Help with doing something xmm registers related cheats

squall0833

Expert Cheater
Mar 4, 2017
60
3
8
#1
Hello, everyone, I'm still a newbie in CE,

here's something in game, it's a gauge in float value, with instruction : always writes to the address all the time

04D6AC36: F3 41 0F 11 AF B0 00 00 00 - movss [r15+000000B0],xmm5
In the game,you need to do something so the gauge goes up slowly, if you stop doing anything, that gauge value reduce over time, so...

for some reason I don't want to make it instant full by doing like mov [r15+000000B0],(float)100.0

I want to make a cheat that speeds up the value increase, like double or more by multiplier

normally i know how to do multiplier cheats but I don't know how when there's xmm register and it's Float value

have any idea how to do that?

I was trying to find a way to get latest value from xmm5 to a register, then sub the value with current value, multiply it, add it to the current value, and put the final value back to xmm5.

is it possible to do that?



Thanks
 
Last edited:

Squall8

RCE Fanatics
Talents
Mar 3, 2017
339
44
28
#2
Its basically like the same way I taught you before, except now the commands change slightly.

ADD>ADDSS
SUB>SUBSS
MUL>MULSS

You can also look a couple lines up from the MOVSS to see if there is something like addss xmm5,xmm(x). Then you can inject there and simply add this before anything:
mulss xmm(x),[yourmultiplier]
 

TheyCallMeTim13

Wiki Monster
Talents
Fearless Donors
Mar 3, 2017
418
46
28
#3

squall0833

Expert Cheater
Mar 4, 2017
60
3
8
#4
Its basically like the same way I taught you before, except now the commands change slightly.

ADD>ADDSS
SUB>SUBSS
MUL>MULSS

You can also look a couple lines up from the MOVSS to see if there is something like addss xmm5,xmm(x). Then you can inject there and simply add this before anything:
mulss xmm(x),[yourmultiplier]

What I see are these
""+2B6E7672: 41 83 3E 00 - cmp dword ptr [r14],00
""+2B6E7676: 49 BB 20 97 6F 2B 00 00 00 00 - mov r11,000000002B6F9720
""+2B6E7680: 41 FF D3 - call r11
""+2B6E7683: 48 83 C4 20 - add rsp,20
""+2B6E7687: F3 41 0F 10 87 B0 00 00 00 - movss xmm0,[r15+000000B0]
""+2B6E7690: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
""+2B6E7694: F3 0F 10 4D C8 - movss xmm1,[rbp-38]
""+2B6E7699: F3 0F 5A C9 - cvtss2sd xmm1,xmm1
""+2B6E769D: F3 41 0F 10 97 E4 00 00 00 - movss xmm2,[r15+000000E4]
""+2B6E76A6: F3 0F 5A D2 - cvtss2sd xmm2,xmm2
// ---------- INJECTING HERE ----------
""+2B6E76AA: F2 0F 59 CA - mulsd xmm1,xmm2
""+2B6E76AE: F2 0F 58 C1 - addsd xmm0,xmm1 /// I tried add a line before this mulsd xmm1,[multiplier] but the gauge freezed
// ---------- DONE INJECTING ----------
""+2B6E76B2: F2 0F 5A E8 - cvtsd2ss xmm5,xmm0 ///the only line has xmm5,what does it do?
""+2B6E76B6: F3 41 0F 11 AF B0 00 00 00 - movss [r15+000000B0],xmm5 /// The Current Gauge Value
""+2B6E76BF: F3 41 0F 10 87 B0 00 00 00 - movss xmm0,[r15+000000B0]
""+2B6E76C8: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
did i do wrong ?
 

TheyCallMeTim13

Wiki Monster
Talents
Fearless Donors
Mar 3, 2017
418
46
28
#5
@squall0833
Did you use MULSD with a double or MULSS with a single? Those are doubles so the instructions I gave before won't work, but most will if you use a double and change the SS to SD, i.e.: ADDSS to ADDSD.
CEA:
//...
alloc(someMem, ...
label(someValue)
//...
someMem:
//...
mulsd xmm1,[someValue]
addsd xmm0,xmm1
//...
jmp return
someValue:
  dq (double)2.5 //// Data quad / 8 bytes; (double precision floating point)
//...
 

squall0833

Expert Cheater
Mar 4, 2017
60
3
8
#6
@squall0833
Did you use MULSD with a double or MULSS with a single? Those are doubles so the instructions I gave before won't work, but most will if you use a double and change the SS to SD, i.e.: ADDSS to ADDSD.
CEA:
//...
alloc(someMem, ...
label(someValue)
//...
someMem:
//...
mulsd xmm1,[someValue]
addsd xmm0,xmm1
//...
jmp return
someValue:
  dq (double)2.5 //// Data quad / 8 bytes; (double precision floating point)
//...

OOOoohh, it works :D

by changing that multiplier [somevalue] to double value, it works!

thanks, learnt something new about how to deal with xmm registers, and single, double float :)
 
Last edited:

TheyCallMeTim13

Wiki Monster
Talents
Fearless Donors
Mar 3, 2017
418
46
28
#7
Good to hear.

I have a tutorial here and on the wiki that goes over value types, you may find it helpful.
That and I just posted a new one on integers and one on floats, it lightly goes over singles and doubles.
 
Top Bottom