rsp,[oldrsp]
|
Also, RSP tends to go down, so I recommend changing RSP nativeRes+1f8 |
I can't use other register as the game uses rsp to know where to take values from.
Thanks for the advice Dark Byte, Will try.
Also another thing, I tried to debug it before coming here but couldn't get it to work
| Code: |
{$lua}
debug_setBreakpoint(threadMem)
{$asm}
|
breakpoints was always on address 0, Like it didn't even detect the symbol,
And even if I tried manually setting breakpoint on the address, And then with CE to createThread there, It didn't land on the breakpoint =\
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
