Compare Question

Post your topics and discussions here that you can't find a good section for.
Post Reply
User avatar
MangaDrawing
Cheater
Cheater
Posts: 29
Joined: Sun Mar 05, 2017 11:04 am
Reputation: 0

Compare Question

Post by MangaDrawing »

Hi.
I have a question from compare two thing that can find grenade string ID and can't find ammo string ID. :?:
how to make script for them with one string ID?
That grenade move to 5 and ammo move to 99 with flags.
Thanks.
this is script:

Code: Select all

[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)



newmem: //this is allocated memory, you have read,write,execute access
//place your code here
cmp word ptr [esp+4C],'expl' //grenade string id
jns originalcode
cmp word ptr [esp+50],'osiv' //grenade string id
jns originalcode
cmp word ptr [esp+54],'egre' //grenade string id
jns originalcode
cmp word ptr [esp+58],'nade' //grenade string id
jns originalcode
mov [eax+14],5
jmp originalcode


originalcode:
mov eax,[eax+14]
pop ecx
ret 0004

exit:
jmp returnhere

"Crysis.exe"+17C7BF:
jmp newmem
nop
nop
returnhere:


 
 
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
"Crysis.exe"+17C7BF:
mov eax,[eax+14]
pop ecx
ret 0004
//Alt: db 8B 40 14 59 C2 04 00

Bloodybone
Table Makers
Table Makers
Posts: 288
Joined: Thu Aug 03, 2017 6:19 am
Reputation: 133

Re: Compare Question

Post by Bloodybone »

You can convert a string to hex and compare it to that value so expl is in hex 6578706C so instead of doing cmp word ptr [esp+4C],'expl' do
cmp [esp+4C],6578706C

Squall8
RCE Fanatics
RCE Fanatics
Posts: 564
Joined: Fri Mar 03, 2017 7:43 am
Reputation: 1117

Re: Compare Question

Post by Squall8 »

You can compare strings. But you need to realize the differences between byte ptr, word ptr, dword ptr, and qword ptr. Word ptr does not mean 'string', if that was your train of thought.

Also your jump conditions aren't doing what you want here. JNS=Jump if not signed (SF=0).

Post Reply

Who is online

Users browsing this forum: YandexBot