 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
iaen
How do I cheat?
![]() Reputation: 0
Joined: 08 Dec 2022
Posts: 2
|
 Posted: Thu Dec 08, 2022 11:29 am Post subject: Change only HP without armor |
 |
|
Hi guys, I have a question. I should modify the following code and make sure that only hp and not hp+armor are set (now the code modifies both hp and armor, I should only modify hp). Do you know how to change this code? Thank you in advance! 
| Code: | [ENABLE]
aobscanmodule(Health,Youngblood_x64vk.exe,10 8B C2 4C 8B C2 C1 CA 03 49 C1 E8 20 4C 33 C0 8B CA)
alloc(newmem,$1000,Health)
label(return)
registersymbol(Health)
newmem:
mov r8,(float)25
mov ecx,edx
jmp return
Health+0D:
jmp newmem
return:
[DISABLE]
Health+0D:
db 4C 33 C0 8B CA
unregistersymbol(Health)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: Youngblood_x64vk.exe+DE7D1B
Youngblood_x64vk.exe+DE7CFE: CC - int 3
Youngblood_x64vk.exe+DE7CFF: CC - int 3
Youngblood_x64vk.exe+DE7D00: 4C 8B D1 - mov r10,rcx
Youngblood_x64vk.exe+DE7D03: 48 63 C2 - movsxd rax,edx
Youngblood_x64vk.exe+DE7D06: 4C 6B C8 38 - imul r9,rax,38
Youngblood_x64vk.exe+DE7D0A: 49 8B 54 09 10 - mov rdx,[r9+rcx+10]
Youngblood_x64vk.exe+DE7D0F: 8B C2 - mov eax,edx
Youngblood_x64vk.exe+DE7D11: 4C 8B C2 - mov r8,rdx
Youngblood_x64vk.exe+DE7D14: C1 CA 03 - ror edx,03
Youngblood_x64vk.exe+DE7D17: 49 C1 E8 20 - shr r8,20
// ---------- INJECTING HERE ----------
Youngblood_x64vk.exe+DE7D1B: 4C 33 C0 - xor r8,rax
// ---------- DONE INJECTING ----------
Youngblood_x64vk.exe+DE7D1E: 8B CA - mov ecx,edx
Youngblood_x64vk.exe+DE7D20: 49 33 C8 - xor rcx,r8
Youngblood_x64vk.exe+DE7D23: 8B C2 - mov eax,edx
Youngblood_x64vk.exe+DE7D25: 48 C1 E1 20 - shl rcx,20
Youngblood_x64vk.exe+DE7D29: 48 0B C8 - or rcx,rax
Youngblood_x64vk.exe+DE7D2C: 44 89 44 24 10 - mov [rsp+10],r8d
Youngblood_x64vk.exe+DE7D31: F3 0F 10 44 24 10 - movss xmm0,[rsp+10]
Youngblood_x64vk.exe+DE7D37: 4B 89 4C 11 10 - mov [r9+r10+10],rcx
Youngblood_x64vk.exe+DE7D3C: C3 - ret
Youngblood_x64vk.exe+DE7D3D: CC - int 3
} |
|
|
| Back to top |
|
 |
ParkourPenguin
I post too much
 Reputation: 152
Joined: 06 Jul 2014
Posts: 4717
|
| Posted: Thu Dec 08, 2022 1:13 pm Post subject: |
|
|
That `shr` / `xor` pair looks like basic xor obfuscation. Could also be floating point shenanigans I suppose.
Open the disassembler, find the instruction `mov rdx,[r9+rcx+10]`, and select "Find out what addresses this instruction accesses". Play the game for a little while to let CE capture information. After that, see step 9 of the CE tutorial.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
iaen
How do I cheat?
![]() Reputation: 0
Joined: 08 Dec 2022
Posts: 2
|
| Posted: Thu Dec 08, 2022 1:23 pm Post subject: |
|
|
| ParkourPenguin wrote: | That `shr` / `xor` pair looks like basic xor obfuscation. Could also be floating point shenanigans I suppose.
Open the disassembler, find the instruction `mov rdx,[r9+rcx+10]`, and select "Find out what addresses this instruction accesses". Play the game for a little while to let CE capture information. After that, see step 9 of the CE tutorial. |
Thanks for your reply but I don't understand well, could you be more clear? Anyway, if maybe you want to modify it yourself
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
