How to registersymbol like a pointer?

Memory scanning, code injection, debugger internals and other gamemodding related discussion
Post Reply
User avatar
SilverRabbit90
Table Makers
Table Makers
Posts: 214
Joined: Fri Jan 15, 2021 12:01 am
Reputation: 191

How to registersymbol like a pointer?

Post by SilverRabbit90 »

Premise; I know a method to get what I want but in this particular case it doesn't work.

Example of a working case:
Spoiler

Code: Select all

[ENABLE]

aobscanmodule(MissionTimeA,GE2RB.exe,66 89 86 38 11 17 00) // should be unique
alloc(newmem,$1000)

label(code)
label(return)

label(seeMissionTime)
registersymbol(seeMissionTime)

newmem:

mov [seeMissionTime],esi

code:
  mov [esi+00171138],ax
  jmp return

  seeMissionTime:

MissionTimeA:
  jmp newmem
  nop 2
return:
registersymbol(MissionTimeA)

[DISABLE]

MissionTimeA:
  db 66 89 86 38 11 17 00

unregistersymbol(*)
dealloc(newmem)
In this case, what is contained in [ESI+00171138] will be viewable as a pointer.
Even make this happen just do:
Spoiler
Image
By doing "Add Address Manuary" you can also write in the "Address" section: [seeMissionTime]+171138 and will do the same thing as the example as before.

As you can see it works perfectly.

I tried to do something similar in this code:
Spoiler

Code: Select all

[ENABLE]

aobscan(YcoordOnWalkA,45 8B 74 05 00 8B 44 24 40 83 C0 24 41) // should be unique
alloc(newmem,$1000,YcoordOnWalkA)

label(code)
label(return)

newmem:

code:
  mov r14d,[r13+rax+00]
  jmp return

YcoordOnWalkA:
  jmp newmem
return:
registersymbol(YcoordOnWalkA)

[DISABLE]

YcoordOnWalkA:
  db 45 8B 74 05 00

unregistersymbol(*)
dealloc(newmem)
I tried to write:
Spoiler

Code: Select all

[ENABLE]

aobscan(YcoordOnWalkA,45 8B 74 05 00 8B 44 24 40 83 C0 24 41) // should be unique
alloc(newmem,$1000,YcoordOnWalkA)

label(code)
label(return)

label(seeYcoord)
registersymbol(seeYcoord)

newmem:

mov [seeYcoord],rax   //I also tried to replace rax with r13 but it doesn't work

code:
  mov r14d,[r13+rax+00]
  jmp return

  seeYcoord:

YcoordOnWalkA:
  jmp newmem
return:
registersymbol(YcoordOnWalkA)

[DISABLE]

YcoordOnWalkA:
  db 45 8B 74 05 00

unregistersymbol(*)
dealloc(newmem)
I also tried to replace rax with r13 but it doesn't work

I also tried to create an RBX register:
Spoiler

Code: Select all

[ENABLE]

aobscan(YcoordOnWalkA,45 8B 74 05 00 8B 44 24 40 83 C0 24 41) // should be unique
alloc(newmem,$1000,YcoordOnWalkA)

label(code)
label(return)

label(seeYcoord)
registersymbol(seeYcoord)

newmem:

push rbx
mov rbx,[r13+rax+00]
mov [seeYcoord],rbx
pop rbx

code:
  mov r14d,[r13+rax+00]
  jmp return

  seeYcoord:

YcoordOnWalkA:
  jmp newmem
return:
registersymbol(YcoordOnWalkA)

[DISABLE]

YcoordOnWalkA:
  db 45 8B 74 05 00

unregistersymbol(*)
dealloc(newmem)
Nothing to do also in this case the "pointer" is not seen even if in the "Address" section in "Add Address Manually" I write only the name of the register (in this case "seeYcoord"), it shows me the value but if I try to changing it doesn't do anything (whereas with the original value it does a teleport).

Does anyone have a solution?
The game is for Vita3K emulator.
The strange thing is that something similar works on other emulators like Yuzu.
Top
User avatar
happyTugs
Table Makers
Table Makers
Posts: 127
Joined: Mon Apr 20, 2020 1:01 am
Reputation: 148

Re: How to registersymbol like a pointer?

Post by happyTugs »

I also tried to replace rax with r13 but it doesn't work

I also tried to create an RBX register:
You're certain that rax always has a value right? If so, try moving your address to a register first then write.

Code: Select all

push rbx
mov rbx,seeYcoord
mov qword ptr ds:[rbx],rax
pop rbx
Top
User avatar
SilverRabbit90
Table Makers
Table Makers
Posts: 214
Joined: Fri Jan 15, 2021 12:01 am
Reputation: 191

Re: How to registersymbol like a pointer?

Post by SilverRabbit90 »

happyTugs wrote:
Mon Mar 06, 2023 10:55 am
I also tried to replace rax with r13 but it doesn't work

I also tried to create an RBX register:
You're certain that rax always has a value right? If so, try moving your address to a register first then write.

Code: Select all

push rbx
mov rbx,seeYcoord
mov qword ptr ds:[rbx],rax
pop rbx
I tried but it does something like:
Spoiler

Code: Select all

[ENABLE]

aobscan(YcoordOnWalkA,45 8B 74 05 00 8B 44 24 40 83 C0 24 41) // should be unique
alloc(newmem,$1000,YcoordOnWalkA)

label(code)
label(return)

label(seeYcoord)
registersymbol(seeYcoord)

newmem:

mov r14d,[seeYcoord]

code:
  mov [r13+rax+00],r14d
  //mov r14d,[r13+rax+00]
  jmp return

  seeYcoord:

YcoordOnWalkA:
  jmp newmem
return:
registersymbol(YcoordOnWalkA)

[DISABLE]

YcoordOnWalkA:
  db 45 8B 74 05 00

unregistersymbol(*)
dealloc(newmem)
Which I'm not interested in doing in this specific case.
Top
User avatar
Rhark
Expert Cheater
Expert Cheater
Posts: 3473
Joined: Tue Apr 16, 2019 1:27 am
Reputation: 1393

Re: How to registersymbol like a pointer?

Post by Rhark »

I see you are moving into the register rbx, you want to use "lea" instead.

Code: Select all

[ENABLE]

aobscan(YcoordOnWalkA,45 8B 74 05 00 8B 44 24 40 83 C0 24 41) // should be unique
alloc(newmem,$1000,YcoordOnWalkA)

label(code)
label(return)

label(seeYcoord)
registersymbol(seeYcoord)

newmem:

push rbx
lea rbx,[r13+rax+00]
mov [seeYcoord],rbx
pop rbx

code:
  mov r14d,[r13+rax+00]
  jmp return

seeYcoord:
 dq 0

YcoordOnWalkA:
  jmp newmem
return:
registersymbol(YcoordOnWalkA)

[DISABLE]

YcoordOnWalkA:
  db 45 8B 74 05 00

unregistersymbol(*)
dealloc(newmem)
Top
User avatar
SilverRabbit90
Table Makers
Table Makers
Posts: 214
Joined: Fri Jan 15, 2021 12:01 am
Reputation: 191

Re: How to registersymbol like a pointer?

Post by SilverRabbit90 »

happyTugs wrote:
Mon Mar 06, 2023 10:55 am
You're certain that rax always has a value right?
Spoiler
2CF1A06000F:
2CF1A06000B - 48 89 06 - mov [rsi],rax
2CF1A06000E - 5E - pop rsi
2CF1A06000F - 46 8B 34 28 - mov r14d,[rax+r13] <<
2CF1A060013 - E9 13B2B018 - jmp 2CF32B6B22B
2CF1A060018 - 1C A4 - sbb al,-5C

RAX=0000000000A1A41C
RBX=00000001001C54E2
RCX=00000000001C54E2
RDX=0000000000000080
RSI=0000000000000000
RDI=000000003E7BC793
RBP=00000000001C54E2
RSP=000000F1716FF2A0
R8=000000003F7A9146
R9=000000003F7A9146
R10=0000000080000000
R11=0000000000000000
R12=0000000000000001
R13=0000000400000000
R14=00000000A966666D
R15=000002CF3240D040
RIP=000002CF1A060013
I changed the rbx register with rsi apparently there are no values inside
Spoiler

Code: Select all

[ENABLE]

aobscan(YcoordOnWalkA,45 8B 74 05 00 8B 44 24 40 83 C0 24 41) // should be unique
alloc(newmem,$1000,YcoordOnWalkA)

label(code)
label(return)

label(seeYcoord)
registersymbol(seeYcoord)

newmem:

push rsi
mov rsi,seeYcoord
mov qword ptr ds:[rsi],rax
pop rsi

code:
  mov r14d,[r13+rax+00]
  jmp return

  seeYcoord:

YcoordOnWalkA:
  jmp newmem
return:
registersymbol(YcoordOnWalkA)

[DISABLE]

YcoordOnWalkA:
  db 45 8B 74 05 00

unregistersymbol(*)
dealloc(newmem)
However it still doesn't work
Top
User avatar
SilverRabbit90
Table Makers
Table Makers
Posts: 214
Joined: Fri Jan 15, 2021 12:01 am
Reputation: 191

Re: How to registersymbol like a pointer?

Post by SilverRabbit90 »

Rhark wrote:
Mon Mar 06, 2023 11:32 am
 I see you are moving the register rbx, you want to load it instead.

Code: Select all

[ENABLE]

aobscan(YcoordOnWalkA,45 8B 74 05 00 8B 44 24 40 83 C0 24 41) // should be unique
alloc(newmem,$1000,YcoordOnWalkA)

label(code)
label(return)

label(seeYcoord)
registersymbol(seeYcoord)

newmem:

push rbx
lea rbx,[r13+rax+00]
mov [seeYcoord],rbx
pop rbx

code:
  mov r14d,[r13+rax+00]
  jmp return

seeYcoord:
 dq 0

YcoordOnWalkA:
  jmp newmem
return:
registersymbol(YcoordOnWalkA)

[DISABLE]

YcoordOnWalkA:
  db 45 8B 74 05 00

unregistersymbol(*)
dealloc(newmem)
Thanks a lot it works.
I love you :wub: :wub:
Top
Post Reply

Return to “General Gamehacking”

Who is online

Users browsing this forum: No registered users