Resetting a value after disabling script

TheyCallMeTim13

I... am an enchanter.
Talents
Fearless Donors
Mar 3, 2017
345
19
18
#21
So first off I forgot to put in a "readFloat" call, and I used the wrong pointer size (32 not 64) sorry for that.
And then you are not storing the address, just float values, you need to store the address
Code:
[ENABLE]
alloc(newmem,2048,"something.exe"+5000000)
globalAlloc(storedvalue, 8)
label(stored)
label(returnhere)
label(originalcode)
label(exit)

newmem:
	mov [storedvalue],(float)1.4 // this is way it doesn't work the address needs to be stored here
	cmp  [storedvalue+4],0
	jne stored
	        push eax
	        mov eax,[r14]
        	mov [storedvalue+4],eax
	        pop eax
        stored:
	mov [r14],(float)1

	originalcode:
		comiss xmm6,[r14]

	exit:
	jmp returnhere


"something.exe"+5000000:
	jmp newmem
	nop
	nop
	nop
	returnhere:

[DISABLE]
dealloc(newmem)
"something.exe"+5000000:
	comiss xmm6,[r14]
	//Alt: db 41 23 7B B6 6E 03 00 00

luaCall(writeFloat('[storedvalue]', '[storedvalue+4]'))
Here you are writing to what ever float 1.4 is in hex in the Lua call to writeFloat.

So try this:
Code:
[ENABLE]
alloc(newmem,2048,"something.exe"+5000000)
globalAlloc(storedvalue, C)
label(stored)
label(returnhere)
label(originalcode)
label(exit)

newmem:
	mov [storedvalue],r14 // here the address is stored so you can access it in the disable section
	cmp  [storedvalue+8],0
	jne stored
	        push eax
	        mov eax,[r14]
        	mov [storedvalue+8],eax
	        pop eax
        stored:
	mov [r14],(float)1

	originalcode:
		comiss xmm6,[r14]

	exit:
	jmp returnhere


"something.exe"+5000000:
	jmp newmem
	nop
	nop
	nop
	returnhere:

[DISABLE]
dealloc(newmem)
"something.exe"+5000000:
	comiss xmm6,[r14]
	//Alt: db 41 23 7B B6 6E 03 00 00

luaCall(writeFloat('[storedvalue]', readFloat('[storedvalue+8]')))
// writeFloat({ address to write to }, { value to write })
//readFloat({ address to read from })
So the Lua call at the end of Disable, writes to the address stored at "storedvalue", and writes the value stored at "storedvalue+8".

You can even add "[storedvalue]" (8 byte as hex) and "[storedvalue+8]" (float) as addresses to the address list to help in debugging.
 

Fruitpunch

What is cheating?
Sep 9, 2017
15
0
1
#22
Sheesh, I had to make the example too simple.

There's an added twist. What if the register has an offset, how do I deal with that?

Code:
[ENABLE]
alloc(newmem,2048,"something.exe"+5000000)
globalAlloc(storedvalue, 12)
label(stored)
label(returnhere)
label(originalcode)
label(exit)

newmem:
	mov [storedvalue],r14
	cmp  [storedvalue+8],0
	jne stored
	        push eax
	        mov eax,[r14+2FC]
        	mov [storedvalue+8],eax
	        pop eax
        stored:
	mov [r14+2FC],(float)1

	originalcode:
		comiss xmm6,[r14+2FC]

	exit:
	jmp returnhere


"something.exe"+5000000:
	jmp newmem
	nop
	nop
	nop
	returnhere:

[DISABLE]
dealloc(newmem)
"something.exe"+5000000:
	comiss xmm6,[r14+2FC]
	//Alt: db 41 23 7B B6 6E 03 00 00

luaCall(writeFloat('[storedvalue]', readFloat('[storedvalue+8]'))) 
//so the (address to write to) would be r14+2FC
 

TheyCallMeTim13

I... am an enchanter.
Talents
Fearless Donors
Mar 3, 2017
345
19
18
#23
With the Lua call you can just put that in, but the "storedvalue" is a pointer that you create, so "[storedvalue]+2FC".
This is because in storing the address (or base) of the value, at the address of "storedvalue"; it becomes a base with a first offset of 0 to get to the base address, of the values address.

And just to be as clear as I can, the Lua call at the end of the disabled section needs to be:
Code:
luaCall(writeFloat('[storedvalue]+2FC', readFloat('[storedvalue+8]')))
 

Fruitpunch

What is cheating?
Sep 9, 2017
15
0
1
#24
Alright, thank you very much for your help TheyCallMeTim13, this has cleared some things that were confusing.

There's still a tiny problem though.

I tried to attach a snapshot but kept getting an extension error so you'll just have to believe me.

The address being changed: A0438F0C

After enabling script:
storedvalue = 2688781328 = A0438C10
storedvalue+8 = (float)1.4

After disabling script the value in address A0438F0C becomes 0.

This is exactly what I used:
Code:
luaCall(writeFloat('[storedvalue]+2FC', readFloat('[storedvalue+8]')))
 

TheyCallMeTim13

I... am an enchanter.
Talents
Fearless Donors
Mar 3, 2017
345
19
18
#25
It doesn't need the brackets in read float because the address to read is "storedvalue+8", sorry stupid mistake on my part. I bet if you had put in "[storedvalue+8]" as an address you would have seen a "0", maybe "??". Just change it to this.
Code:
luaCall(writeFloat('[storedvalue]+2FC', readFloat('storedvalue+8')))
Well maybe one of these days I might actually help some one? Hope my errors don't add to confusion or aggravation to much, but you can add the addresses as they are in the Lua call in-between the quotations and see where they are pointing to, just to double check at this point (this is where I might have seen my error, hah maybe?).
 

Fruitpunch

What is cheating?
Sep 9, 2017
15
0
1
#26
Well, you did help me so thanks a million! :)
Also giving confirmation that the code works now.