How to compare values in emulators?

Post by **SilverRabbit90** » Tue Sep 28, 2021 7:42 pm

I have tried to do some cheats on some emulators (PCSX2 and Dolphine), some cheats are easy to do those that only concern the character used. Cheats that have common values such as the Hp of the playable character and that of the enemies crash the emulator or make both enemies and allies immortal.

For example this code crashes the game:

[ENABLE]

aobscan(INJECT,10 0F 38 F1 7C 33 08 8D) // should be unique
alloc(newmem,$1000,INJECT)

label(code)
label(return)

newmem:
//Offset 210 my (float)2 enemy (float)4.600602988E-41

cmp [rbx+210],(float)2
jne code

nop 6

jmp return

code:
movbe [rbx+rsi+08],edi
jmp return

INJECT+01:
jmp newmem
nop
return:
registersymbol(INJECT)

[DISABLE]

INJECT+01:
db 0F 38 F1 7C 33 08

unregistersymbol(INJECT)
dealloc(newmem)

What do I have to do to make this type of code work?

Thx for the help

Here is my Cheat Engine Tutorial:

Spoiler

[Link]

TheByteSize · Post by **TheByteSize** » Thu Sep 30, 2021 1:38 am

your comparison can come across null or invalid value which crash the game. either find a better spot to check or make sure [rbx+210] contain valid value that can be used to compare at all time. (float)4.600602988E-41 usually an indication for bad spot to check.

Post by **SilverRabbit90** » Thu Sep 30, 2021 9:43 am

Ok thanks I'll try to look for an Offset with better values, this thing is making me crazy finding the correct values in the correct offsets in a normal PC game is quite easy and fast, in an emulator it is all the more tedious.
In any case, wasn't the comparison I made wrong? For example, do I have to write something like?

cmp [rsi+210],(float)2

Maybe i have to use rsi instead of rbx...

Post by **SilverRabbit90** » Thu Sep 30, 2021 4:09 pm

TheByteSize wrote: ↑
Thu Sep 30, 2021 1:38 am
your comparison can come across null or invalid value which crash the game. either find a better spot to check or make sure [rbx+210] contain valid value that can be used to compare at all time. (float)4.600602988E-41 usually an indication for bad spot to check.

I solved with something like this:

[ENABLE]

aobscan(INJECT,10 0F 38 F1 7C 33 08 8D) // should be unique
alloc(newmem,$1000,INJECT)

label(code)
label(return)

newmem:
//Offset 10 my C8000000 enemy A0000000
//Offset 40 my 09000000 enemy 1A000000
//Offset 6C my 0 enemy (int)2348812288
//Offset 23C my 'ib_spideywrestlestealth' enemy ???
//Offset 320 my 0 enemy 32831
//Offset 340 my #14421180 enemy #00000000
//Offset 3A0 my (int)1354156800 enemy 0
//Offset 47D my 128 enemy 0
//Offset 714 my #01000000 enemy 00000000
//Offset 3A0 my (int)1354156800 enemy 0
//Offset EA0 my D1B35DBF enemy 00000000

cmp [rbx+rsi+6C],0
jne code

nop
nop
nop
nop
nop
nop

jmp return

code:
movbe [rbx+rsi+08],edi
jmp return

INJECT+01:
jmp newmem
nop
return:
registersymbol(INJECT)

[DISABLE]

INJECT+01:
db 0F 38 F1 7C 33 08

unregistersymbol(INJECT)
dealloc(newmem)

It was simpler than I thought XD

GreenHouse · Post by **GreenHouse** » Thu Sep 30, 2021 6:29 pm

SilverRabbit90 wrote: ↑
Thu Sep 30, 2021 4:09 pm
cmp [rbx+rsi+6C],0
jne code

nop
nop
nop
nop
nop
nop

jmp return

code:
movbe [rbx+rsi+08],edi
jmp return

You don't need all those 'nop' there though. 'Nop' means 'do nothing', so you're telling it to 'do nothing' 6 times instead of just not having anything there, which would pretty much be the same as doing nothing.

Post by **SilverRabbit90** » Thu Sep 30, 2021 9:35 pm

GreenHouse wrote: ↑
Thu Sep 30, 2021 6:29 pm

SilverRabbit90 wrote: ↑
Thu Sep 30, 2021 4:09 pm
cmp [rbx+rsi+6C],0
jne code

nop
nop
nop
nop
nop
nop

jmp return

code:
movbe [rbx+rsi+08],edi
jmp return
You don't need all those 'nop' there though. 'Nop' means 'do nothing', so you're telling it to 'do nothing' 6 times instead of just not having anything there, which would pretty much be the same as doing nothing.

Yes, I know thanks, if you want you can also write like this:

cmp [rbx + rsi + 6C], 0
jne code

nop 6

jmp return

I had written to better understand XD

GreenHouse · Post by **GreenHouse** » Fri Oct 01, 2021 6:26 am

SilverRabbit90 wrote: ↑
Thu Sep 30, 2021 9:35 pm
Yes, I know thanks, if you want you can also write like this:

cmp [rbx + rsi + 6C], 0
jne code

nop 6

jmp return

I had written to better understand XD

Well, it's still the same thing I said, you don't need to add 'nop 6' to do nothing. It's just adding unnecessary extra bytes that don't do anything.

Post by **SilverRabbit90** » Fri Oct 01, 2021 3:29 pm

GreenHouse wrote: ↑
Fri Oct 01, 2021 6:26 am

SilverRabbit90 wrote: ↑
Thu Sep 30, 2021 9:35 pm
Yes, I know thanks, if you want you can also write like this:

cmp [rbx + rsi + 6C], 0
jne code

nop 6

jmp return

I had written to better understand XD
Well, it's still the same thing I said, you don't need to add 'nop 6' to do nothing. It's just adding unnecessary extra bytes that don't do anything.

I really did not know this, thanks you taught me something useful **

Here is my Cheat Engine Tutorial:

Spoiler

[Link]

FearLess Cheat Engine

How to compare values in emulators?

How to compare values in emulators?

Re: How to compare values in emulators?

Re: How to compare values in emulators?

Re: How to compare values in emulators?

Re: How to compare values in emulators?

Re: How to compare values in emulators?

Re: How to compare values in emulators?

Re: How to compare values in emulators?

Who is online