[SOLVED] Convert Little Endian to Big Endian in Script

Memory scanning, code injection, debugger internals and other gamemodding related discussion
Post Reply
Bloodybone
Expert Cheater
Expert Cheater
Posts: 95
Joined: Thu Aug 03, 2017 6:19 am
Reputation: 7

[SOLVED] Convert Little Endian to Big Endian in Script

Post by Bloodybone » Wed Dec 27, 2017 3:39 pm

In my Script i have this code:

Code: Select all

player1:
cmp [player1cmp],1
jne code
mov [player1cmp],0
push rcx
mov ecx,[player1coinsvalue] // My Value
mov [rbx+rdi+1C],ecx
pop rcx
jmp code
What i want is: I want my value to be a little Endian but it has to be converted into Big Endian because [rbx+rdi+1C] is Big Endian.
I can offcourse just manualy convert my value into Big Endian but i want it to be a little Endian, I already tried bswap ecx but it doesn't work, maybe i'm just doing something wrong... I hope someone can help me out :)
Last edited by Bloodybone on Thu Dec 28, 2017 12:49 am, edited 1 time in total.

Acido
Cheater
Cheater
Posts: 35
Joined: Wed Dec 20, 2017 2:11 am
Reputation: 8

Re: Convert Little Endian to Big Endian in Script

Post by Acido » Thu Dec 28, 2017 12:08 am

So you're saying the following does not work? cause it should.

mov ecx, DWORD PTR [player1coinsvalue]
bswap ecx
mov DWORD PTR [rbx+rdi+1C],ecx

Bloodybone
Expert Cheater
Expert Cheater
Posts: 95
Joined: Thu Aug 03, 2017 6:19 am
Reputation: 7

Re: Convert Little Endian to Big Endian in Script

Post by Bloodybone » Thu Dec 28, 2017 12:17 am

Acido wrote:
Thu Dec 28, 2017 12:08 am
So you're saying the following does not work? cause it should.

mov ecx, DWORD PTR [player1coinsvalue]
bswap ecx
mov DWORD PTR [rbx+rdi+1C],ecx
Yes, it doensn't work... If i put any value in [player1coinsvalue] the outcome is 0 but if i don't do the bswap ecx and put a Big Endian value in there it works here is the whole code, maybe it helps:
[ENABLE]
aobscan(coins1,0F B7 74 3B 1C 0F CE C1 FE 10 89)
alloc(newmem,$100,coins1)

label(code)
label(return)
label(player1)
label(player2)
label(player3)
label(player4)
label(player1cmp)
label(player2cmp)
label(player3cmp)
label(player4cmp)
label(player1coinsvalue)
label(player2coinsvalue)
label(player3coinsvalue)
label(player4coinsvalue)
registersymbol(player1cmp)
registersymbol(player2cmp)
registersymbol(player3cmp)
registersymbol(player4cmp)
registersymbol(player1coinsvalue)
registersymbol(player2coinsvalue)
registersymbol(player3coinsvalue)
registersymbol(player4coinsvalue)

newmem:
cmp al,FC
je player1
cmp al,FD
je player2
cmp al,FE
je player3
cmp al,FF
je player4
jmp code

player1:
cmp [player1cmp],1
jne code
mov [player1cmp],0
push rcx
mov ecx,[player1coinsvalue]
mov [rbx+rdi+1C],ecx
pop rcx
jmp code

player2:
cmp [player2cmp],1
jne code
mov [player2cmp],0
push rcx
mov ecx,[player2coinsvalue]
mov [rbx+rdi+1C],ecx
pop rcx
jmp code

player3:
cmp [player3cmp],1
jne code
mov [player3cmp],0
push rcx
mov ecx,[player3coinsvalue]
mov [rbx+rdi+1C],ecx
pop rcx
jmp code

player4:
cmp [player4cmp],1
jne code
mov [player4cmp],0
push rcx
mov ecx,[player4coinsvalue]
mov [rbx+rdi+1C],ecx
pop rcx
jmp code

code:
movzx esi,word ptr [rbx+rdi+1C]
jmp return

player1cmp:
dd 0

player2cmp:
dd 0

player3cmp:
dd 0

player4cmp:
dd 0

player1coinsvalue:
dq 0

player2coinsvalue:
dq 0

player3coinsvalue:
dq 0

player4coinsvalue:
dq 0

coins1:
jmp newmem
return:
registersymbol(coins1)

[DISABLE]

coins1:
db 0F B7 74 3B 1C

unregistersymbol(coins1)
dealloc(newmem)
unregistersymbol(player1cmp)
unregistersymbol(player2cmp)
unregistersymbol(player3cmp)
unregistersymbol(player4cmp)
unregistersymbol(player1coinsvalue)
unregistersymbol(player2coinsvalue)
unregistersymbol(player3coinsvalue)
unregistersymbol(player4coinsvalue)

Acido
Cheater
Cheater
Posts: 35
Joined: Wed Dec 20, 2017 2:11 am
Reputation: 8

Re: Convert Little Endian to Big Endian in Script

Post by Acido » Thu Dec 28, 2017 12:25 am

Bloodybone wrote:
Thu Dec 28, 2017 12:17 am
Yes, it doensn't work... If i put any value in [player1coinsvalue] the outcome is 0 but if i don't do the bswap ecx and put a Big Endian value in there it works here is the whole code, maybe it helps:

Okay, but the code is correct so if it doesn't work something else is going on. Are you sure the value stored is 4 bytes? i see further down you're only moving 2 bytes into esi before returning to the original code.

If you're just converting a 16bit value you can just do this:
mov cx, WORD PTR [player1coinsvalue]
xchg cl,ch
mov WORD PTR [rbx+rdi+1C],cx
Last edited by Acido on Thu Dec 28, 2017 12:54 am, edited 2 times in total.

Bloodybone
Expert Cheater
Expert Cheater
Posts: 95
Joined: Thu Aug 03, 2017 6:19 am
Reputation: 7

Re: Convert Little Endian to Big Endian in Script

Post by Bloodybone » Thu Dec 28, 2017 12:34 am

Acido wrote:
Thu Dec 28, 2017 12:25 am
Bloodybone wrote:
Thu Dec 28, 2017 12:17 am
Yes, it doensn't work... If i put any value in [player1coinsvalue] the outcome is 0 but if i don't do the bswap ecx and put a Big Endian value in there it works here is the whole code, maybe it helps:

Okay, but the code is correct so if it doesn't work something else is going on. Are you sure the value stored is 4 bytes? i see further down you're only moving 2 bytes into esi before returning to the original code.
Yes at the origianal code it's only moving a 2 byte value after that it is doing a bswap esi and after that sar esi,10

Acido
Cheater
Cheater
Posts: 35
Joined: Wed Dec 20, 2017 2:11 am
Reputation: 8

Re: Convert Little Endian to Big Endian in Script

Post by Acido » Thu Dec 28, 2017 12:37 am

Bloodybone wrote:
Thu Dec 28, 2017 12:34 am
Acido wrote:
Thu Dec 28, 2017 12:25 am
Bloodybone wrote:
Thu Dec 28, 2017 12:17 am
Yes, it doensn't work... If i put any value in [player1coinsvalue] the outcome is 0 but if i don't do the bswap ecx and put a Big Endian value in there it works here is the whole code, maybe it helps:

Okay, but the code is correct so if it doesn't work something else is going on. Are you sure the value stored is 4 bytes? i see further down you're only moving 2 bytes into esi before returning to the original code.
Yes at the origianal code it's only moving a 2 byte value after that it is doing a bswap esi and after that sar esi,10
Edited my reply after you responded to it it seems :)

Try this:

mov cx, WORD PTR [player1coinsvalue]
exchg cl,ch
mov WORD PTR [rbx+rdi+1C],cx

Bloodybone
Expert Cheater
Expert Cheater
Posts: 95
Joined: Thu Aug 03, 2017 6:19 am
Reputation: 7

Re: Convert Little Endian to Big Endian in Script

Post by Bloodybone » Thu Dec 28, 2017 12:42 am

Acido wrote:
Thu Dec 28, 2017 12:37 am
Bloodybone wrote:
Thu Dec 28, 2017 12:34 am
Acido wrote:
Thu Dec 28, 2017 12:25 am



Okay, but the code is correct so if it doesn't work something else is going on. Are you sure the value stored is 4 bytes? i see further down you're only moving 2 bytes into esi before returning to the original code.
Yes at the origianal code it's only moving a 2 byte value after that it is doing a bswap esi and after that sar esi,10
Edited my reply after you responded to it it seems :)

Try this:

mov cx, WORD PTR [player1coinsvalue]
exchg cl,ch
mov WORD PTR [rbx+rdi+1C],cx
Thanks it works, exchg doesn't work but xchg works

Edit: One question why does xchg cl,ch work? It doesn't make any sense to me ...

Acido
Cheater
Cheater
Posts: 35
Joined: Wed Dec 20, 2017 2:11 am
Reputation: 8

Re: Convert Little Endian to Big Endian in Script

Post by Acido » Thu Dec 28, 2017 12:44 am

Bloodybone wrote:
Thu Dec 28, 2017 12:42 am
Acido wrote:
Thu Dec 28, 2017 12:37 am
Bloodybone wrote:
Thu Dec 28, 2017 12:34 am
Yes at the origianal code it's only moving a 2 byte value after that it is doing a bswap esi and after that sar esi,10
Edited my reply after you responded to it it seems :)

Try this:

mov cx, WORD PTR [player1coinsvalue]
exchg cl,ch
mov WORD PTR [rbx+rdi+1C],cx
Thanks it works, exchg doesn't work but xchg works

Edit: One question why does xchg cl,ch work? It doesn't make any sense to me ...
Great, and yeah the extra e was a typo on my part :)

Well its a 16bit value but you're storing a 32bit value with the bswap i would guess thats why it didn't work.
Last edited by Acido on Thu Dec 28, 2017 12:46 am, edited 1 time in total.

Bloodybone
Expert Cheater
Expert Cheater
Posts: 95
Joined: Thu Aug 03, 2017 6:19 am
Reputation: 7

Re: Convert Little Endian to Big Endian in Script

Post by Bloodybone » Thu Dec 28, 2017 12:45 am

Acido wrote:
Thu Dec 28, 2017 12:44 am
Bloodybone wrote:
Thu Dec 28, 2017 12:42 am
Acido wrote:
Thu Dec 28, 2017 12:37 am


Edited my reply after you responded to it it seems :)

Try this:

mov cx, WORD PTR [player1coinsvalue]
exchg cl,ch
mov WORD PTR [rbx+rdi+1C],cx
Thanks it works, exchg doesn't work but xchg works

Edit: One question why does xchg cl,ch work? It doesn't make any sense to me ...
Great, and yeah the extra e was a typo on my part :)
Oh ok i found out why cl ch i'm dumb lol

Acido
Cheater
Cheater
Posts: 35
Joined: Wed Dec 20, 2017 2:11 am
Reputation: 8

Re: Convert Little Endian to Big Endian in Script

Post by Acido » Thu Dec 28, 2017 12:47 am

Bloodybone wrote:
Thu Dec 28, 2017 12:45 am
Acido wrote:
Thu Dec 28, 2017 12:44 am
Bloodybone wrote:
Thu Dec 28, 2017 12:42 am
Thanks it works, exchg doesn't work but xchg works

Edit: One question why does xchg cl,ch work? It doesn't make any sense to me ...
Great, and yeah the extra e was a typo on my part :)
Oh ok i found out why cl ch i'm dumb lol
yeah you're just swapping around the upper/lower part of cx register turning it into big endian.

Bloodybone
Expert Cheater
Expert Cheater
Posts: 95
Joined: Thu Aug 03, 2017 6:19 am
Reputation: 7

Re: Convert Little Endian to Big Endian in Script

Post by Bloodybone » Thu Dec 28, 2017 12:48 am

Acido wrote:
Thu Dec 28, 2017 12:47 am
Bloodybone wrote:
Thu Dec 28, 2017 12:45 am
Acido wrote:
Thu Dec 28, 2017 12:44 am


Great, and yeah the extra e was a typo on my part :)
Oh ok i found out why cl ch i'm dumb lol
yeah you're just swapping around the upper/lower part of cx register turning it into big endian.
Yeah didn't think of that thanks :)

Post Reply

Who is online

Users browsing this forum: silverio