I am trying to apply a teleport method of a speed hack for a game however my ASM is a little bit on the rubbish side of bad.
in xmm0 we have X coord, xmm1 is Z and xmm2 is Y, however I am just trying to get stuff done for X (xmm0)
The Velocity is defined in another script where I got the base address of it saved to pMPlr which is registered within the script. (This script is a child of it)
I can alter the values contained in "r14+000001C8" directly and I can see movement/teleport action in game happening.
I am trying to alter xmm0 before it movups there. Not sure if this is best method.
these 3 lines (20, 21 and 22 for my AutoAssemble)
Code: Select all
movss [addSpeed], [pMPlr+4E0] //20 pMPlr defined in another autoscript and registered.
mulss [addSpeed], [SpeedMul] //21
addss xmm0, addSpeed //22
Does anyone have any tips what I am doing wrong?
----
Below is the full AA listing I have for full injection.
Code: Select all
define(address,"PhysX3CharacterKinematic_x64.dll"+6BFE)
define(bytes,41 0F 11 86 C8 01 00 00)
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
assert(address,bytes)
alloc(newmem,$1000,"PhysX3CharacterKinematic_x64.dll"+6BFE)
label(code)
label(return)
label(SpeedMul)
label(addSpeed)
registersymbol(SpeedMul)
newmem:
code:
movss [addSpeed], [pMPlr+4E0] //20 pMPlr defined in another autoscript and registered.
mulss [addSpeed], [SpeedMul] //21
addss xmm0, addSpeed //22
movups [r14+000001C8],xmm0
jmp return
SpeedMul:
dd (float)1.0
addSpeed:
dd (float)0.0
address:
jmp newmem
nop 3
return:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
address:
db bytes
// movups [r14+000001C8],xmm0
dealloc(newmem)
