FearLess Cheat Engine

Community Cheat Tables of Cheat Engine
https://fearlessrevolution.com/

[SOLVED] AutoAssemble and float values

https://fearlessrevolution.com/viewtopic.php?f=15&t=4249

Page 1 of 1

[SOLVED] AutoAssemble and float values

Posted: Sat Jul 22, 2017 6:50 pm
by 3oddbits
I am trying to use a AoB Code Injection to lock-in a constantly overwritten static address / constant ( float type ) value.
Tried using the FPU commands but couldn't figure out how to get a float ( example : 0.67 ) generated in the FPU.

Question #1 :
I my searches, I stumbled across this in the CE Forums :

Code: Select all

mov [eax],(int)500000
Is there a float version of this command, and is that value NOT in Hex? ( It still works in AutoAssemble )

Question #2 :

Code: Select all

game.exe+5D987C - 00 00                 - add [eax],al
The values contained in the registers before the 'add' command executed, how do I determine what they are?

Question #3 :
'eax' is a 32bit register, 'al' is an 8bit register. How does the 'Qword/Dword/Word/Byte' designation effect the numbers contained and their manipulation? ( I do not understand what is going on in these code snippet(s). )

Code: Select all

game.exe+5D984C - 00 80 BB439A99        - add [eax-6665BC45],al
game.exe+5D9852 - 99                    - cdq			// cdq == Convert Word to Doubleword / Convert Doubleword to Quadword
game.exe+5D9853 - 3E 1A 00              - sbb al,byte ptr [eax]	// sbb == Integer Subtraction with Borrow
----
game.exe+5D986D - 00 80 3E9A9919        - add [eax+19999A3E],al
game.exe+5D9873 - 3F                    - aas			// aas == ASCII Adjust AL after Subtraction
Any help is appreciated.
Thanks.

Re: [HELP] AutoAssemble and float values

Posted: Sat Jul 22, 2017 8:19 pm
by Squall8
Question 1: mov [eax],(float)500000 (yes its a decimal value)

Question 2: Do you know what is in Eax before hand? If you do its just simple math. If you don't, set a breakpoint on that instruction. It'll tell you what it was before it has a chance to execute.

Question 3: CDQ just converts a Dword to Qword. It sets the Signed Flag and extends the signed bytes of what looks like in this case Eax--->Edx.
CWD is basically the same. Converts whatever register (ax,bx..) and moves signed bytes into dx.

SBB subtracts the the value of the Source+Carry Flag from the destination. You'll need to follow the code a few lines up with break and trace to get a better grasp.

Not sure about AAS.

qword - 8 Byte Value
dword - 4 Byte
word - 2 Byte
byte - Pretty Obvious lol

Re: [HELP] AutoAssemble and float values

Posted: Mon Jul 24, 2017 1:41 am
by 3oddbits
@squall8

Thanks for the info.

Taking some time to learn about the 'breakpoint' tool.

One thing is becoming clear, the code base for this game is really screwy.
Put '- add [eax],al' thirty times / lines, consecutively, for a rough picture of it.

Re: [HELP] AutoAssemble and float values

Posted: Mon Jul 24, 2017 2:24 am
by FreeER

Code: Select all

add [eax],al
is just 0 bytes which is almost certainly just unused memory when you have several of them in a row (it was initialized to 0 to prevent data leakage from the previous program that used the memory but is unused by the current program). The same thing will happen when you allocate memory from CE, it's initially set to 0, and if you accidentally forget to jmp back you'll find yourself executing that "code" until it inevitably crashes lol

Re: [HELP] AutoAssemble and float values

Posted: Fri Aug 04, 2017 9:50 pm
by 3oddbits
@FreeER

Thanks for the info.

I think that I might probe even further back on "what accesses this".
The true value has to be read in from the disk at some point.
Locating that would work around the constant overwrite problem.

Re: [SOLVED] AutoAssemble and float values

Posted: Fri Feb 09, 2018 2:51 pm
by movss
yes,the answer of FreeER is correct,
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited