Code Injection - Working with Integers

Section's for general approaches on hacking various options in games. No online-related discussions/posts OR warez!
Post Reply
TimFun13
Expert Cheater
Expert Cheater
Posts: 1353
Joined: Fri Mar 03, 2017 12:31 am
Reputation: 7

Code Injection - Working with Integers

Post by TimFun13 »

[Link]

Code Injection - Working with Integers

This tutorial builds on the topic of Code Injection:
  • [Link]
  • [Link]
  • [Link]
  • [Link]
Let's say you have an integer and some code that increases the value.

Code: Select all

add [eax+10],ecx
What if what writes to the value is only a [Link]. Try to find a spot above the write instruction that has an [Link] (or a [Link] depending on what you want to do).

Code: Select all

add ecx,ebx
//...
mov [eax+10],ecx


Hardcoded value

We could just hardcode a value for this.

Code: Select all

add dword ptr [eax+10],(int)100 // #100 //// "#" is a short hand for integer


Editable value

We could use a [Link], giving it some memory. And optionally [Link] it so the label can be used on the table as an address.

Code: Select all

//...
alloc(someMem, 0x400)
//...
label(someSymbol)
registerSymbol(someSymbol)
//...
someMem:
 //...
 mov ecx,[someSymbol]
 add [eax+10],ecx
 //...
 jmp return
 //...
 someSymbol:
 dd (int)100
//...


Adding a Multiplier

We could add an editable value like above but use [Link] to add a multiplier to the script.

Code: Select all

//...
alloc(someMem, 0x400)
//...
label(someSymbol)
registerSymbol(someSymbol)
//...
someMem:
 //...
 imul ecx,[someSymbol]
 add [eax+10],ecx
 //...
 jmp return
 //...
 someSymbol:
 dd (int)10
//...


Fractional Multiplier

But what if we wanted to be able to multiply by a fractional number (i.e.: "0.5"). Well this can take a bit more, but we can use [Link] and [Link] to convert the value form an integer to a float and back a gain. Then we can just use [Link] to do the multiplying, but we will need an [Link] [Link] to work with. So we will need some extra memory and use [Link] to save and restore the XMM registry.

Code: Select all

//...
alloc(someMem, 0x400)
//...
label(someSymbol)
registerSymbol(someSymbol)
label(extraStuff)
//...
someMem:
 //...
 movups [extraStuff],xmm0 //// save
 cvtsi2ss xmm0,ecx
 mulss xmm0,[someSymbol]
 cvtss2si ecx,xmm0
 movups xmm0,[extraStuff] //// restore
 //...
 jmp return
 //...
 someSymbol:
 dd (int)10
 extraStuff:
 dd 0 //// Data double-word (4 bytes)
 dd 0
 dq 0 //// Data quad-word (8 bytes)
//...


Calculate a value for a Multiplier

Let's say we just can't find an [Link] or a [Link], and all we have is a [Link].

Code: Select all

mov [eax+10],ecx
We can just do some math in the script, to calculate a value for a multiplier.

Code: Select all

//...
alloc(someMem, 0x400)
//...
label(someSymbol)
registerSymbol(someSymbol)
//...
someMem:
 //...
 sub ecx,[eax+10]
 imul ecx,[someSymbol]
 add ecx,[eax+10]
 mov [eax+10],ecx
 //...
 jmp return
 //...
 someSymbol:
 dd (int)10
//...


See Also
  • [Link]
  • [Link]
  • [Link]
  • [Link]
Last edited by TimFun13 on Mon May 07, 2018 12:43 pm, edited 6 times in total.
Top
Post Reply

Return to “Generic Tutorials”

Who is online

Users browsing this forum: No registered users