Just wondering if it iS possible to do this. I read about it awhile back on DB'S CE.ORG I think. THIS IS ONLY FOR GAME SEARCH EXPERIMENTS,
BUT PLEASE SHOW ME IF IT IS POSSIBLE. (These are all max values for each type)
You know that If you search for 1 bytes and you view it in hex you get the display results 1=FF,
2 bytes 2=FF FF, 4 bytes 4=FF FF FF FF. So what about 3 bytes and displayed as 3=FF FF FF OR 5 bytes 5=FF FF FF FF FF etc.
Can someone make 2 scripts 3 and 5 bytes and take a pic of it and circle what was modded and what was added so I can try it myself with other
integer types?
Odd Request!! Read About Odd Value Types, BUT PLEASE HELP.
Re: Odd Request!! Read About Odd Value Types, BUT PLEASE HELP.
Here is a 3 byte type
as for 5 byte type you will have to do that different as 5 byte can't be encoded using an integer, so you have to use an approximation
e.g 1 or 0 depending on your wish
Code: Select all
alloc(ConvertRoutine,1024)
alloc(ConvertBackRoutine,1024)
alloc(TypeName,256)
alloc(ByteSize,4)
alloc(UsesFloat,1)
alloc(CallMethod,1)
alloc(PREFEREDALIGNMENT,1)
TypeName:
db '3 Byte value',0
ByteSize:
dd 3
UsesFloat:
db 0 //Change to 1 if this custom type should be treated as a float
CallMethod:
db 1 //Remove or change to 0 for legacy call mechanism
PREFEREDALIGNMENT:
db 1
//The convert routine should hold a routine that converts the data to an integer (in eax)
//function declared as: cdecl int ConvertRoutine(unsigned char *input, PTR_UINT address);
//Note: Keep in mind that this routine can be called by multiple threads at the same time.
ConvertRoutine:
//jmp dllname.functionname
[64-bit]
//or manual:
//parameters: (64-bit)
//rcx=address of input
//rdx=address
xor eax,eax
mov al,[rcx+2]
shl eax,#16
mov ax,[rcx]
//and rax,ffffff
ret
[/64-bit]
[32-bit]
//jmp dllname.functionname
//or manual:
//parameters: (32-bit)
push ebp
mov ebp,esp
//[ebp+8]=address of input
//[ebp+c]=address
//example:
push ecx
mov ecx,[ebp+8]
mov al,[ecx+2]
shl eax,#16
mov ax,[ecx]
pop ebp
ret
[/32-bit]
//The convert back routine should hold a routine that converts the given integer back to a row of bytes (e.g when the user wats to write a new value)
//function declared as: cdecl void ConvertBackRoutine(int i, PTR_UINT address, unsigned char *output);
ConvertBackRoutine:
//jmp dllname.functionname
//or manual:
[64-bit]
//parameters: (64-bit)
//ecx=input
//rdx=address
//r8=address of output
//example:
mov [r8],cx
shr ecx,#16
mov [r8+2],cl
ret
[/64-bit]
[32-bit]
//parameters: (32-bit)
push ebp
mov ebp,esp
//[ebp+8]=input
//[ebp+c]=address
//[ebp+10]=address of output
//example:
push eax
push ebx
mov eax,[ebp+8] //load the value into eax
and eax,ffffff
mov ebx,[ebp+10] //load the output address into ebx
mov [ebx],cx
shr ecx,#16
mov [ebx+2],cl
pop ebx
pop eax
pop ebp
ret
[/32-bit]
e.g 1 or 0 depending on your wish
Re: Odd Request!! Read About Odd Value Types, BUT PLEASE HELP.
Thanks Eric that's great. can you do a 5 bytes, I want to see what it looks like because I don't know what you mean using an approximation.Eric wrote: ↑Mon Mar 11, 2019 1:04 pmHere is a 3 byte typeas for 5 byte type you will have to do that different as 5 byte can't be encoded using an integer, so you have to use an approximationCode: Select all
alloc(ConvertRoutine,1024) alloc(ConvertBackRoutine,1024) alloc(TypeName,256) alloc(ByteSize,4) alloc(UsesFloat,1) alloc(CallMethod,1) alloc(PREFEREDALIGNMENT,1) TypeName: db '3 Byte value',0 ByteSize: dd 3 UsesFloat: db 0 //Change to 1 if this custom type should be treated as a float CallMethod: db 1 //Remove or change to 0 for legacy call mechanism PREFEREDALIGNMENT: db 1 //The convert routine should hold a routine that converts the data to an integer (in eax) //function declared as: cdecl int ConvertRoutine(unsigned char *input, PTR_UINT address); //Note: Keep in mind that this routine can be called by multiple threads at the same time. ConvertRoutine: //jmp dllname.functionname [64-bit] //or manual: //parameters: (64-bit) //rcx=address of input //rdx=address xor eax,eax mov al,[rcx+2] shl eax,#16 mov ax,[rcx] //and rax,ffffff ret [/64-bit] [32-bit] //jmp dllname.functionname //or manual: //parameters: (32-bit) push ebp mov ebp,esp //[ebp+8]=address of input //[ebp+c]=address //example: push ecx mov ecx,[ebp+8] mov al,[ecx+2] shl eax,#16 mov ax,[ecx] pop ebp ret [/32-bit] //The convert back routine should hold a routine that converts the given integer back to a row of bytes (e.g when the user wats to write a new value) //function declared as: cdecl void ConvertBackRoutine(int i, PTR_UINT address, unsigned char *output); ConvertBackRoutine: //jmp dllname.functionname //or manual: [64-bit] //parameters: (64-bit) //ecx=input //rdx=address //r8=address of output //example: mov [r8],cx shr ecx,#16 mov [r8+2],cl ret [/64-bit] [32-bit] //parameters: (32-bit) push ebp mov ebp,esp //[ebp+8]=input //[ebp+c]=address //[ebp+10]=address of output //example: push eax push ebx mov eax,[ebp+8] //load the value into eax and eax,ffffff mov ebx,[ebp+10] //load the output address into ebx mov [ebx],cx shr ecx,#16 mov [ebx+2],cl pop ebx pop eax pop ebp ret [/32-bit]
e.g 1 or 0 depending on your wish
I will start testing things once you show me about an approximation. Am I right to guess a 6 byte wouldn't use an approximation but 7 bytes would?
I am trying to learn from this.
5 thumbs up.
Re: Odd Request!! Read About Odd Value Types, BUT PLEASE HELP.
custom types only return values from 0 to 4294967295
5 bytes can go to 1099511627775
so when the value is 1099511627775 you'll have to come up with a different way to show it
e.g every value divided by 256 (shifted by 1 byte)
Anyhow, showing values exactly like that is not worth it anyhow, as those are not 'human readable values'(HRV) (values below 100000 and floating points without exponent notations) and programmers do tend to use HRV's
And if it's using encryption then the bytesize can be quite high, but the final value once decrypted will still be a HRV.
Thinking in 3 byte , 5 byte, 7 byte types is not going to get you anywhere, you need to figure out what the values mean first
5 bytes can go to 1099511627775
so when the value is 1099511627775 you'll have to come up with a different way to show it
e.g every value divided by 256 (shifted by 1 byte)
Anyhow, showing values exactly like that is not worth it anyhow, as those are not 'human readable values'(HRV) (values below 100000 and floating points without exponent notations) and programmers do tend to use HRV's
And if it's using encryption then the bytesize can be quite high, but the final value once decrypted will still be a HRV.
Thinking in 3 byte , 5 byte, 7 byte types is not going to get you anywhere, you need to figure out what the values mean first
Re: Odd Request!! Read About Odd Value Types, BUT PLEASE HELP.
Thanks Eric for info. I found this script and I think this is a complex script (Not Normal). Are there many games that use what I think is a complexEric wrote: ↑Tue Mar 12, 2019 3:51 pmcustom types only return values from 0 to 4294967295
5 bytes can go to 1099511627775
so when the value is 1099511627775 you'll have to come up with a different way to show it
e.g every value divided by 256 (shifted by 1 byte)
Anyhow, showing values exactly like that is not worth it anyhow, as those are not 'human readable values'(HRV) (values below 100000 and floating points without exponent notations) and programmers do tend to use HRV's
And if it's using encryption then the bytesize can be quite high, but the final value once decrypted will still be a HRV.
Thinking in 3 byte , 5 byte, 7 byte types is not going to get you anywhere, you need to figure out what the values mean first
script/value type as this?, and are there other scripts like this out there that you know of? What kind of game would you use this script for?
THANKSencrypted float (xor with address)
alloc(ConvertRoutine,1024)
alloc(ConvertBackRoutine,1024)
alloc(TypeName,256)
alloc(ByteSize,4)
alloc(UsesFloat,1)
alloc(UsesRealAddress,1)
TypeName:
db 'encrypted float (xor with address)',0
ByteSize:
dd 4
UsesFloat:
db 1
UsesRealAddress:
db 1
ConvertRoutine:
[64-bit]
// eax = output (store result in EAX)
//[rcx] = address of input
//[rcx+ByteSize] = "realAddress" (the value is the real address from the game)
mov eax,[rcx] // get value
xor eax,[rcx+4] // xor with "realAddress"
ret
[/64-bit]
[32-bit]
// eax = output (store result in EAX)
//[ebp+8] = address of input
//[[ebp+8]+ByteSize] = "realAddress" (the value is the real address from the game)
push ebp
mov ebp,esp
push ebx
mov ebx,[ebp+8] // get addres
mov eax,[ebx] // get origbytes
xor eax,[ebx+4] // xor with "realAddress"
pop ebx
pop ebp
ret 4
[/32-bit]
ConvertBackRoutine:
[64-bit]
//ecx = input (value you want to write)
//rdx = address of output
//r8 = "realAddress"
xor ecx,r8 // xor rcx,r8
mov [rdx],ecx
ret
[/64-bit]
[32-bit]
//[ebp+8] = input (value you want to write)
//[ebp+c] = address of output
//[ebp+10] = "realAddress"
push ebp
mov ebp,esp
push eax
push ebx
mov eax,[ebp+8] //load the value into eax
mov ebx,[ebp+c] //load the address into ebx
xor eax,[ebp+10] //xor with "realAddress"
mov [ebx],eax //write the value into the address
pop ebx
pop eax
pop ebp
ret 8
[/32-bit]
Re: Odd Request!! Read About Odd Value Types, BUT PLEASE HELP.
IF ANYONE HAS A SCRIPT/VALUE TYPE THAT'S NOT IN CE LIKE THE encrypted float (xor with address) , THEN PLEASE POST IT HERE.
I play allot of different games so I'm sure I will come across a game I could use them on.
I already have Big-Endian 2/4 Bytes because I use the Wii emulator.
I will leave this thread for that.
THANKS
I play allot of different games so I'm sure I will come across a game I could use them on.
I already have Big-Endian 2/4 Bytes because I use the Wii emulator.
I will leave this thread for that.
THANKS
Who is online
Users browsing this forum: No registered users