Compare big address in assembly

nihilism

nihilism

Cheater
Joined
Mar 29, 2018
Messages
34
Using the new CE feature, it found a commonality and I would like to compare it out in a script. However, seems that the value is large or my syntax is incorrect.

Any help to put me in the right direction would be appreciated :geek:



cmp rcx,7FF477AA1240
 
nihilism

nihilism

Cheater
Joined
Mar 29, 2018
Messages
34
After some trial and error, was able to get it working by storing big value some place in memory and referencing that in the compare.

If there is an easier/more efficient method for doing this, please still let me know.

compareaddy:
dq 7FF477AA1240

newmem:
cmp rax,1
je incItems
cmp rcx,[compareaddy]
je health
jne code
 
E

Eric

Administrator
Staff member
Administrator
Joined
Mar 2, 2017
Messages
125
You could use a mov reg64,value64 and then cmp that but takes one more instruction (and more if you need to restore the register)

also, a value like that will likely only work for you on that one run. See if there is a way to figure out what that value really is and then deal with it accordingly

e.g if 7FF477AA1240 is an address inside a module, then the 7FF477AA part can change next run. But the 1240 part will be the same, so you could do a cmp cx,1240 and have the same effect and will work between different runs/systems
 
SunBeam

SunBeam

Administrator
Staff member
Administrator
Joined
Feb 4, 2018
Messages
3,484
^ ..as long as the .exe is the same :) Enphasizing it as people often confuse what you explained with 'working across game updates'.
 
Akhent

Akhent

Cheater
Joined
Dec 8, 2019
Messages
26
for compare where the problems on my script

push rdi // or rcx // or rax
mov rdi,[rbx+78]
mov rdi,[rdi+c40]
cmp [rdi+598],#0
pop rdi
jne code

always display "fatal error" on game :( :( :( :oops: :cry:
 
Akhent

Akhent

Cheater
Joined
Dec 8, 2019
Messages
26
Akhent said:
for compare where the problems on my script

push rdi // or rcx // or rax
mov rdi,[rbx+78]
mov rdi,[rdi+c40]
cmp [rdi+598],#0
pop rdi
jne code

always display "fatal error" on game :( :( :( :oops: :cry:
this the full script,, if whitout compare the script will run perfectly but enemy have same effect
newmem:

push rdi
mov rdi,[rbx+78]
mov rdi,[rdi+c40]
cmp [rdi+598],#0
pop rdi
jne code

mov eax,[rsi+000007ac] //7ac //f14 (max health) to eax
cvtsi2ss xmm0,eax //max health to health

code:
movss [rsi+00000AB8],xmm0 //originalcode
jmp return
 
TheyCallMeTim13

TheyCallMeTim13

Enchanter
Staff member
Administrator
Fearless Donors
Talents
Joined
Mar 3, 2017
Messages
1,794
The fatal error is likely due to rax/eax not being saved and restored, or because rbx+78 or one of the others used isn't always an address. As far as rax/eax goes, you don't need to use it at all, just use that xmm0 (i.e. movss xmm0,[rsi+7AC]). And for the address you read from, put in a check.
Code:
push rdi
mov rdi,[rbx+78]
test rdi,rdi
jz code
mov rdi,[rdi+C40]
test rdi,rdi
jz code
cmp [rdi+598],0
jne code

movss xmm0,[rsi+7AC]

code:
pop rdi
movss [rsi+00000AB8],xmm0 //originalcode
jmp return
 
Akhent

Akhent

Cheater
Joined
Dec 8, 2019
Messages
26
TheyCallMeTim13 said:
The fatal error is likely due to rax/eax not being saved and restored, or because rbx+78 or one of the others used isn't always an address. As far as rax/eax goes, you don't need to use it at all, just use that xmm0 (i.e. movss xmm0,[rsi+7AC]). And for the address you read from, put in a check.
Code:
push rdi
mov rdi,[rbx+78]
test rdi,rdi
jz code
mov rdi,[rdi+C40]
test rdi,rdi
jz code
cmp [rdi+598],0
jne code

movss xmm0,[rsi+7AC]

code:
pop rdi
movss [rsi+00000AB8],xmm0 //originalcode
jmp return
thank's I had try with your script but have the same result, I have try and error and I figure out the problem on jump command, maybe too far (I don't know exactly) the address memory from the original code :cry: :cry: :cry: because if I disable "//jne code" from my first script it's gonna be ok
 
Akhent

Akhent

Cheater
Joined
Dec 8, 2019
Messages
26
label(originalcode)
label(return)
label(healmeplease)

newmem:

push rdi
mov rdi,[rbx+78]
mov rdi,[rdi+c40]
cmp [rdi+598],#0
pop rdi
je healmeplease

originalcode:

movss [rsi+AB8],xmm0 //originalcode
jmp return

healmeplease:

cvtsi2ss xmm0,[rsi+7ac] //max health to health
movss [rsi+AB8],xmm0
jmp return

fix,,,, :D :D :D but have a new problem if heal team again and again, fatal error :oops: :oops: :lol: :lol:
 
T

TheByteSize

Expert Cheater
Fearless Donors
Joined
Mar 4, 2017
Messages
241
It means that at some point the:
mov rdi,[rbx+78]
or
mov rdi,[rdi+c40]

doesn't contain valid address.
 
B

Bloodybone

Expert Cheater
Table Maker
Joined
Aug 3, 2017
Messages
319
Could you try out this and tell me what happens:
Code:
label(originalcode)
label(return)
label(healmeplease)

newmem:
{$try}
push rdi
mov rdi,[rbx+78]
mov rdi,[rdi+c40]
cmp [rdi+598],#0
jne originalcode

healmeplease:
cvtsi2ss xmm0,[rsi+7ac] //max health to health
movss [rsi+AB8],xmm0
pop rdi
jmp return

{$except}
push rbp
mov rbp,rsp
and spl,F0
sub rsp,70
mov [rsp+20],rax
mov [rsp+28],rcx
mov [rsp+30],rdx
mov [rsp+38],r8
mov [rsp+40],r9
mov [rsp+48],r10
mov [rsp+50],r11
mov dword ptr [rsp+58],'Exce'
mov dword ptr [rsp+5C],'ptio'
mov word ptr [rsp+60],006E
xor rcx,rcx
lea rdx,[rsp+58]
xor r8,r8
xor r9,r9
call user32.MessageBoxA
mov r11,[rsp+50]
mov r10,[rsp+48]
mov r9,[rsp+40]
mov r8,[rsp+38]
mov rdx,[rsp+30]
mov rcx,[rsp+28]
mov rax,[rsp+20]
mov rsp,rbp
pop rbp

originalcode:
movss [rsi+AB8],xmm0 //originalcode
pop rdi
jmp return
 
Top