Compare big address in assembly

[nihilism]

Using the new CE feature, it found a commonality and I would like to compare it out in a script. However, seems that the value is large or my syntax is incorrect.

Any help to put me in the right direction would be appreciated



cmp rcx,7FF477AA1240

[nihilism]

After some trial and error, was able to get it working by storing big value some place in memory and referencing that in the compare.

If there is an easier/more efficient method for doing this, please still let me know.

compareaddy:
dq 7FF477AA1240

newmem:
cmp rax,1
je incItems
cmp rcx,[compareaddy]
je health
jne code

[Eric]

You could use a mov reg64,value64 and then cmp that but takes one more instruction (and more if you need to restore the register)

also, a value like that will likely only work for you on that one run. See if there is a way to figure out what that value really is and then deal with it accordingly

e.g if 7FF477AA1240 is an address inside a module, then the 7FF477AA part can change next run. But the 1240 part will be the same, so you could do a cmp cx,1240 and have the same effect and will work between different runs/systems

[SunBeam]

^ ..as long as the .exe is the same Enphasizing it as people often confuse what you explained with 'working across game updates'.

[Akhent]

for compare where the problems on my script

push rdi // or rcx // or rax
mov rdi,[rbx+78]
mov rdi,[rdi+c40]
cmp [rdi+598],#0
pop rdi
jne code

always display "fatal error" on game

[Akhent]

for compare where the problems on my script

push rdi // or rcx // or rax
mov rdi,[rbx+78]
mov rdi,[rdi+c40]
cmp [rdi+598],#0
pop rdi
jne code

always display "fatal error" on game

this the full script,, if whitout compare the script will run perfectly but enemy have same effect
newmem:

push rdi
mov rdi,[rbx+78]
mov rdi,[rdi+c40]
cmp [rdi+598],#0
pop rdi
jne code

mov eax,[rsi+000007ac] //7ac //f14 (max health) to eax
cvtsi2ss xmm0,eax //max health to health

code:
movss [rsi+00000AB8],xmm0 //originalcode
jmp return

[TimFun13]

The fatal error is likely due to rax/eax not being saved and restored, or because rbx+78 or one of the others used isn't always an address. As far as rax/eax goes, you don't need to use it at all, just use that xmm0 (i.e. movss xmm0,[rsi+7AC]). And for the address you read from, put in a check.

Code: Select all

push rdi
mov rdi,[rbx+78]
test rdi,rdi
jz code
mov rdi,[rdi+C40]
test rdi,rdi
jz code
cmp [rdi+598],0
jne code

movss xmm0,[rsi+7AC]

code:
pop rdi
movss [rsi+00000AB8],xmm0 //originalcode
jmp return

[Akhent]

The fatal error is likely due to rax/eax not being saved and restored, or because rbx+78 or one of the others used isn't always an address. As far as rax/eax goes, you don't need to use it at all, just use that xmm0 (i.e. movss xmm0,[rsi+7AC]). And for the address you read from, put in a check.

Code: Select all

push rdi
mov rdi,[rbx+78]
test rdi,rdi
jz code
mov rdi,[rdi+C40]
test rdi,rdi
jz code
cmp [rdi+598],0
jne code

movss xmm0,[rsi+7AC]

code:
pop rdi
movss [rsi+00000AB8],xmm0 //originalcode
jmp return

thank's I had try with your script but have the same result, I have try and error and I figure out the problem on jump command, maybe too far (I don't know exactly) the address memory from the original code because if I disable "//jne code" from my first script it's gonna be ok

[Akhent]

label(originalcode)
label(return)
label(healmeplease)

newmem:

push rdi
mov rdi,[rbx+78]
mov rdi,[rdi+c40]
cmp [rdi+598],#0
pop rdi
je healmeplease

originalcode:

movss [rsi+AB8],xmm0 //originalcode
jmp return

healmeplease:

cvtsi2ss xmm0,[rsi+7ac] //max health to health
movss [rsi+AB8],xmm0
jmp return

fix,,,, but have a new problem if heal team again and again, fatal error

[TheByteSize]

It means that at some point the:
mov rdi,[rbx+78]
or
mov rdi,[rdi+c40]

doesn't contain valid address.

[Bloodybone]

Could you try out this and tell me what happens:

Code: Select all

label(originalcode)
label(return)
label(healmeplease)

newmem:
{$try}
push rdi
mov rdi,[rbx+78]
mov rdi,[rdi+c40]
cmp [rdi+598],#0
jne originalcode

healmeplease:
cvtsi2ss xmm0,[rsi+7ac] //max health to health
movss [rsi+AB8],xmm0
pop rdi
jmp return

{$except}
push rbp
mov rbp,rsp
and spl,F0
sub rsp,70
mov [rsp+20],rax
mov [rsp+28],rcx
mov [rsp+30],rdx
mov [rsp+38],r8
mov [rsp+40],r9
mov [rsp+48],r10
mov [rsp+50],r11
mov dword ptr [rsp+58],'Exce'
mov dword ptr [rsp+5C],'ptio'
mov word ptr [rsp+60],006E
xor rcx,rcx
lea rdx,[rsp+58]
xor r8,r8
xor r9,r9
call user32.MessageBoxA
mov r11,[rsp+50]
mov r10,[rsp+48]
mov r9,[rsp+40]
mov r8,[rsp+38]
mov rdx,[rsp+30]
mov rcx,[rsp+28]
mov rax,[rsp+20]
mov rsp,rbp
pop rbp

originalcode:
movss [rsi+AB8],xmm0 //originalcode
pop rdi
jmp return