game crahs, what the error in my cheat?

D

DRDNK1000

Cheater
Joined
May 27, 2019
Messages
33
far cry 4
try to do ctg teleport cheat
but game crash
did i miss sothing?
Code:
alloc(newmem,$1000,"FC64.dll"+1F352BE)
alloc(my_thing,256)
label(load)
label(en_save)
label(en_load)
label(save)
label(z_cho)
label(x_cho)
label(y_cho)
label(code)
label(return)
registersymbol(en_save)
registersymbol(en_load)

my_thing:

z_cho: //120
dd (float)0
x_cho:  // 124
dd (float)0
y_cho:  // 128
dd  (float)0

en_save:
dd 0

en_load:
dd 0


newmem:

cmp [en_save],1
je save
cmp [en_load],1
je load
jmp code


save:
mov [en_save],0
push rbx
mov rbx,[rax+120]
mov [z_cho],rbx
mov rbx,[rax+124]
mov [x_cho],rbx
mov rbx,[rax+128]
mov [y_cho],rbx
pop rbx
jmp code

load:
mov [en_load],0
push rbx
mov rbx,[z_cho]
mov [rax+120],rbx
mov rbx,[x_cho]
mov [rax+124],rbx
mov rbx,[y_cho]
mov [rax+128],rbx
pop rbx
jmp code


code:
  movaps xmm1,[rax+120]
  jmp return
teleport:
  jmp newmem
  nop
  nop
return:
registersymbol(teleport)

[DISABLE]

teleport:
  db 0F 28 88 20 01 00 00

unregistersymbol(en_save)
unregistersymbol(en_load)
unregistersymbol(teleport)
dealloc(my_thing)
dealloc(newmem)
 
Rysefox

Rysefox

Expert Cheater
Table Maker
Joined
Jun 23, 2018
Messages
822
meir_atzmon said:
far cry 4
try to do ctg teleport cheat
but game crash
did i miss sothing?
Code:
alloc(newmem,$1000,"FC64.dll"+1F352BE)
alloc(my_thing,256)
label(load)
label(en_save)
label(en_load)
label(save)
label(z_cho)
label(x_cho)
label(y_cho)
label(code)
label(return)
registersymbol(en_save)
registersymbol(en_load)

my_thing:

z_cho: //120
dd (float)0
x_cho:  // 124
dd (float)0
y_cho:  // 128
dd  (float)0

en_save:
dd 0

en_load:
dd 0


newmem:

cmp [en_save],1
je save
cmp [en_load],1
je load
jmp code


save:
mov [en_save],0
push rbx
mov rbx,[rax+120]
mov [z_cho],rbx
mov rbx,[rax+124]
mov [x_cho],rbx
mov rbx,[rax+128]
mov [y_cho],rbx
pop rbx
jmp code

load:
mov [en_load],0
push rbx
mov rbx,[z_cho]
mov [rax+120],rbx
mov rbx,[x_cho]
mov [rax+124],rbx
mov rbx,[y_cho]
mov [rax+128],rbx
pop rbx
jmp code


code:
  movaps xmm1,[rax+120]
  jmp return
teleport:
  jmp newmem
  nop
  nop
return:
registersymbol(teleport)

[DISABLE]

teleport:
  db 0F 28 88 20 01 00 00

unregistersymbol(en_save)
unregistersymbol(en_load)
unregistersymbol(teleport)
dealloc(my_thing)
dealloc(newmem)
Your sure thats rax+120 is z? 124 is x? and 128 y? I disagree. I think x = 120, y = 124 and z = 128
Try to change
Code:
z_cho: //120
dd (float)0
x_cho: // 124
dd (float)0
y_cho: // 128
dd (float)0
en_save:
dd 0

en_load:
dd 0
to
Code:
z_cho: //120
dq 0
x_cho: // 124
dq 0
y_cho: // 128
dq 0

en_save:
dq 0

en_load:
dq 0
 
D

DRDNK1000

Cheater
Joined
May 27, 2019
Messages
33
Rysefox said:
meir_atzmon said:
far cry 4
try to do ctg teleport cheat
but game crash
did i miss sothing?
Code:
alloc(newmem,$1000,"FC64.dll"+1F352BE)
alloc(my_thing,256)
label(load)
label(en_save)
label(en_load)
label(save)
label(z_cho)
label(x_cho)
label(y_cho)
label(code)
label(return)
registersymbol(en_save)
registersymbol(en_load)

my_thing:

z_cho: //120
dd (float)0
x_cho:  // 124
dd (float)0
y_cho:  // 128
dd  (float)0

en_save:
dd 0

en_load:
dd 0


newmem:

cmp [en_save],1
je save
cmp [en_load],1
je load
jmp code


save:
mov [en_save],0
push rbx
mov rbx,[rax+120]
mov [z_cho],rbx
mov rbx,[rax+124]
mov [x_cho],rbx
mov rbx,[rax+128]
mov [y_cho],rbx
pop rbx
jmp code

load:
mov [en_load],0
push rbx
mov rbx,[z_cho]
mov [rax+120],rbx
mov rbx,[x_cho]
mov [rax+124],rbx
mov rbx,[y_cho]
mov [rax+128],rbx
pop rbx
jmp code


code:
  movaps xmm1,[rax+120]
  jmp return
teleport:
  jmp newmem
  nop
  nop
return:
registersymbol(teleport)

[DISABLE]

teleport:
  db 0F 28 88 20 01 00 00

unregistersymbol(en_save)
unregistersymbol(en_load)
unregistersymbol(teleport)
dealloc(my_thing)
dealloc(newmem)
Your sure thats rax+120 is z? 124 is x? and 128 y? I disagree. I think x = 120, y = 124 and z = 128
Try to change
Code:
z_cho: //120
dd (float)0
x_cho: // 124
dd (float)0
y_cho: // 128
dd (float)0
en_save:
dd 0

en_load:
dd 0
to
Code:
z_cho: //120
dq 0
x_cho: // 124
dq 0
y_cho: // 128
dq 0

en_save:
dq 0

en_load:
dq 0
i dont think that the promblom
that just the chord name i give them.
do u see there a mistake? maybe i forgot somthing
 
Rysefox

Rysefox

Expert Cheater
Table Maker
Joined
Jun 23, 2018
Messages
822
meir_atzmon said:
Rysefox said:
meir_atzmon said:
far cry 4
try to do ctg teleport cheat
but game crash
did i miss sothing?


Code:
alloc(newmem,$1000,"FC64.dll"+1F352BE)
alloc(my_thing,256)
label(load)
label(en_save)
label(en_load)
label(save)
label(z_cho)
label(x_cho)
label(y_cho)
label(code)
label(return)
registersymbol(en_save)
registersymbol(en_load)

my_thing:

z_cho: //120
dd (float)0
x_cho:  // 124
dd (float)0
y_cho:  // 128
dd  (float)0

en_save:
dd 0

en_load:
dd 0


newmem:

cmp [en_save],1
je save
cmp [en_load],1
je load
jmp code


save:
mov [en_save],0
push rbx
mov rbx,[rax+120]
mov [z_cho],rbx
mov rbx,[rax+124]
mov [x_cho],rbx
mov rbx,[rax+128]
mov [y_cho],rbx
pop rbx
jmp code

load:
mov [en_load],0
push rbx
mov rbx,[z_cho]
mov [rax+120],rbx
mov rbx,[x_cho]
mov [rax+124],rbx
mov rbx,[y_cho]
mov [rax+128],rbx
pop rbx
jmp code


code:
  movaps xmm1,[rax+120]
  jmp return
teleport:
  jmp newmem
  nop
  nop
return:
registersymbol(teleport)

[DISABLE]

teleport:
  db 0F 28 88 20 01 00 00

unregistersymbol(en_save)
unregistersymbol(en_load)
unregistersymbol(teleport)
dealloc(my_thing)
dealloc(newmem)
Your sure thats rax+120 is z? 124 is x? and 128 y? I disagree. I think x = 120, y = 124 and z = 128
Try to change
Code:
z_cho: //120
dd (float)0
x_cho: // 124
dd (float)0
y_cho: // 128
dd (float)0
en_save:
dd 0

en_load:
dd 0
to
Code:
z_cho: //120
dq 0
x_cho: // 124
dq 0
y_cho: // 128
dq 0

en_save:
dq 0

en_load:
dq 0
i dont think that the promblom
that just the chord name i give them.
do u see there a mistake? maybe i forgot somthing
Thats the only think what I see right now, but I think its the problem. Try it out.
Code:
{ Game   : PixARK.exe
  Version: 
  Date   : 2019-05-31
  Author : Rysefox

  This script does blah blah blah
}

[ENABLE]

aobscanmodule(INJECT,PixARK.exe,F3 0F 10 89 08 01 00 00 F3 0F 11 4C 24 3C) // should be unique
alloc(newmem,$1000,"PixARK.exe"+632FEE)
alloc(Store_coord,246)

label(code)
label(return)
label(coord)
registersymbol(coord)
label(xpos)
label(ypos)
label(zpos)
label(save_flag)
label(save)
label(load)
label(load_flag)
registersymbol(coord)
registersymbol(xpos)
registersymbol(ypos)
registersymbol(zpos)
registersymbol(save_flag)
registersymbol(load)
registersymbol(load_flag)

Store_coord:
xpos:
dq 0

ypos:
dq 0

zpos:
dq 0

save_flag:
dd 0

load_flag:
dd 0


newmem:
cmp [save_flag],1
je save
cmp [load_flag],1
je load
jmp code

save:
mov [save_flag],0
push rbx
mov rbx,[rcx+100]
mov [xpos],rbx
mov rbx,[rcx+00000104]
mov [ypos],rbx
mov rbx,[rcx+00000108]
mov [zpos],rbx
pop rbx
jmp code

load:
mov [load_flag],0
push rbx
mov rbx,[xpos]
mov [rcx+00000100],rbx
mov rbx,[ypos]
mov [rcx+00000104],rbx
mov rbx,[zpos]
mov [rcx+00000108],rbx
pop rbx
jmp code


code:
mov [coord],rcx
  movss xmm1,[rcx+00000108]
  jmp return
coord:
dq 0
INJECT:
  jmp newmem
  nop
  nop
  nop
return:
registersymbol(INJECT)

[DISABLE]

INJECT:
  db F3 0F 10 89 08 01 00 00

unregistersymbol(INJECT)
unregistersymbol(coord)
unregistersymbol(xpos)
unregistersymbol(ypos)
unregistersymbol(zpos)
unregistersymbol(save)
unregistersymbol(save_flag)
unregistersymbol(load)
unregistersymbol(load_flag)
dealloc(newmem)
Heres a teleport cheat, wrote by me and working fine, you can compare^^
 
D

DRDNK1000

Cheater
Joined
May 27, 2019
Messages
33
Rysefox said:
meir_atzmon said:
Rysefox said:
Your sure thats rax+120 is z? 124 is x? and 128 y? I disagree. I think x = 120, y = 124 and z = 128
Try to change
Code:
z_cho: //120
dd (float)0
x_cho: // 124
dd (float)0
y_cho: // 128
dd (float)0
en_save:
dd 0

en_load:
dd 0
to
Code:
z_cho: //120
dq 0
x_cho: // 124
dq 0
y_cho: // 128
dq 0

en_save:
dq 0

en_load:
dq 0
i dont think that the promblom
that just the chord name i give them.
do u see there a mistake? maybe i forgot somthing
Thats the only think what I see right now, but I think its the problem. Try it out.
Code:
{ Game   : PixARK.exe
  Version: 
  Date   : 2019-05-31
  Author : Rysefox

  This script does blah blah blah
}

[ENABLE]

aobscanmodule(INJECT,PixARK.exe,F3 0F 10 89 08 01 00 00 F3 0F 11 4C 24 3C) // should be unique
alloc(newmem,$1000,"PixARK.exe"+632FEE)
alloc(Store_coord,246)

label(code)
label(return)
label(coord)
registersymbol(coord)
label(xpos)
label(ypos)
label(zpos)
label(save_flag)
label(save)
label(load)
label(load_flag)
registersymbol(coord)
registersymbol(xpos)
registersymbol(ypos)
registersymbol(zpos)
registersymbol(save_flag)
registersymbol(load)
registersymbol(load_flag)

Store_coord:
xpos:
dq 0

ypos:
dq 0

zpos:
dq 0

save_flag:
dd 0

load_flag:
dd 0


newmem:
cmp [save_flag],1
je save
cmp [load_flag],1
je load
jmp code

save:
mov [save_flag],0
push rbx
mov rbx,[rcx+100]
mov [xpos],rbx
mov rbx,[rcx+00000104]
mov [ypos],rbx
mov rbx,[rcx+00000108]
mov [zpos],rbx
pop rbx
jmp code

load:
mov [load_flag],0
push rbx
mov rbx,[xpos]
mov [rcx+00000100],rbx
mov rbx,[ypos]
mov [rcx+00000104],rbx
mov rbx,[zpos]
mov [rcx+00000108],rbx
pop rbx
jmp code


code:
mov [coord],rcx
  movss xmm1,[rcx+00000108]
  jmp return
coord:
dq 0
INJECT:
  jmp newmem
  nop
  nop
  nop
return:
registersymbol(INJECT)

[DISABLE]

INJECT:
  db F3 0F 10 89 08 01 00 00

unregistersymbol(INJECT)
unregistersymbol(coord)
unregistersymbol(xpos)
unregistersymbol(ypos)
unregistersymbol(zpos)
unregistersymbol(save)
unregistersymbol(save_flag)
unregistersymbol(load)
unregistersymbol(load_flag)
dealloc(newmem)
Heres a teleport cheat, wrote by me and working fine, you can compare^^
dont work.
but thx
i may need to try it on another game or somthing
 
GreenHouse

GreenHouse

Expert Cheater
Table Maker
Joined
Oct 12, 2018
Messages
454
It's complicated to help you when we're not seeing anything. How does the function work? Share some info.
 
D

DRDNK1000

Cheater
Joined
May 27, 2019
Messages
33
Rysefox said:
meir_atzmon said:
Rysefox said:
Your sure thats rax+120 is z? 124 is x? and 128 y? I disagree. I think x = 120, y = 124 and z = 128
Try to change
Code:
z_cho: //120
dd (float)0
x_cho: // 124
dd (float)0
y_cho: // 128
dd (float)0
en_save:
dd 0

en_load:
dd 0
to
Code:
z_cho: //120
dq 0
x_cho: // 124
dq 0
y_cho: // 128
dq 0

en_save:
dq 0

en_load:
dq 0
i dont think that the promblom
that just the chord name i give them.
do u see there a mistake? maybe i forgot somthing
Thats the only think what I see right now, but I think its the problem. Try it out.
Code:
{ Game   : PixARK.exe
  Version: 
  Date   : 2019-05-31
  Author : Rysefox

  This script does blah blah blah
}

[ENABLE]

aobscanmodule(INJECT,PixARK.exe,F3 0F 10 89 08 01 00 00 F3 0F 11 4C 24 3C) // should be unique
alloc(newmem,$1000,"PixARK.exe"+632FEE)
alloc(Store_coord,246)

label(code)
label(return)
label(coord)
registersymbol(coord)
label(xpos)
label(ypos)
label(zpos)
label(save_flag)
label(save)
label(load)
label(load_flag)
registersymbol(coord)
registersymbol(xpos)
registersymbol(ypos)
registersymbol(zpos)
registersymbol(save_flag)
registersymbol(load)
registersymbol(load_flag)

Store_coord:
xpos:
dq 0

ypos:
dq 0

zpos:
dq 0

save_flag:
dd 0

load_flag:
dd 0


newmem:
cmp [save_flag],1
je save
cmp [load_flag],1
je load
jmp code

save:
mov [save_flag],0
push rbx
mov rbx,[rcx+100]
mov [xpos],rbx
mov rbx,[rcx+00000104]
mov [ypos],rbx
mov rbx,[rcx+00000108]
mov [zpos],rbx
pop rbx
jmp code

load:
mov [load_flag],0
push rbx
mov rbx,[xpos]
mov [rcx+00000100],rbx
mov rbx,[ypos]
mov [rcx+00000104],rbx
mov rbx,[zpos]
mov [rcx+00000108],rbx
pop rbx
jmp code


code:
mov [coord],rcx
  movss xmm1,[rcx+00000108]
  jmp return
coord:
dq 0
INJECT:
  jmp newmem
  nop
  nop
  nop
return:
registersymbol(INJECT)

[DISABLE]

INJECT:
  db F3 0F 10 89 08 01 00 00

unregistersymbol(INJECT)
unregistersymbol(coord)
unregistersymbol(xpos)
unregistersymbol(ypos)
unregistersymbol(zpos)
unregistersymbol(save)
unregistersymbol(save_flag)
unregistersymbol(load)
unregistersymbol(load_flag)
dealloc(newmem)
Heres a teleport cheat, wrote by me and working fine, you can compare^^
registersymbol(xpos)
registersymbol(ypos)
registersymbol(zpos)

why you put registersymbol here?
label is not enouth?
 
D

DRDNK1000

Cheater
Joined
May 27, 2019
Messages
33
GreenHouse said:
It's complicated to help you when we're not seeing anything. How does the function work? Share some info.
the idea is to save your place on the map in register
and after u go a way to load it and teleport there.

cheat the game have video about that
 
Rysefox

Rysefox

Expert Cheater
Table Maker
Joined
Jun 23, 2018
Messages
822
meir_atzmon said:
Rysefox said:
meir_atzmon said:
i dont think that the promblom
that just the chord name i give them.
do u see there a mistake? maybe i forgot somthing
Thats the only think what I see right now, but I think its the problem. Try it out.
Code:
{ Game   : PixARK.exe
  Version: 
  Date   : 2019-05-31
  Author : Rysefox

  This script does blah blah blah
}

[ENABLE]

aobscanmodule(INJECT,PixARK.exe,F3 0F 10 89 08 01 00 00 F3 0F 11 4C 24 3C) // should be unique
alloc(newmem,$1000,"PixARK.exe"+632FEE)
alloc(Store_coord,246)

label(code)
label(return)
label(coord)
registersymbol(coord)
label(xpos)
label(ypos)
label(zpos)
label(save_flag)
label(save)
label(load)
label(load_flag)
registersymbol(coord)
registersymbol(xpos)
registersymbol(ypos)
registersymbol(zpos)
registersymbol(save_flag)
registersymbol(load)
registersymbol(load_flag)

Store_coord:
xpos:
dq 0

ypos:
dq 0

zpos:
dq 0

save_flag:
dd 0

load_flag:
dd 0


newmem:
cmp [save_flag],1
je save
cmp [load_flag],1
je load
jmp code

save:
mov [save_flag],0
push rbx
mov rbx,[rcx+100]
mov [xpos],rbx
mov rbx,[rcx+00000104]
mov [ypos],rbx
mov rbx,[rcx+00000108]
mov [zpos],rbx
pop rbx
jmp code

load:
mov [load_flag],0
push rbx
mov rbx,[xpos]
mov [rcx+00000100],rbx
mov rbx,[ypos]
mov [rcx+00000104],rbx
mov rbx,[zpos]
mov [rcx+00000108],rbx
pop rbx
jmp code


code:
mov [coord],rcx
  movss xmm1,[rcx+00000108]
  jmp return
coord:
dq 0
INJECT:
  jmp newmem
  nop
  nop
  nop
return:
registersymbol(INJECT)

[DISABLE]

INJECT:
  db F3 0F 10 89 08 01 00 00

unregistersymbol(INJECT)
unregistersymbol(coord)
unregistersymbol(xpos)
unregistersymbol(ypos)
unregistersymbol(zpos)
unregistersymbol(save)
unregistersymbol(save_flag)
unregistersymbol(load)
unregistersymbol(load_flag)
dealloc(newmem)
Heres a teleport cheat, wrote by me and working fine, you can compare^^
registersymbol(xpos)
registersymbol(ypos)
registersymbol(zpos)

why you put registersymbol here?
label is not enouth?
Label is enough
 
Rysefox

Rysefox

Expert Cheater
Table Maker
Joined
Jun 23, 2018
Messages
822
meir_atzmon said:
GreenHouse said:
It's complicated to help you when we're not seeing anything. How does the function work? Share some info.
the idea is to save your place on the map in register
and after u go a way to load it and teleport there.

cheat the game have video about that
I do not know, I do not see your instruction, maybe the register you are using is already in use, and therefore crashes.
 
D

DRDNK1000

Cheater
Joined
May 27, 2019
Messages
33
Rysefox said:
meir_atzmon said:
GreenHouse said:
It's complicated to help you when we're not seeing anything. How does the function work? Share some info.
the idea is to save your place on the map in register
and after u go a way to load it and teleport there.

cheat the game have video about that
I do not know, I do not see your instruction, maybe the register you are using is already in use, and therefore crashes.
didnt saw him but when i be in home i will try to replace him.

big thx for your help btw
u the only one who aswer all the time and so fast
 
GreenHouse

GreenHouse

Expert Cheater
Table Maker
Joined
Oct 12, 2018
Messages
454
meir_atzmon said:
the idea is to save your place on the map in register
and after u go a way to load it and teleport there.

cheat the game have video about that
I need to see the function, If I don't see it I can't know what's wrong. Just share a screenshot.
 
D

DRDNK1000

Cheater
Joined
May 27, 2019
Messages
33
GreenHouse said:
meir_atzmon said:
the idea is to save your place on the map in register
and after u go a way to load it and teleport there.

cheat the game have video about that
I need to see the function, If I don't see it I can't know what's wrong. Just share a screenshot.
sorry i dont understan what screenshot u want
can u give me exeple so i know what to take?
 
GreenHouse

GreenHouse

Expert Cheater
Table Maker
Joined
Oct 12, 2018
Messages
454
meir_atzmon said:
sorry i dont understan what screenshot u want
can u give me exeple so i know what to take?
Just the main template of AOB does show some of the nearby code. If I don't know what is doing what, I don't know what's wrong.
According to your script, "FC64.dll"+1F352BE should have what I'm asking for. Go there, and do a screenshot or copy/paste the code that is near that.
 
K

Kitsos

Cheater
Joined
Mar 30, 2018
Messages
33
It usually doesn't matter much, but the jumps should be near each other.
Try: (If allocations have a lot of space between. Usually its not that)
alloc(newmem,$1000,"FC64.dll"+1F352BE)
alloc(my_thing,256,"FC64.dll"+1F352BE)

Confirm that the instruction you inject, doesn't access anything else (rightclick->what other addresses it accesses)

The original code: movaps xmm1,[rax+120] is obviously messing with floats.
I dont know id prefer to use an xmm register:
like:
movss xmm11,[rax+120]
movss [pos_x],xmm11
--breakpoints (to check if it crashes before or after it writes the floats)

pushf and popf (before the cmp and after the code (eg. on return: label)
We don't know where you inject, you might be changing a flag

Are you also sure that you are writing to the actual position and not the 'displayed' position?
(eg. If you alter one of the positions it moves the character.. (you can also double-check the XYZ axis, which is rarely in another order.))

Try and set break points and figure where it crashes. (Pause CE->EnableScript->Set Breakpoints->Resume... after it hits the first go step by step)

What happens if you spawn on the ground? Do you collide, or keep falling? (add smthing to Z (height) (thats why you have to figure it cause i also believe it should be the rax+128)
Use search (for FC4)! Cause I did it at half-point..
Who knows someone might have already a Teleport Script in The forum! Use it as reference to compare it and figure your faults!
 
Top