Ask me anything

Post your topics and discussions here that you can't find a good section for.
User avatar
TheyCallMeTim13
Fearless Donors
Fearless Donors
Posts: 139
Joined: Fri Mar 03, 2017 12:31 am
Reputation: 21

Re: Ask me anything/Request a cheat.

Post by TheyCallMeTim13 » Mon Feb 05, 2018 8:29 pm

Code Happy, Code Freely, Be Awesome.

Frost
What is cheating?
What is cheating?
Posts: 2
Joined: Sun Feb 04, 2018 6:21 pm
Reputation: 0

Re: Ask me anything/Request a cheat.

Post by Frost » Tue Feb 06, 2018 1:33 am

gir489, can you check my PM please!? ...

predprey
Cheater
Cheater
Posts: 45
Joined: Thu Mar 02, 2017 8:46 pm
Reputation: 8

Re: Ask me anything/Request a cheat.

Post by predprey » Tue Feb 06, 2018 1:40 am

2BR02B?

User avatar
gir489
RCE Fanatics
RCE Fanatics
Posts: 95
Joined: Mon May 08, 2017 4:08 am
Reputation: 23
Contact:

Re: Ask me anything/Request a cheat.

Post by gir489 » Tue Feb 06, 2018 2:30 am

MangaDrawing wrote:
Mon Feb 05, 2018 8:22 pm
Hi
I have a one question from assembly.
If we have player health that is float but the health maximum value was 4-byte while they are similar in appearance.
how can get health to maximum with assembly?
Yes. This approach works just fine
Frost wrote:
Tue Feb 06, 2018 1:33 am
gir489, can you check my PM please!? ...
No.
predprey wrote:
Tue Feb 06, 2018 1:40 am
2BR02B?
This is a play on letters of "To be or not to be?" I'd have to say I prefer to be. Anyone who says elsewise doesn't appreciate life.
Last edited by gir489 on Tue Feb 06, 2018 3:47 am, edited 1 time in total.

User avatar
TheyCallMeTim13
Fearless Donors
Fearless Donors
Posts: 139
Joined: Fri Mar 03, 2017 12:31 am
Reputation: 21

Re: Ask me anything/Request a cheat.

Post by TheyCallMeTim13 » Tue Feb 06, 2018 4:53 am

gir489 wrote:
Sun Feb 04, 2018 10:01 pm
TheyCallMeTim13 wrote:
Sun Feb 04, 2018 8:50 pm
gir489 wrote:
Sun Feb 04, 2018 6:31 pm
... I am a heavy proponent of tribalism...
So how do you reconcile tribalism with GMO seeds, or the internet?
You don't. That's just the way it is.
So to me tribalism just seems like a step in the wrong direction. You still just end up with same kind of problems. I mean, I get that when some church or what not is built you get an Irish or what ever neighborhood; but must we really continue to divide based on what ever trivial thing we place importance on at that point in history?
Code Happy, Code Freely, Be Awesome.

User avatar
MangaDrawing
Cheater
Cheater
Posts: 29
Joined: Sun Mar 05, 2017 11:04 am
Reputation: 0

Re: Ask me anything/Request a cheat.

Post by MangaDrawing » Tue Feb 06, 2018 8:23 am

Hi
Other quetion is : why this script can not disable(checkbox not checked but enable then i can not disable script)?

Code: Select all

[ENABLE]
aobscanmodule(HEALTH,DarksidersPC.exe,0F 2F 81 00 01 00 00) // should be unique
alloc(Compare,$1000)

label(code)
label(return)
label(Enemy)
label(Player)
label(En_Phealth)
registersymbol(En_Phealth)
label(En_Ehit)
registersymbol(En_Ehit)

En_Phealth:
dd 0
En_Ehit:
dd 0

Compare:
cmp dword ptr [En_Phealth],1
je Player
cmp dword ptr [En_Ehit],1
je Enemy

Player:
cmp [ecx+02AC],0
je Enemy
fild dword ptr [ecx+01DC]
fstp dword ptr [ecx+0100]


code:
  comiss xmm0,[ecx+00000100]
  jmp return

Enemy:
mov [ecx+0100],(float)1
jmp code


HEALTH:
  jmp Compare
  nop
  nop
return:
registersymbol(HEALTH)

[DISABLE]
HEALTH:
  db 0F 2F 81 00 01 00 00

unregistersymbol(HEALTH)
unregistersymbol(En_Phealth)
unregistersymbol(En_Ehit)
dealloc(Compare)
thanks.

User avatar
SunBeam
RCE Fanatics
RCE Fanatics
Posts: 61
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 32

Re: Ask me anything/Request a cheat.

Post by SunBeam » Tue Feb 06, 2018 9:30 am

1. Make sure you allocate near the game's module, not randomly in-memory. Here's the difference between:

Code: Select all

alloc(Compare,$1000)
Image

and

Code: Select all

alloc(Compare,$1000,Calculator.exe)
Image

See how many bytes instruction eats-up?..

2. Your script doesn't even enable in my test scenario. Before saying anything (such as how I don't have the game or the array) know I've replicated what you look for and changed process name to my test one (Calculator.exe). Script doesn't enable because you need a second label for [DISABLE]:

Code: Select all

[ENABLE]

aobscanmodule( HEALTH, Calculator.exe, 0F2F8100010000 )
registersymbol( HEALTH )
label( HEALTH_orig )
registersymbol( HEALTH_orig )
label( back )
alloc( Hook, 0x1000, Calculator.exe )
label( code )
label( Enemy )
label( Player )
label( En_Phealth )
registersymbol( En_Phealth )
label( En_Ehit )
registersymbol( En_Ehit )

Hook:
cmp dword ptr [En_Phealth],1
je Player

cmp dword ptr [En_Ehit],1
je Enemy

Player:
cmp [ecx+2AC],0
je Enemy
  fild dword ptr [ecx+1DC]
  fstp dword ptr [ecx+100]

code:
  comiss xmm0,[ecx+100]
  jmp back

Enemy:
mov [ecx+100],(float)1
jmp code

En_Phealth:
dd 0
En_Ehit:
dd 0

HEALTH:
HEALTH_orig:
jmp Hook
db 90 90
back:

[DISABLE]

HEALTH_orig:
db 0F 2F 81 00 01 00 00

unregistersymbol( En_Ehit )
unregistersymbol( En_Phealth )
dealloc( Hook )
unregistersymbol( HEALTH_orig )
unregistersymbol( HEALTH )
- enabled:

Image

- disabled:

Image

And if you want the jumps shorter, use 'short' (keep in mind if you have a lot of code, some 'short' ones will exceed the max. for short jumps - EB xx vs. 0F 8x xx xx xx). Example:

Code: Select all

[ENABLE]

aobscanmodule( HEALTH, Calculator.exe, 0F2F8100010000 )
registersymbol( HEALTH )
label( HEALTH_orig )
registersymbol( HEALTH_orig )
label( back )
alloc( Hook, 0x1000, Calculator.exe )
label( code )
label( Enemy )
label( Player )
label( En_Phealth )
registersymbol( En_Phealth )
label( En_Ehit )
registersymbol( En_Ehit )

Hook:
cmp dword ptr [En_Phealth],1
je short Player

cmp dword ptr [En_Ehit],1
je short Enemy

Player:
cmp [ecx+2AC],0
je short Enemy
  fild dword ptr [ecx+1DC]
  fstp dword ptr [ecx+100]

code:
  comiss xmm0,[ecx+100]
  jmp back

Enemy:
mov [ecx+100],(float)1
jmp short code

En_Phealth:
dd 0
En_Ehit:
dd 0

HEALTH:
HEALTH_orig:
jmp Hook
db 90 90
back:

[DISABLE]

HEALTH_orig:
db 0F 2F 81 00 01 00 00

unregistersymbol( En_Ehit )
unregistersymbol( En_Phealth )
dealloc( Hook )
unregistersymbol( HEALTH_orig )
unregistersymbol( HEALTH )
Image

Also, I apply the FIFO rule, whereas I alloc/dealloc or register/unregister in the order of occurrence, and not randomly/chaotically (am aware CE can parse content regardless of order).

Peace,
Sun
Last edited by SunBeam on Tue Feb 06, 2018 10:12 am, edited 2 times in total.

User avatar
MangaDrawing
Cheater
Cheater
Posts: 29
Joined: Sun Mar 05, 2017 11:04 am
Reputation: 0

Re: Ask me anything/Request a cheat.

Post by MangaDrawing » Tue Feb 06, 2018 9:43 am

when [Enable] have registersymbol so [Disable] should have unregistersymbol
why you not use from unregistersymbol in [Disable]?
thanks.

User avatar
SunBeam
RCE Fanatics
RCE Fanatics
Posts: 61
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 32

Re: Ask me anything/Request a cheat.

Post by SunBeam » Tue Feb 06, 2018 10:14 am

See above edited post. Because [DISABLE] doesn't know where exactly HEALTH's position is; that location comes as the result of an aobscanmodule, not a label definition:

label(HEALTH)
registersymbol(HEALTH)

vs.

aobscanmodule(HEALTH,...) // label not set
registersymbol(HELATH)

Your registersymbol(HEALTH) works only for [ENABLE] section; [DISABLE] doesn't know how to interpret it.

User avatar
MangaDrawing
Cheater
Cheater
Posts: 29
Joined: Sun Mar 05, 2017 11:04 am
Reputation: 0

Re: Ask me anything/Request a cheat.

Post by MangaDrawing » Tue Feb 06, 2018 10:29 am

I test your idea But script still has in this problem.
Last edited by MangaDrawing on Tue Feb 06, 2018 10:32 am, edited 2 times in total.

User avatar
SunBeam
RCE Fanatics
RCE Fanatics
Posts: 61
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 32

Re: Ask me anything/Request a cheat.

Post by SunBeam » Tue Feb 06, 2018 10:31 am

I showed you with pictures that this works:

Code: Select all

[ENABLE]

aobscanmodule( HEALTH, Calculator.exe, 0F2F8100010000 )
registersymbol( HEALTH )
label( HEALTH_orig )
registersymbol( HEALTH_orig )
label( back )
alloc( Hook, 0x1000, Calculator.exe )
label( code )
label( Enemy )
label( Player )
label( En_Phealth )
registersymbol( En_Phealth )
label( En_Ehit )
registersymbol( En_Ehit )

Hook:
cmp dword ptr [En_Phealth],1
je Player

cmp dword ptr [En_Ehit],1
je Enemy

Player:
cmp [ecx+2AC],0
je Enemy
  fild dword ptr [ecx+1DC]
  fstp dword ptr [ecx+100]

code:
  comiss xmm0,[ecx+100]
  jmp back

Enemy:
mov [ecx+100],(float)1
jmp code

En_Phealth:
dd 0
En_Ehit:
dd 0

HEALTH:
HEALTH_orig:
jmp Hook
db 90 90
back:

[DISABLE]

HEALTH_orig:
db 0F 2F 81 00 01 00 00

unregistersymbol( En_Ehit )
unregistersymbol( En_Phealth )
dealloc( Hook )
unregistersymbol( HEALTH_orig )
unregistersymbol( HEALTH )
What's the problem now?.. Change 'Calculator.exe' to 'DarksidersPC.exe' and test.

User avatar
MangaDrawing
Cheater
Cheater
Posts: 29
Joined: Sun Mar 05, 2017 11:04 am
Reputation: 0

Re: Ask me anything/Request a cheat.

Post by MangaDrawing » Tue Feb 06, 2018 10:33 am

Oh.Good working.
thanks from your help SunBeam

User avatar
MangaDrawing
Cheater
Cheater
Posts: 29
Joined: Sun Mar 05, 2017 11:04 am
Reputation: 0

Re: Ask me anything/Request a cheat.

Post by MangaDrawing » Tue Feb 06, 2018 10:51 am

for writing teleport script usually use from empty 32-bit registers and XMM registers.
for example eax = 00000000 and use in push eax ,...
now if eax,... and XMM registers not equal with 0 how to write teleport.
example:

Code: Select all

00727365 - 57 - push edi
00727366 - 8B F9  - mov edi,ecx
00727368 - D9 5F 60  - fstp dword ptr [edi+60] <<
0072736B - D9 40 04  - fld dword ptr [eax+04]
0072736E - D9 5F 64  - fstp dword ptr [edi+64]

EAX=08CD0230
EBX=21FC2C80
ECX=05C4AA08
EDX=00D69D14
ESI=05C4AA08
EDI=05C4AA08
ESP=0012FA38
EBP=0012FA80
EIP=0072736B


teleport assembly script:

Code: Select all

[ENABLE]
alloc(teleportmem,2048)
registersymbol(s_enable)
registersymbol(l_enable)
registersymbol(u_enable)
label(returnteleport)
label(originalcodeteleport)
label(exitteleport)
label(z_coord)
label(x_coord)
label(y_coord)
label(z_coord_undo)
label(x_coord_undo)
label(y_coord_undo)
label(save_coord)
label(load_coord)
label(undo_coord)
label(s_enable)
label(l_enable)
label(u_enable)

"DarksidersPC.exe"+327368:
jmp teleportmem
nop
returnteleport:

teleportmem:
cmp [s_enable],1
je save_coord

cmp [l_enable],1
je load_coord

cmp [u_enable],1
je undo_coord

jmp originalcodeteleport

save_coord:
mov [s_enable],0
fld dword [edi+60]
fstp dword [x_coord]
fld dword [edi+64]
fstp dword [z_coord]
fld dword [edi+68]
fstp dword [y_coord]
jmp originalcodeteleport

load_coord:
mov [l_enable],0
cmp [z_coord],0
je originalcodeteleport
// Save actual Position (for UNDO TELEPORT) when press LOAD POSiTiON
fld dword [edi+60]
fstp dword [x_coord_undo]
fld dword [edi+64]
fstp dword [z_coord_undo]
fld dword [edi+68]
fstp dword [y_coord_undo]
// Save actual Position (for UNDO TELEPORT) when press LOAD POSiTiON
fld dword [x_coord]
fstp dword [edi+60]
fld dword [z_coord]
fstp dword [edi+64]
fld dword [y_coord]
fstp dword [edi+68]
jmp originalcodeteleport

undo_coord:
mov [l_enable],0
mov [s_enable],0
mov [u_enable],0
cmp [z_coord_undo],0
je originalcodeteleport
fld dword [x_coord_undo]
fstp dword [edi+60]
fld dword [z_coord_undo]
fstp dword [edi+64]
fld dword [y_coord_undo]
fstp dword [edi+68]

originalcodeteleport:
fstp dword ptr [edi+60]
fld dword ptr [eax+04]

exitteleport:
jmp returnteleport


x_coord:
dd 0
z_coord:
dd 0
y_coord:
dd 0
s_enable:
dd 0
l_enable:
dd 0
x_coord_undo:
dd 0
z_coord_undo:
dd 0
y_coord_undo:
dd 0
u_enable:
dd 0
//>>>--Teleport--//


 
[DISABLE]
dealloc(teleportmem)
dealloc(newmem)
Unregistersymbol(s_enable)
Unregistersymbol(l_enable)
Unregistersymbol(u_enable)
"DarksidersPC.exe"+327368:
fstp dword ptr [edi+60]
fld dword ptr [eax+04]
//Alt: db D9 5F 60 D9 40 04

User avatar
SunBeam
RCE Fanatics
RCE Fanatics
Posts: 61
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 32

Re: Ask me anything/Request a cheat.

Post by SunBeam » Tue Feb 06, 2018 11:25 am

Read about this one: https://c9x.me/x86/html/file_module_x86_id_208.html.

You can do something like this in two instructions:

store:
movups xmm0,[r32+offset]
movups [store],xmm0

restore:
movups xmm0,[store]
movups [r32+offset],xmm0

Why movups and not movaps? Simple. You're required to have the stack 16-bytes aligned stack if you want to use the "a" version. (a = aligned; u = unaligned). Also, keep in mind movups will move 16 bytes (4 DWORDs). XYZ occupy 3 DWORDs, but then again you don't care about the 4th (it's usually a normalizer).

BR,
Sun

User avatar
gir489
RCE Fanatics
RCE Fanatics
Posts: 95
Joined: Mon May 08, 2017 4:08 am
Reputation: 23
Contact:

Re: Ask me anything/Request a cheat.

Post by gir489 » Tue Feb 06, 2018 2:28 pm

TheyCallMeTim13 wrote:
Tue Feb 06, 2018 4:53 am
gir489 wrote:
Sun Feb 04, 2018 10:01 pm
You don't. That's just the way it is.
So to me tribalism just seems like a step in the wrong direction. You still just end up with same kind of problems. I mean, I get that when some church or what not is built you get an Irish or what ever neighborhood; but must we really continue to divide based on what ever trivial thing we place importance on at that point in history?
Again, going back to the book Beyond Good and Evil, any animal wants to feel superior to another. Asking humans to do otherwise is to deny what we are, which is just animals. Thinking that we can move past this and have a wholesome society of everyone loves each other is just nonsense. You're saying a step in the wrong direction like we fucking chose this. It was chosen for us, we just have to deal with the cards we were dealt. I have no idea what you're talking about, but that sounds like segregation. That's not the same as tribalism. You will always resort to a them vs us debate, it's inevitable. It has to, because that's the inherent binary nature of our universe. For one thing to exist, another anti version of it must exist.

"At the end of the day, as long as there's two people left on the planet, someone is gonna want someone dead."

Post Reply

Who is online

Users browsing this forum: No registered users