ASM code with add float value only one time

Memory scanning, code injection, debugger internals and other gamemodding related discussion
Post Reply
marek1957
Expert Cheater
Expert Cheater
Posts: 283
Joined: Sat Dec 16, 2017 4:46 pm
Reputation: 4

ASM code with add float value only one time

Post by marek1957 » Tue Jun 12, 2018 7:33 am

Hello,

I write a ASM code but I am stuck. I don't know how to write a code that when I activate script by a hotkey it will add a float value ONLY ONE TIME per one key press (something like when you have an address and you are increasing a value in the address by pressing a hotkey). And other thing what I want to do is when I add a float value that I want by pressing few times the key, then I will press another key to freeze the value - but I don't know how to write this into my code.



My code is like that:

[code]add [esi+70],(float)10

movss xmm3,[esi+70]

movss [esi+70],xmm3 //original function[/code]



When I activate a script by hoteky, it will be adding constantly the 10 float value but I want to add this value only ONE TIME per one-key-press.



I am waiting for your answer,

Thank you.

1528790693

Hmmm, I checked that in movss [esi+70],xmm3 function, register ECX is free so I borrowed this register and I change my script to this:

[code]push ecx

mov ecx,[dupa]

mov [esi+70],ecx

pop ecx

movss xmm3,[esi+70]

movss [esi+70],xmm3[/code]



dupa is allocated memory, 4 bytes like that: [B]globalalloc(dupa,4)[/B]

But in [B]dupa[/B] address, it must be float value not 4-byte - I don't know how to alloc float value :-P



So when I leave my script like that, activate script and set a hotkey increasing value by 4 in [B]dupa[/B] address - the script is working but not as I wanted. When I increase float value for example by 4 in [B]dupa[/B] address, I am "freezing" in that value, but I don't want to freeze in that value but for example: I have 0 float value, I am increasing this value to 4 and after increasing, the value is automatically decreasing to 0 -[U] like when you throw a rock into the air, the rock wont stay in air but it will automatically fall down.[/U]
Last edited by marek1957 on Tue Jun 12, 2018 8:04 am, edited 3 times in total.

User avatar
SunBeam
Trouble Makers
Trouble Makers
Posts: 1504
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 222

ASM code with add float value only one time

Post by SunBeam » Tue Jun 12, 2018 12:58 pm

Given it's a code that's constantly executing, you need to [I]guide[/I] the flow. As such, use intermediate values to increase/decrease that value. And apply them in your code as CMPs.



Example:



[code]

label( dupa )

label( original )



cmp [dupa],1

je short @f

add [dupa],1

jmp original

@@:

cmp [dupa],2

je short @f

sub [dupa],1

original:

push ecx

mov ecx,[dupa]

mov [esi+70],ecx

pop ecx

movss xmm3,[esi+70]

movss [esi+70],xmm3



dupa:

dd 1[/code]

So what the code above does is to check if dupa is 1. If so, increase it by 1 and continue execution. On another pass, it checks if 1, fails, cuz now it's 2, then it checks if 2. If so, decrease it by 1 and continue execution. And so on..



Also.. that's how you set floats: [I]dd (float)value[/I] -> [B]dd (float)1.0[/B]. It's still a DWORD (4-bytes), but to get it to show like a float, use (float) after dd.
Last edited by SunBeam on Thu Jan 01, 1970 12:00 am, edited 2 times in total.

marek1957
Expert Cheater
Expert Cheater
Posts: 283
Joined: Sat Dec 16, 2017 4:46 pm
Reputation: 4

ASM code with add float value only one time

Post by marek1957 » Fri Jun 29, 2018 1:56 pm

SunBeam, something is not working with your code.. this @@ - what is it?



My code is working perfectly like that:

[code]originalcode:

mov [esi+70],(float)100

movss xmm3,[esi+70]

movss [esi+70],xmm3[/code]



But this code will transport me to the 100 and I will stay there in "freeze" position and cannot move (this function is moving you up in the air) - when you turn off the script, your body will fall off to the ground - so this code is for Jump Hack.



How to make something like that, if a press a hotkey - it will add some float value to esi+70 only ONE TIME - how to do that?

User avatar
SunBeam
Trouble Makers
Trouble Makers
Posts: 1504
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 222

ASM code with add float value only one time

Post by SunBeam » Fri Jun 29, 2018 2:44 pm

Learn ASM properly, then we talk; it's clearly to me now this is a one time quick fix for your one game. Am out of this topic.



P.S.: This makes no fucking sense:



originalcode:

mov [esi+70],(float)100 // you put 100 deliberately in [esi+70]

movss xmm3,[esi+70] // then you put it in xmm3 as well

movss [esi+70],xmm3 // then you write it one more time to [esi+70]? WHY?? you like sado-maso?
Last edited by SunBeam on Thu Jan 01, 1970 12:00 am, edited 1 time in total.

marek1957
Expert Cheater
Expert Cheater
Posts: 283
Joined: Sat Dec 16, 2017 4:46 pm
Reputation: 4

ASM code with add float value only one time

Post by marek1957 » Fri Jun 29, 2018 3:31 pm

So please give me a place where i can learn all asm properly because i cant find any books or something which will explains all functions of asm.



Second question: if i dont write like these, script is not working.

User avatar
SunBeam
Trouble Makers
Trouble Makers
Posts: 1504
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 222

ASM code with add float value only one time

Post by SunBeam » Fri Jun 29, 2018 3:58 pm

Here: [URL]https://guidedhacking.com/threads/useful-links-collection.6734/[/URL]



Also these:



[URL]http://www.pravaraengg.org.in/Download/MA/assembly_tutorial.pdf[/URL]



[URL]https://en.wikibooks.org/wiki/X86_Assembly[/URL]



[MEDIA=youtube]ViNnfoE56V8[/MEDIA]



[MEDIA=youtube]H4Z0S9ZbC0g[/MEDIA]



Enjoy!
Last edited by SunBeam on Thu Jan 01, 1970 12:00 am, edited 1 time in total.

User avatar
koderkrazy
Fearless Donors
Fearless Donors
Posts: 248
Joined: Sun Jun 17, 2018 2:14 pm
Reputation: 157

ASM code with add float value only one time

Post by koderkrazy » Fri Jun 29, 2018 4:09 pm

[URL]https://wiki.cheatengine.org/index.php?title=Assembler:Commands:JMP[/URL]



this will help you fixing that code..

marek1957
Expert Cheater
Expert Cheater
Posts: 283
Joined: Sat Dec 16, 2017 4:46 pm
Reputation: 4

ASM code with add float value only one time

Post by marek1957 » Fri Jun 29, 2018 4:27 pm

SunBeam - check my CT file. This file is for Modern Combat 5 game - Free SinglePlayer and Multiplayer game from Windows Store.

I found and made an easy Teleport Hack and I want to make a Jump Hack but I have some problems with Jump Hack because I am not good with XMM registers.



So like you can see in my CT table, when I write any float value in DUPA (globalalloc) it is moving me perfectly to the spot that I want - but I am then freeze here in the spot that I will "JUMP" - but I don't wanna be freeze here - I want that - when my script moves me to the spot that I wrote, it will then automatically turn off to let me fall down.



Also I have some problems with my Teleport Hack - when I activate it - I can walk only on flat one surface. When I want to climb the stairs, I can not because I'm blocked, nor can I go lower. Why?

1530290509

[QUOTE="SunBeam, post: 49051, member: 12587"]Given it's a code that's constantly executing, you need to [I]guide[/I] the flow. As such, use intermediate values to increase/decrease that value. And apply them in your code as CMPs.



Example:



[code]

label( dupa )

label( original )



cmp [dupa],1

je short @f

add [dupa],1

jmp original

@@:

cmp [dupa],2

je short @f

sub [dupa],1

original:

push ecx

mov ecx,[dupa]

mov [esi+70],ecx

pop ecx

movss xmm3,[esi+70]

movss [esi+70],xmm3



dupa:

dd 1[/code]

So what the code above does is to check if dupa is 1. If so, increase it by 1 and continue execution. On another pass, it checks if 1, fails, cuz now it's 2, then it checks if 2. If so, decrease it by 1 and continue execution. And so on..



Also.. that's how you set floats: [I]dd (float)value[/I] -> [B]dd (float)1.0[/B]. It's still a DWORD (4-bytes), but to get it to show like a float, use (float) after dd.[/QUOTE]



Yeah, I checked this code once again, and after activating - it is crashing a game. Please check full script below, maybe I make a mistake somewhere.



[code]

[ENABLE]



alloc(newmem,2048)

label(dupa)

label(returnhere)

label(originalcode)

label(exit)





newmem:

cmp [dupa],1

je short @f

add [dupa],1

jmp originalcode

@@:

cmp [dupa],2

je short @f

sub [dupa],1



originalcode:

push ecx

mov ecx,[dupa]

mov [esi+70],ecx

pop ecx

movss xmm3,[esi+70]

movss [esi+70],xmm3



dupa:

dd (float)1.0



exit:

jmp returnhere



"WindowsEntryPoint.Windows.exe"+6BBC05:

jmp newmem

returnhere:



[DISABLE]



dealloc(newmem)

"WindowsEntryPoint.Windows.exe"+6BBC05:

movss [esi+70],xmm3

//Alt: db F3 0F 11 5E 70

[/code]
Last edited by marek1957 on Fri Jun 29, 2018 4:41 pm, edited 3 times in total.

User avatar
koderkrazy
Fearless Donors
Fearless Donors
Posts: 248
Joined: Sun Jun 17, 2018 2:14 pm
Reputation: 157

ASM code with add float value only one time

Post by koderkrazy » Fri Jun 29, 2018 4:50 pm

ok u are missing one @@:

@f jumps to following @@: label. and @b jumps back to previous @@: label.

After you enable this cheat see in Memory View what code it generates. Then you'll get idea what is this .



[CODE]newmem:

cmp [dupa],1

je short @f

add [dupa],1

jmp originalcode

@@:

cmp [dupa],2

je short @f

sub [dupa],1

@@: // --------- after @f you need to have @@:

originalcode:

push ecx

mov ecx,[dupa]

mov [esi+70],ecx

pop ecx

movss xmm3,[esi+70]

movss [esi+70],xmm3[/CODE]



or try this

[CODE]

newmem:

cmp [dupa],1

je short @f

add [dupa],1

jmp originalcode

@@:

cmp [dupa],2

je originalcode // ------------- or jump straight to ur originalcode lable.

sub [dupa],1



originalcode:

push ecx

mov ecx,[dupa]

mov [esi+70],ecx

pop ecx

movss xmm3,[esi+70]

movss [esi+70],xmm3[/CODE]



Once you enable this cheat, you can check and debug actual injected code in Memory View window.
Last edited by koderkrazy on Fri Jun 29, 2018 4:56 pm, edited 1 time in total.

marek1957
Expert Cheater
Expert Cheater
Posts: 283
Joined: Sat Dec 16, 2017 4:46 pm
Reputation: 4

ASM code with add float value only one time

Post by marek1957 » Fri Jun 29, 2018 7:11 pm

Ok, I checked, It is crashing a game during gameplay. But when I activate this script in menu of the game - it is not crashing the game.

1530299997

[B][SIZE=5]BEFORE ACTIVATION OF THE SCRIPT[/SIZE][/B]



[img]https://i.imgur.com/67gY6MP.png[/img]

[SIZE=5][/SIZE]

[B][SIZE=5]AFTER ACTIVATION OF THE SCRIPT[/SIZE][/B]



[B][SIZE=5][img]https://i.imgur.com/r2LkE1u.png[/img][/SIZE][/B]



[B][SIZE=5][img]https://i.imgur.com/hZjOjni.png[/img][/SIZE][/B]
Last edited by marek1957 on Fri Jun 29, 2018 7:19 pm, edited 3 times in total.

jgoemat
Table Makers
Table Makers
Posts: 19
Joined: Fri Jul 21, 2017 6:47 pm
Reputation: 2

ASM code with add float value only one time

Post by jgoemat » Mon Jul 09, 2018 7:03 am

So your injected code runs many times. Try to figure out how to do something so that it will change the value once and keep it at the new value... You can have a global that you use to store the state, for instance a script can set it to '1' when enabled and '0' when disabled. When it is '1' your script can take the CURRENT value, add 4.0 to it, and store it in a second global, then change the flag to '2'. When the value is '2', it will just grab that value and store it in [esi+70]. When the value is '0', it won't do anything but execute the original code...

User avatar
koderkrazy
Fearless Donors
Fearless Donors
Posts: 248
Joined: Sun Jun 17, 2018 2:14 pm
Reputation: 157

ASM code with add float value only one time

Post by koderkrazy » Mon Jul 09, 2018 8:17 am

[QUOTE="marek1957, post: 50586, member: 11389"]Ok, I checked, It is crashing a game during gameplay. But when I activate this script in menu of the game - it is not crashing the game.[/QUOTE]

[USER=7314]@jgoemat[/USER] I think the instruction where the injection happening is writing to multiple addresses. So the injected code might be modifying unwanted values as well..



[USER=11389]@marek1957[/USER] before injecting your code right click on the instruction and select 'Find out what addresses this instruction accesses'. If it modifies multiple addresses then you need to put more checks in your injection to modify only specific address.

Post Reply

Who is online

Users browsing this forum: No registered users