FearLess Cheat Engine

Posted: **Mon Feb 05, 2018 8:29 pm**

CVTSI2SS [Link]
CVTSS2SI [Link]

Posted: **Tue Feb 06, 2018 1:33 am**

gir489, can you check my PM please!? ...

Posted: **Tue Feb 06, 2018 1:40 am**

2BR02B?

Posted: **Tue Feb 06, 2018 2:30 am**

MangaDrawing wrote: ↑
Mon Feb 05, 2018 8:22 pm
Hi
I have a one question from assembly.
If we have player health that is float but the health maximum value was 4-byte while they are similar in appearance.
how can get health to maximum with assembly?

ShyTwig16 wrote: ↑
Mon Feb 05, 2018 8:29 pm
CVTSI2SS [Link]
CVTSS2SI [Link]

Yes. This approach works just fine

Frost wrote: ↑
Tue Feb 06, 2018 1:33 am
gir489, can you check my PM please!? ...

No.

predprey wrote: ↑
Tue Feb 06, 2018 1:40 am
2BR02B?

This is a play on letters of "To be or not to be?" I'd have to say I prefer to be. Anyone who says elsewise doesn't appreciate life.

Posted: **Tue Feb 06, 2018 4:53 am**

gir489 wrote: ↑
Sun Feb 04, 2018 10:01 pm

ShyTwig16 wrote: ↑
Sun Feb 04, 2018 8:50 pm

gir489 wrote: ↑
Sun Feb 04, 2018 6:31 pm
... I am a heavy proponent of tribalism...
So how do you reconcile tribalism with GMO seeds, or the internet?
You don't. That's just the way it is.

So to me tribalism just seems like a step in the wrong direction. You still just end up with same kind of problems. I mean, I get that when some church or what not is built you get an Irish or what ever neighborhood; but must we really continue to divide based on what ever trivial thing we place importance on at that point in history?

Posted: **Tue Feb 06, 2018 8:23 am**

Hi
Other quetion is : why this script can not disable(checkbox not checked but enable then i can not disable script)?

Code: Select all

[ENABLE]
aobscanmodule(HEALTH,DarksidersPC.exe,0F 2F 81 00 01 00 00) // should be unique
alloc(Compare,$1000)

label(code)
label(return)
label(Enemy)
label(Player)
label(En_Phealth)
registersymbol(En_Phealth)
label(En_Ehit)
registersymbol(En_Ehit)

En_Phealth:
dd 0
En_Ehit:
dd 0

Compare:
cmp dword ptr [En_Phealth],1
je Player
cmp dword ptr [En_Ehit],1
je Enemy

Player:
cmp [ecx+02AC],0
je Enemy
fild dword ptr [ecx+01DC]
fstp dword ptr [ecx+0100]


code:
  comiss xmm0,[ecx+00000100]
  jmp return

Enemy:
mov [ecx+0100],(float)1
jmp code


HEALTH:
  jmp Compare
  nop
  nop
return:
registersymbol(HEALTH)

[DISABLE]
HEALTH:
  db 0F 2F 81 00 01 00 00

unregistersymbol(HEALTH)
unregistersymbol(En_Phealth)
unregistersymbol(En_Ehit)
dealloc(Compare)

thanks.

Posted: **Tue Feb 06, 2018 9:30 am**

1. Make sure you allocate near the game's module, not randomly in-memory. Here's the difference between:

Code: Select all

alloc(Compare,$1000)

and

Code: Select all

alloc(Compare,$1000,Calculator.exe)

See how many bytes instruction eats-up?..

2. Your script doesn't even enable in my test scenario. Before saying anything (such as how I don't have the game or the array) know I've replicated what you look for and changed process name to my test one (Calculator.exe). Script doesn't enable because you need a second label for [DISABLE]:

Code: Select all

[ENABLE]

aobscanmodule( HEALTH, Calculator.exe, 0F2F8100010000 )
registersymbol( HEALTH )
label( HEALTH_orig )
registersymbol( HEALTH_orig )
label( back )
alloc( Hook, 0x1000, Calculator.exe )
label( code )
label( Enemy )
label( Player )
label( En_Phealth )
registersymbol( En_Phealth )
label( En_Ehit )
registersymbol( En_Ehit )

Hook:
cmp dword ptr [En_Phealth],1
je Player

cmp dword ptr [En_Ehit],1
je Enemy

Player:
cmp [ecx+2AC],0
je Enemy
  fild dword ptr [ecx+1DC]
  fstp dword ptr [ecx+100]

code:
  comiss xmm0,[ecx+100]
  jmp back

Enemy:
mov [ecx+100],(float)1
jmp code

En_Phealth:
dd 0
En_Ehit:
dd 0

HEALTH:
HEALTH_orig:
jmp Hook
db 90 90
back:

[DISABLE]

HEALTH_orig:
db 0F 2F 81 00 01 00 00

unregistersymbol( En_Ehit )
unregistersymbol( En_Phealth )
dealloc( Hook )
unregistersymbol( HEALTH_orig )
unregistersymbol( HEALTH )

- enabled:

- disabled:

And if you want the jumps shorter, use 'short' (keep in mind if you have a lot of code, some 'short' ones will exceed the max. for short jumps - EB xx vs. 0F 8x xx xx xx). Example:

Code: Select all

[ENABLE]

aobscanmodule( HEALTH, Calculator.exe, 0F2F8100010000 )
registersymbol( HEALTH )
label( HEALTH_orig )
registersymbol( HEALTH_orig )
label( back )
alloc( Hook, 0x1000, Calculator.exe )
label( code )
label( Enemy )
label( Player )
label( En_Phealth )
registersymbol( En_Phealth )
label( En_Ehit )
registersymbol( En_Ehit )

Hook:
cmp dword ptr [En_Phealth],1
je short Player

cmp dword ptr [En_Ehit],1
je short Enemy

Player:
cmp [ecx+2AC],0
je short Enemy
  fild dword ptr [ecx+1DC]
  fstp dword ptr [ecx+100]

code:
  comiss xmm0,[ecx+100]
  jmp back

Enemy:
mov [ecx+100],(float)1
jmp short code

En_Phealth:
dd 0
En_Ehit:
dd 0

HEALTH:
HEALTH_orig:
jmp Hook
db 90 90
back:

[DISABLE]

HEALTH_orig:
db 0F 2F 81 00 01 00 00

unregistersymbol( En_Ehit )
unregistersymbol( En_Phealth )
dealloc( Hook )
unregistersymbol( HEALTH_orig )
unregistersymbol( HEALTH )

Also, I apply the FIFO rule, whereas I alloc/dealloc or register/unregister in the order of occurrence, and not randomly/chaotically (am aware CE can parse content regardless of order).

Peace,
Sun

Posted: **Tue Feb 06, 2018 9:43 am**

when [Enable] have registersymbol so [Disable] should have unregistersymbol
why you not use from unregistersymbol in [Disable]?
thanks.

Posted: **Tue Feb 06, 2018 10:14 am**

See above edited post. Because [DISABLE] doesn't know where exactly HEALTH's position is; that location comes as the result of an aobscanmodule, not a label definition:

label(HEALTH)
registersymbol(HEALTH)

vs.

aobscanmodule(HEALTH,...) // label not set
registersymbol(HELATH)

Your registersymbol(HEALTH) works only for [ENABLE] section; [DISABLE] doesn't know how to interpret it.

Posted: **Tue Feb 06, 2018 10:29 am**

I test your idea But script still has in this problem.

Posted: **Tue Feb 06, 2018 10:31 am**

I showed you with pictures that this works:

Code: Select all

[ENABLE]

aobscanmodule( HEALTH, Calculator.exe, 0F2F8100010000 )
registersymbol( HEALTH )
label( HEALTH_orig )
registersymbol( HEALTH_orig )
label( back )
alloc( Hook, 0x1000, Calculator.exe )
label( code )
label( Enemy )
label( Player )
label( En_Phealth )
registersymbol( En_Phealth )
label( En_Ehit )
registersymbol( En_Ehit )

Hook:
cmp dword ptr [En_Phealth],1
je Player

cmp dword ptr [En_Ehit],1
je Enemy

Player:
cmp [ecx+2AC],0
je Enemy
  fild dword ptr [ecx+1DC]
  fstp dword ptr [ecx+100]

code:
  comiss xmm0,[ecx+100]
  jmp back

Enemy:
mov [ecx+100],(float)1
jmp code

En_Phealth:
dd 0
En_Ehit:
dd 0

HEALTH:
HEALTH_orig:
jmp Hook
db 90 90
back:

[DISABLE]

HEALTH_orig:
db 0F 2F 81 00 01 00 00

unregistersymbol( En_Ehit )
unregistersymbol( En_Phealth )
dealloc( Hook )
unregistersymbol( HEALTH_orig )
unregistersymbol( HEALTH )

What's the problem now?.. Change 'Calculator.exe' to 'DarksidersPC.exe' and test.

Posted: **Tue Feb 06, 2018 10:33 am**

Oh.Good working.
thanks from your help SunBeam

Posted: **Tue Feb 06, 2018 10:51 am**

for writing teleport script usually use from empty 32-bit registers and XMM registers.
for example eax = 00000000 and use in push eax ,...
now if eax,... and XMM registers not equal with 0 how to write teleport.
example:

Code: Select all

00727365 - 57 - push edi
00727366 - 8B F9  - mov edi,ecx
00727368 - D9 5F 60  - fstp dword ptr [edi+60] <<
0072736B - D9 40 04  - fld dword ptr [eax+04]
0072736E - D9 5F 64  - fstp dword ptr [edi+64]

EAX=08CD0230
EBX=21FC2C80
ECX=05C4AA08
EDX=00D69D14
ESI=05C4AA08
EDI=05C4AA08
ESP=0012FA38
EBP=0012FA80
EIP=0072736B

teleport assembly script:

Code: Select all

[ENABLE]
alloc(teleportmem,2048)
registersymbol(s_enable)
registersymbol(l_enable)
registersymbol(u_enable)
label(returnteleport)
label(originalcodeteleport)
label(exitteleport)
label(z_coord)
label(x_coord)
label(y_coord)
label(z_coord_undo)
label(x_coord_undo)
label(y_coord_undo)
label(save_coord)
label(load_coord)
label(undo_coord)
label(s_enable)
label(l_enable)
label(u_enable)

"DarksidersPC.exe"+327368:
jmp teleportmem
nop
returnteleport:

teleportmem:
cmp [s_enable],1
je save_coord

cmp [l_enable],1
je load_coord

cmp [u_enable],1
je undo_coord

jmp originalcodeteleport

save_coord:
mov [s_enable],0
fld dword [edi+60]
fstp dword [x_coord]
fld dword [edi+64]
fstp dword [z_coord]
fld dword [edi+68]
fstp dword [y_coord]
jmp originalcodeteleport

load_coord:
mov [l_enable],0
cmp [z_coord],0
je originalcodeteleport
// Save actual Position (for UNDO TELEPORT) when press LOAD POSiTiON
fld dword [edi+60]
fstp dword [x_coord_undo]
fld dword [edi+64]
fstp dword [z_coord_undo]
fld dword [edi+68]
fstp dword [y_coord_undo]
// Save actual Position (for UNDO TELEPORT) when press LOAD POSiTiON
fld dword [x_coord]
fstp dword [edi+60]
fld dword [z_coord]
fstp dword [edi+64]
fld dword [y_coord]
fstp dword [edi+68]
jmp originalcodeteleport

undo_coord:
mov [l_enable],0
mov [s_enable],0
mov [u_enable],0
cmp [z_coord_undo],0
je originalcodeteleport
fld dword [x_coord_undo]
fstp dword [edi+60]
fld dword [z_coord_undo]
fstp dword [edi+64]
fld dword [y_coord_undo]
fstp dword [edi+68]

originalcodeteleport:
fstp dword ptr [edi+60]
fld dword ptr [eax+04]

exitteleport:
jmp returnteleport


x_coord:
dd 0
z_coord:
dd 0
y_coord:
dd 0
s_enable:
dd 0
l_enable:
dd 0
x_coord_undo:
dd 0
z_coord_undo:
dd 0
y_coord_undo:
dd 0
u_enable:
dd 0
//>>>--Teleport--//


 
[DISABLE]
dealloc(teleportmem)
dealloc(newmem)
Unregistersymbol(s_enable)
Unregistersymbol(l_enable)
Unregistersymbol(u_enable)
"DarksidersPC.exe"+327368:
fstp dword ptr [edi+60]
fld dword ptr [eax+04]
//Alt: db D9 5F 60 D9 40 04

Posted: **Tue Feb 06, 2018 11:25 am**

Read about this one: [Link].

You can do something like this in two instructions:

store:
movups xmm0,[r32+offset]
movups [store],xmm0

restore:
movups xmm0,[store]
movups [r32+offset],xmm0

Why movups and not movaps? Simple. You're required to have the stack 16-bytes aligned stack if you want to use the "a" version. (a = aligned; u = unaligned). Also, keep in mind movups will move 16 bytes (4 DWORDs). XYZ occupy 3 DWORDs, but then again you don't care about the 4th (it's usually a normalizer).

BR,
Sun

Posted: **Tue Feb 06, 2018 2:28 pm**

ShyTwig16 wrote: ↑
Tue Feb 06, 2018 4:53 am

gir489 wrote: ↑
Sun Feb 04, 2018 10:01 pm
You don't. That's just the way it is.
So to me tribalism just seems like a step in the wrong direction. You still just end up with same kind of problems. I mean, I get that when some church or what not is built you get an Irish or what ever neighborhood; but must we really continue to divide based on what ever trivial thing we place importance on at that point in history?

Again, going back to the book Beyond Good and Evil, any animal wants to feel superior to another. Asking humans to do otherwise is to deny what we are, which is just animals. Thinking that we can move past this and have a wholesome society of everyone loves each other is just nonsense. You're saying a step in the wrong direction like we fucking chose this. It was chosen for us, we just have to deal with the cards we were dealt. I have no idea what you're talking about, but that sounds like segregation. That's not the same as tribalism. You will always resort to a them vs us debate, it's inevitable. It has to, because that's the inherent binary nature of our universe. For one thing to exist, another anti version of it must exist.

"At the end of the day, as long as there's two people left on the planet, someone is gonna want someone dead."

FearLess Cheat Engine

Ask me anything

Re: Ask me anything/Request a cheat.

Re: Ask me anything/Request a cheat.

Re: Ask me anything/Request a cheat.

Re: Ask me anything/Request a cheat.

Re: Ask me anything/Request a cheat.

Re: Ask me anything/Request a cheat.

Re: Ask me anything/Request a cheat.

Re: Ask me anything/Request a cheat.

Re: Ask me anything/Request a cheat.

Re: Ask me anything/Request a cheat.

Re: Ask me anything/Request a cheat.

Re: Ask me anything/Request a cheat.

Re: Ask me anything/Request a cheat.

Re: Ask me anything/Request a cheat.

Re: Ask me anything/Request a cheat.