Offset is a register

Navic · Post by **Navic** » Tue Apr 29, 2025 10:27 pm

I've been able to replicate how simple "highlighted item" reader scripts function from looking at other people's work. For example this works fine if I use the offset 30 when adding the base address to the table:

Code: Select all

newmem:
  mov [base],rbx
code:
  mov rax,[rbx+30]
  jmp return

base:
  dq 0

But I can't seem to figure out how to handle it when the offset is not a number but a register. The code:

Code: Select all

mov rax,[rcx+rbx]

Any help would be appreciated.

imjustmaxie · Post by **imjustmaxie** » Wed Apr 30, 2025 7:08 am

Navic wrote: ↑
Tue Apr 29, 2025 10:27 pm
I've been able to replicate how simple "highlighted item" reader scripts function from looking at other people's work. For example this works fine if I use the offset 30 when adding the base address to the table:
Code: Select all
newmem:
  mov [base],rbx
code:
  mov rax,[rbx+30]
  jmp return

base:
  dq 0
But I can't seem to figure out how to handle it when the offset is not a number but a register. The code:
Code: Select all
mov rax,[rcx+rbx]
Any help would be appreciated.

My guess is this:
RCX = Base Address
RBX = Offset

RCX+RBX has a value in a form of either a 64-bit memory location, or just some 8 byte value.
RAX stores the value.

You need to set a breakpoint before that instruction and look at which registers probably hold the offset. I assume RBX here is the offset, so look at RBX's value.

FearLess Cheat Engine

Offset is a register

Offset is a register

Re: Offset is a register

Who is online