FearLess Cheat Engine

Hello,

I write a ASM code but I am stuck. I don't know how to write a code that when I activate script by a hotkey it will add a float value ONLY ONE TIME per one key press (something like when you have an address and you are increasing a value in the address by pressing a hotkey). And other thing what I want to do is when I add a float value that I want by pressing few times the key, then I will press another key to freeze the value - but I don't know how to write this into my code.



My code is like that:

[code]add [esi+70],(float)10

movss xmm3,[esi+70]

movss [esi+70],xmm3 //original function[/code]



When I activate a script by hoteky, it will be adding constantly the 10 float value but I want to add this value only ONE TIME per one-key-press.



I am waiting for your answer,

Thank you.

1528790693

Hmmm, I checked that in movss [esi+70],xmm3 function, register ECX is free so I borrowed this register and I change my script to this:

[code]push ecx

mov ecx,[dupa]

mov [esi+70],ecx

pop ecx

movss xmm3,[esi+70]

movss [esi+70],xmm3[/code]



dupa is allocated memory, 4 bytes like that: [B]globalalloc(dupa,4)[/B]

But in [B]dupa[/B] address, it must be float value not 4-byte - I don't know how to alloc float value :-P



So when I leave my script like that, activate script and set a hotkey increasing value by 4 in [B]dupa[/B] address - the script is working but not as I wanted. When I increase float value for example by 4 in [B]dupa[/B] address, I am "freezing" in that value, but I don't want to freeze in that value but for example: I have 0 float value, I am increasing this value to 4 and after increasing, the value is automatically decreasing to 0 -[U] like when you throw a rock into the air, the rock wont stay in air but it will automatically fall down.[/U]

Given it's a code that's constantly executing, you need to [I]guide[/I] the flow. As such, use intermediate values to increase/decrease that value. And apply them in your code as CMPs.



Example:



[code]

label( dupa )

label( original )



cmp [dupa],1

je short @f

add [dupa],1

jmp original

@@:

cmp [dupa],2

je short @f

sub [dupa],1

original:

push ecx

mov ecx,[dupa]

mov [esi+70],ecx

pop ecx

movss xmm3,[esi+70]

movss [esi+70],xmm3



dupa:

dd 1[/code]

So what the code above does is to check if dupa is 1. If so, increase it by 1 and continue execution. On another pass, it checks if 1, fails, cuz now it's 2, then it checks if 2. If so, decrease it by 1 and continue execution. And so on..



Also.. that's how you set floats: [I]dd (float)value[/I] -> [B]dd (float)1.0[/B]. It's still a DWORD (4-bytes), but to get it to show like a float, use (float) after dd.

SunBeam, something is not working with your code.. this @@ - what is it?



My code is working perfectly like that:

[code]originalcode:

mov [esi+70],(float)100

movss xmm3,[esi+70]

movss [esi+70],xmm3[/code]



But this code will transport me to the 100 and I will stay there in "freeze" position and cannot move (this function is moving you up in the air) - when you turn off the script, your body will fall off to the ground - so this code is for Jump Hack.



How to make something like that, if a press a hotkey - it will add some float value to esi+70 only ONE TIME - how to do that?

Learn ASM properly, then we talk; it's clearly to me now this is a one time quick fix for your one game. Am out of this topic.



P.S.: This makes no fucking sense:



originalcode:

mov [esi+70],(float)100 // you put 100 deliberately in [esi+70]

movss xmm3,[esi+70] // then you put it in xmm3 as well

movss [esi+70],xmm3 // then you write it one more time to [esi+70]? WHY?? you like sado-maso?

So please give me a place where i can learn all asm properly because i cant find any books or something which will explains all functions of asm.



Second question: if i dont write like these, script is not working.

Here: [URL]https://fearlessrevolution.com/threads/useful-links-collection.6734/[/URL]



Also these:



[URL]http://www.pravaraengg.org.in/Download/MA/assembly_tutorial.pdf[/URL]



[URL]https://en.wikibooks.org/wiki/X86_Assembly[/URL]



[MEDIA=youtube]ViNnfoE56V8[/MEDIA]



[MEDIA=youtube]H4Z0S9ZbC0g[/MEDIA]



Enjoy!

[URL]https://wiki.cheatengine.org/index.php?title=Assembler:Commands:JMP[/URL]



this will help you fixing that code..

SunBeam - check my CT file. This file is for Modern Combat 5 game - Free SinglePlayer and Multiplayer game from Windows Store.

I found and made an easy Teleport Hack and I want to make a Jump Hack but I have some problems with Jump Hack because I am not good with XMM registers.



So like you can see in my CT table, when I write any float value in DUPA (globalalloc) it is moving me perfectly to the spot that I want - but I am then freeze here in the spot that I will "JUMP" - but I don't wanna be freeze here - I want that - when my script moves me to the spot that I wrote, it will then automatically turn off to let me fall down.



Also I have some problems with my Teleport Hack - when I activate it - I can walk only on flat one surface. When I want to climb the stairs, I can not because I'm blocked, nor can I go lower. Why?

1530290509

[QUOTE="SunBeam, post: 49051, member: 12587"]Given it's a code that's constantly executing, you need to [I]guide[/I] the flow. As such, use intermediate values to increase/decrease that value. And apply them in your code as CMPs.



Example:



[code]

label( dupa )

label( original )



cmp [dupa],1

je short @f

add [dupa],1

jmp original

@@:

cmp [dupa],2

je short @f

sub [dupa],1

original:

push ecx

mov ecx,[dupa]

mov [esi+70],ecx

pop ecx

movss xmm3,[esi+70]

movss [esi+70],xmm3



dupa:

dd 1[/code]

So what the code above does is to check if dupa is 1. If so, increase it by 1 and continue execution. On another pass, it checks if 1, fails, cuz now it's 2, then it checks if 2. If so, decrease it by 1 and continue execution. And so on..



Also.. that's how you set floats: [I]dd (float)value[/I] -> [B]dd (float)1.0[/B]. It's still a DWORD (4-bytes), but to get it to show like a float, use (float) after dd.[/QUOTE]



Yeah, I checked this code once again, and after activating - it is crashing a game. Please check full script below, maybe I make a mistake somewhere.



[code]

[ENABLE]



alloc(newmem,2048)

label(dupa)

label(returnhere)

label(originalcode)

label(exit)





newmem:

cmp [dupa],1

je short @f

add [dupa],1

jmp originalcode

@@:

cmp [dupa],2

je short @f

sub [dupa],1



originalcode:

push ecx

mov ecx,[dupa]

mov [esi+70],ecx

pop ecx

movss xmm3,[esi+70]

movss [esi+70],xmm3



dupa:

dd (float)1.0



exit:

jmp returnhere



"WindowsEntryPoint.Windows.exe"+6BBC05:

jmp newmem

returnhere:



[DISABLE]



dealloc(newmem)

"WindowsEntryPoint.Windows.exe"+6BBC05:

movss [esi+70],xmm3

//Alt: db F3 0F 11 5E 70

[/code]

ok u are missing one @@:

@f jumps to following @@: label. and @b jumps back to previous @@: label.

After you enable this cheat see in Memory View what code it generates. Then you'll get idea what is this .



[CODE]newmem:

cmp [dupa],1

je short @f

add [dupa],1

jmp originalcode

@@:

cmp [dupa],2

je short @f

sub [dupa],1

@@: // --------- after @f you need to have @@:

originalcode:

push ecx

mov ecx,[dupa]

mov [esi+70],ecx

pop ecx

movss xmm3,[esi+70]

movss [esi+70],xmm3[/CODE]



or try this

[CODE]

newmem:

cmp [dupa],1

je short @f

add [dupa],1

jmp originalcode

@@:

cmp [dupa],2

je originalcode // ------------- or jump straight to ur originalcode lable.

sub [dupa],1



originalcode:

push ecx

mov ecx,[dupa]

mov [esi+70],ecx

pop ecx

movss xmm3,[esi+70]

movss [esi+70],xmm3[/CODE]



Once you enable this cheat, you can check and debug actual injected code in Memory View window.

Ok, I checked, It is crashing a game during gameplay. But when I activate this script in menu of the game - it is not crashing the game.

1530299997

[B][SIZE=5]BEFORE ACTIVATION OF THE SCRIPT[/SIZE][/B]



[img]https://i.imgur.com/67gY6MP.png[/img]

[SIZE=5][/SIZE]

[B][SIZE=5]AFTER ACTIVATION OF THE SCRIPT[/SIZE][/B]



[B][SIZE=5][img]https://i.imgur.com/r2LkE1u.png[/img][/SIZE][/B]



[B][SIZE=5][img]https://i.imgur.com/hZjOjni.png[/img][/SIZE][/B]

So your injected code runs many times. Try to figure out how to do something so that it will change the value once and keep it at the new value... You can have a global that you use to store the state, for instance a script can set it to '1' when enabled and '0' when disabled. When it is '1' your script can take the CURRENT value, add 4.0 to it, and store it in a second global, then change the flag to '2'. When the value is '2', it will just grab that value and store it in [esi+70]. When the value is '0', it won't do anything but execute the original code...

[QUOTE="marek1957, post: 50586, member: 11389"]Ok, I checked, It is crashing a game during gameplay. But when I activate this script in menu of the game - it is not crashing the game.[/QUOTE]

[USER=7314]@jgoemat[/USER] I think the instruction where the injection happening is writing to multiple addresses. So the injected code might be modifying unwanted values as well..



[USER=11389]@marek1957[/USER] before injecting your code right click on the instruction and select 'Find out what addresses this instruction accesses'. If it modifies multiple addresses then you need to put more checks in your injection to modify only specific address.