game crahs, what the error in my cheat?

[DRDNK1000]

far cry 4
try to do ctg teleport cheat
but game crash
did i miss sothing?

Code: Select all

alloc(newmem,$1000,"FC64.dll"+1F352BE)
alloc(my_thing,256)
label(load)
label(en_save)
label(en_load)
label(save)
label(z_cho)
label(x_cho)
label(y_cho)
label(code)
label(return)
registersymbol(en_save)
registersymbol(en_load)

my_thing:

z_cho: //120
dd (float)0
x_cho:  // 124
dd (float)0
y_cho:  // 128
dd  (float)0

en_save:
dd 0

en_load:
dd 0


newmem:

cmp [en_save],1
je save
cmp [en_load],1
je load
jmp code


save:
mov [en_save],0
push rbx
mov rbx,[rax+120]
mov [z_cho],rbx
mov rbx,[rax+124]
mov [x_cho],rbx
mov rbx,[rax+128]
mov [y_cho],rbx
pop rbx
jmp code

load:
mov [en_load],0
push rbx
mov rbx,[z_cho]
mov [rax+120],rbx
mov rbx,[x_cho]
mov [rax+124],rbx
mov rbx,[y_cho]
mov [rax+128],rbx
pop rbx
jmp code


code:
  movaps xmm1,[rax+120]
  jmp return
teleport:
  jmp newmem
  nop
  nop
return:
registersymbol(teleport)

[DISABLE]

teleport:
  db 0F 28 88 20 01 00 00

unregistersymbol(en_save)
unregistersymbol(en_load)
unregistersymbol(teleport)
dealloc(my_thing)
dealloc(newmem)

[Rysefox]

far cry 4
try to do ctg teleport cheat
but game crash
did i miss sothing?

Code: Select all

alloc(newmem,$1000,"FC64.dll"+1F352BE)
alloc(my_thing,256)
label(load)
label(en_save)
label(en_load)
label(save)
label(z_cho)
label(x_cho)
label(y_cho)
label(code)
label(return)
registersymbol(en_save)
registersymbol(en_load)

my_thing:

z_cho: //120
dd (float)0
x_cho:  // 124
dd (float)0
y_cho:  // 128
dd  (float)0

en_save:
dd 0

en_load:
dd 0


newmem:

cmp [en_save],1
je save
cmp [en_load],1
je load
jmp code


save:
mov [en_save],0
push rbx
mov rbx,[rax+120]
mov [z_cho],rbx
mov rbx,[rax+124]
mov [x_cho],rbx
mov rbx,[rax+128]
mov [y_cho],rbx
pop rbx
jmp code

load:
mov [en_load],0
push rbx
mov rbx,[z_cho]
mov [rax+120],rbx
mov rbx,[x_cho]
mov [rax+124],rbx
mov rbx,[y_cho]
mov [rax+128],rbx
pop rbx
jmp code


code:
  movaps xmm1,[rax+120]
  jmp return
teleport:
  jmp newmem
  nop
  nop
return:
registersymbol(teleport)

[DISABLE]

teleport:
  db 0F 28 88 20 01 00 00

unregistersymbol(en_save)
unregistersymbol(en_load)
unregistersymbol(teleport)
dealloc(my_thing)
dealloc(newmem)

Your sure thats rax+120 is z? 124 is x? and 128 y? I disagree. I think x = 120, y = 124 and z = 128
Try to change

Code: Select all

z_cho: //120
dd (float)0
x_cho: // 124
dd (float)0
y_cho: // 128
dd (float)0
en_save:
dd 0

en_load:
dd 0

to

Code: Select all

z_cho: //120
dq 0
x_cho: // 124
dq 0
y_cho: // 128
dq 0

en_save:
dq 0

en_load:
dq 0

[DRDNK1000]

far cry 4
try to do ctg teleport cheat
but game crash
did i miss sothing?

Code: Select all

alloc(newmem,$1000,"FC64.dll"+1F352BE)
alloc(my_thing,256)
label(load)
label(en_save)
label(en_load)
label(save)
label(z_cho)
label(x_cho)
label(y_cho)
label(code)
label(return)
registersymbol(en_save)
registersymbol(en_load)

my_thing:

z_cho: //120
dd (float)0
x_cho:  // 124
dd (float)0
y_cho:  // 128
dd  (float)0

en_save:
dd 0

en_load:
dd 0


newmem:

cmp [en_save],1
je save
cmp [en_load],1
je load
jmp code


save:
mov [en_save],0
push rbx
mov rbx,[rax+120]
mov [z_cho],rbx
mov rbx,[rax+124]
mov [x_cho],rbx
mov rbx,[rax+128]
mov [y_cho],rbx
pop rbx
jmp code

load:
mov [en_load],0
push rbx
mov rbx,[z_cho]
mov [rax+120],rbx
mov rbx,[x_cho]
mov [rax+124],rbx
mov rbx,[y_cho]
mov [rax+128],rbx
pop rbx
jmp code


code:
  movaps xmm1,[rax+120]
  jmp return
teleport:
  jmp newmem
  nop
  nop
return:
registersymbol(teleport)

[DISABLE]

teleport:
  db 0F 28 88 20 01 00 00

unregistersymbol(en_save)
unregistersymbol(en_load)
unregistersymbol(teleport)
dealloc(my_thing)
dealloc(newmem)

Your sure thats rax+120 is z? 124 is x? and 128 y? I disagree. I think x = 120, y = 124 and z = 128
Try to change

Code: Select all

z_cho: //120
dd (float)0
x_cho: // 124
dd (float)0
y_cho: // 128
dd (float)0
en_save:
dd 0

en_load:
dd 0

to

Code: Select all

z_cho: //120
dq 0
x_cho: // 124
dq 0
y_cho: // 128
dq 0

en_save:
dq 0

en_load:
dq 0

i dont think that the promblom
that just the chord name i give them.
do u see there a mistake? maybe i forgot somthing

[Rysefox]

far cry 4
try to do ctg teleport cheat
but game crash
did i miss sothing?

Code: Select all

alloc(newmem,$1000,"FC64.dll"+1F352BE)
alloc(my_thing,256)
label(load)
label(en_save)
label(en_load)
label(save)
label(z_cho)
label(x_cho)
label(y_cho)
label(code)
label(return)
registersymbol(en_save)
registersymbol(en_load)

my_thing:

z_cho: //120
dd (float)0
x_cho:  // 124
dd (float)0
y_cho:  // 128
dd  (float)0

en_save:
dd 0

en_load:
dd 0


newmem:

cmp [en_save],1
je save
cmp [en_load],1
je load
jmp code


save:
mov [en_save],0
push rbx
mov rbx,[rax+120]
mov [z_cho],rbx
mov rbx,[rax+124]
mov [x_cho],rbx
mov rbx,[rax+128]
mov [y_cho],rbx
pop rbx
jmp code

load:
mov [en_load],0
push rbx
mov rbx,[z_cho]
mov [rax+120],rbx
mov rbx,[x_cho]
mov [rax+124],rbx
mov rbx,[y_cho]
mov [rax+128],rbx
pop rbx
jmp code


code:
  movaps xmm1,[rax+120]
  jmp return
teleport:
  jmp newmem
  nop
  nop
return:
registersymbol(teleport)

[DISABLE]

teleport:
  db 0F 28 88 20 01 00 00

unregistersymbol(en_save)
unregistersymbol(en_load)
unregistersymbol(teleport)
dealloc(my_thing)
dealloc(newmem)

Your sure thats rax+120 is z? 124 is x? and 128 y? I disagree. I think x = 120, y = 124 and z = 128
Try to change

Code: Select all

z_cho: //120
dd (float)0
x_cho: // 124
dd (float)0
y_cho: // 128
dd (float)0
en_save:
dd 0

en_load:
dd 0

to

Code: Select all

z_cho: //120
dq 0
x_cho: // 124
dq 0
y_cho: // 128
dq 0

en_save:
dq 0

en_load:
dq 0

i dont think that the promblom
that just the chord name i give them.
do u see there a mistake? maybe i forgot somthing

Thats the only think what I see right now, but I think its the problem. Try it out.

Code: Select all

{ Game   : PixARK.exe
  Version: 
  Date   : 2019-05-31
  Author : Rysefox

  This script does blah blah blah
}

[ENABLE]

aobscanmodule(INJECT,PixARK.exe,F3 0F 10 89 08 01 00 00 F3 0F 11 4C 24 3C) // should be unique
alloc(newmem,$1000,"PixARK.exe"+632FEE)
alloc(Store_coord,246)

label(code)
label(return)
label(coord)
registersymbol(coord)
label(xpos)
label(ypos)
label(zpos)
label(save_flag)
label(save)
label(load)
label(load_flag)
registersymbol(coord)
registersymbol(xpos)
registersymbol(ypos)
registersymbol(zpos)
registersymbol(save_flag)
registersymbol(load)
registersymbol(load_flag)

Store_coord:
xpos:
dq 0

ypos:
dq 0

zpos:
dq 0

save_flag:
dd 0

load_flag:
dd 0


newmem:
cmp [save_flag],1
je save
cmp [load_flag],1
je load
jmp code

save:
mov [save_flag],0
push rbx
mov rbx,[rcx+100]
mov [xpos],rbx
mov rbx,[rcx+00000104]
mov [ypos],rbx
mov rbx,[rcx+00000108]
mov [zpos],rbx
pop rbx
jmp code

load:
mov [load_flag],0
push rbx
mov rbx,[xpos]
mov [rcx+00000100],rbx
mov rbx,[ypos]
mov [rcx+00000104],rbx
mov rbx,[zpos]
mov [rcx+00000108],rbx
pop rbx
jmp code


code:
mov [coord],rcx
  movss xmm1,[rcx+00000108]
  jmp return
coord:
dq 0
INJECT:
  jmp newmem
  nop
  nop
  nop
return:
registersymbol(INJECT)

[DISABLE]

INJECT:
  db F3 0F 10 89 08 01 00 00

unregistersymbol(INJECT)
unregistersymbol(coord)
unregistersymbol(xpos)
unregistersymbol(ypos)
unregistersymbol(zpos)
unregistersymbol(save)
unregistersymbol(save_flag)
unregistersymbol(load)
unregistersymbol(load_flag)
dealloc(newmem)

Heres a teleport cheat, wrote by me and working fine, you can compare^^

[DRDNK1000]

Your sure thats rax+120 is z? 124 is x? and 128 y? I disagree. I think x = 120, y = 124 and z = 128
Try to change

Code: Select all

z_cho: //120
dd (float)0
x_cho: // 124
dd (float)0
y_cho: // 128
dd (float)0
en_save:
dd 0

en_load:
dd 0

to

Code: Select all

z_cho: //120
dq 0
x_cho: // 124
dq 0
y_cho: // 128
dq 0

en_save:
dq 0

en_load:
dq 0

i dont think that the promblom
that just the chord name i give them.
do u see there a mistake? maybe i forgot somthing

Thats the only think what I see right now, but I think its the problem. Try it out.

Code: Select all

{ Game   : PixARK.exe
  Version: 
  Date   : 2019-05-31
  Author : Rysefox

  This script does blah blah blah
}

[ENABLE]

aobscanmodule(INJECT,PixARK.exe,F3 0F 10 89 08 01 00 00 F3 0F 11 4C 24 3C) // should be unique
alloc(newmem,$1000,"PixARK.exe"+632FEE)
alloc(Store_coord,246)

label(code)
label(return)
label(coord)
registersymbol(coord)
label(xpos)
label(ypos)
label(zpos)
label(save_flag)
label(save)
label(load)
label(load_flag)
registersymbol(coord)
registersymbol(xpos)
registersymbol(ypos)
registersymbol(zpos)
registersymbol(save_flag)
registersymbol(load)
registersymbol(load_flag)

Store_coord:
xpos:
dq 0

ypos:
dq 0

zpos:
dq 0

save_flag:
dd 0

load_flag:
dd 0


newmem:
cmp [save_flag],1
je save
cmp [load_flag],1
je load
jmp code

save:
mov [save_flag],0
push rbx
mov rbx,[rcx+100]
mov [xpos],rbx
mov rbx,[rcx+00000104]
mov [ypos],rbx
mov rbx,[rcx+00000108]
mov [zpos],rbx
pop rbx
jmp code

load:
mov [load_flag],0
push rbx
mov rbx,[xpos]
mov [rcx+00000100],rbx
mov rbx,[ypos]
mov [rcx+00000104],rbx
mov rbx,[zpos]
mov [rcx+00000108],rbx
pop rbx
jmp code


code:
mov [coord],rcx
  movss xmm1,[rcx+00000108]
  jmp return
coord:
dq 0
INJECT:
  jmp newmem
  nop
  nop
  nop
return:
registersymbol(INJECT)

[DISABLE]

INJECT:
  db F3 0F 10 89 08 01 00 00

unregistersymbol(INJECT)
unregistersymbol(coord)
unregistersymbol(xpos)
unregistersymbol(ypos)
unregistersymbol(zpos)
unregistersymbol(save)
unregistersymbol(save_flag)
unregistersymbol(load)
unregistersymbol(load_flag)
dealloc(newmem)

Heres a teleport cheat, wrote by me and working fine, you can compare^^

dont work.
but thx
i may need to try it on another game or somthing

[GreenHouse]

It's complicated to help you when we're not seeing anything. How does the function work? Share some info.

[DRDNK1000]

Your sure thats rax+120 is z? 124 is x? and 128 y? I disagree. I think x = 120, y = 124 and z = 128
Try to change

Code: Select all

z_cho: //120
dd (float)0
x_cho: // 124
dd (float)0
y_cho: // 128
dd (float)0
en_save:
dd 0

en_load:
dd 0

to

Code: Select all

z_cho: //120
dq 0
x_cho: // 124
dq 0
y_cho: // 128
dq 0

en_save:
dq 0

en_load:
dq 0

i dont think that the promblom
that just the chord name i give them.
do u see there a mistake? maybe i forgot somthing

Thats the only think what I see right now, but I think its the problem. Try it out.

Code: Select all

{ Game   : PixARK.exe
  Version: 
  Date   : 2019-05-31
  Author : Rysefox

  This script does blah blah blah
}

[ENABLE]

aobscanmodule(INJECT,PixARK.exe,F3 0F 10 89 08 01 00 00 F3 0F 11 4C 24 3C) // should be unique
alloc(newmem,$1000,"PixARK.exe"+632FEE)
alloc(Store_coord,246)

label(code)
label(return)
label(coord)
registersymbol(coord)
label(xpos)
label(ypos)
label(zpos)
label(save_flag)
label(save)
label(load)
label(load_flag)
registersymbol(coord)
registersymbol(xpos)
registersymbol(ypos)
registersymbol(zpos)
registersymbol(save_flag)
registersymbol(load)
registersymbol(load_flag)

Store_coord:
xpos:
dq 0

ypos:
dq 0

zpos:
dq 0

save_flag:
dd 0

load_flag:
dd 0


newmem:
cmp [save_flag],1
je save
cmp [load_flag],1
je load
jmp code

save:
mov [save_flag],0
push rbx
mov rbx,[rcx+100]
mov [xpos],rbx
mov rbx,[rcx+00000104]
mov [ypos],rbx
mov rbx,[rcx+00000108]
mov [zpos],rbx
pop rbx
jmp code

load:
mov [load_flag],0
push rbx
mov rbx,[xpos]
mov [rcx+00000100],rbx
mov rbx,[ypos]
mov [rcx+00000104],rbx
mov rbx,[zpos]
mov [rcx+00000108],rbx
pop rbx
jmp code


code:
mov [coord],rcx
  movss xmm1,[rcx+00000108]
  jmp return
coord:
dq 0
INJECT:
  jmp newmem
  nop
  nop
  nop
return:
registersymbol(INJECT)

[DISABLE]

INJECT:
  db F3 0F 10 89 08 01 00 00

unregistersymbol(INJECT)
unregistersymbol(coord)
unregistersymbol(xpos)
unregistersymbol(ypos)
unregistersymbol(zpos)
unregistersymbol(save)
unregistersymbol(save_flag)
unregistersymbol(load)
unregistersymbol(load_flag)
dealloc(newmem)

Heres a teleport cheat, wrote by me and working fine, you can compare^^

registersymbol(xpos)
registersymbol(ypos)
registersymbol(zpos)

why you put registersymbol here?
label is not enouth?

[DRDNK1000]

It's complicated to help you when we're not seeing anything. How does the function work? Share some info.

the idea is to save your place on the map in register
and after u go a way to load it and teleport there.

cheat the game have video about that

[Rysefox]

i dont think that the promblom
that just the chord name i give them.
do u see there a mistake? maybe i forgot somthing

Thats the only think what I see right now, but I think its the problem. Try it out.

Code: Select all

{ Game   : PixARK.exe
  Version: 
  Date   : 2019-05-31
  Author : Rysefox

  This script does blah blah blah
}

[ENABLE]

aobscanmodule(INJECT,PixARK.exe,F3 0F 10 89 08 01 00 00 F3 0F 11 4C 24 3C) // should be unique
alloc(newmem,$1000,"PixARK.exe"+632FEE)
alloc(Store_coord,246)

label(code)
label(return)
label(coord)
registersymbol(coord)
label(xpos)
label(ypos)
label(zpos)
label(save_flag)
label(save)
label(load)
label(load_flag)
registersymbol(coord)
registersymbol(xpos)
registersymbol(ypos)
registersymbol(zpos)
registersymbol(save_flag)
registersymbol(load)
registersymbol(load_flag)

Store_coord:
xpos:
dq 0

ypos:
dq 0

zpos:
dq 0

save_flag:
dd 0

load_flag:
dd 0


newmem:
cmp [save_flag],1
je save
cmp [load_flag],1
je load
jmp code

save:
mov [save_flag],0
push rbx
mov rbx,[rcx+100]
mov [xpos],rbx
mov rbx,[rcx+00000104]
mov [ypos],rbx
mov rbx,[rcx+00000108]
mov [zpos],rbx
pop rbx
jmp code

load:
mov [load_flag],0
push rbx
mov rbx,[xpos]
mov [rcx+00000100],rbx
mov rbx,[ypos]
mov [rcx+00000104],rbx
mov rbx,[zpos]
mov [rcx+00000108],rbx
pop rbx
jmp code


code:
mov [coord],rcx
  movss xmm1,[rcx+00000108]
  jmp return
coord:
dq 0
INJECT:
  jmp newmem
  nop
  nop
  nop
return:
registersymbol(INJECT)

[DISABLE]

INJECT:
  db F3 0F 10 89 08 01 00 00

unregistersymbol(INJECT)
unregistersymbol(coord)
unregistersymbol(xpos)
unregistersymbol(ypos)
unregistersymbol(zpos)
unregistersymbol(save)
unregistersymbol(save_flag)
unregistersymbol(load)
unregistersymbol(load_flag)
dealloc(newmem)

Heres a teleport cheat, wrote by me and working fine, you can compare^^

registersymbol(xpos)
registersymbol(ypos)
registersymbol(zpos)

why you put registersymbol here?
label is not enouth?

Label is enough

[Rysefox]

It's complicated to help you when we're not seeing anything. How does the function work? Share some info.

the idea is to save your place on the map in register
and after u go a way to load it and teleport there.

cheat the game have video about that

I do not know, I do not see your instruction, maybe the register you are using is already in use, and therefore crashes.

[DRDNK1000]

It's complicated to help you when we're not seeing anything. How does the function work? Share some info.

the idea is to save your place on the map in register
and after u go a way to load it and teleport there.

cheat the game have video about that

I do not know, I do not see your instruction, maybe the register you are using is already in use, and therefore crashes.

didnt saw him but when i be in home i will try to replace him.

big thx for your help btw
u the only one who aswer all the time and so fast

[GreenHouse]

the idea is to save your place on the map in register
and after u go a way to load it and teleport there.

cheat the game have video about that

I need to see the function, If I don't see it I can't know what's wrong. Just share a screenshot.

[DRDNK1000]

the idea is to save your place on the map in register
and after u go a way to load it and teleport there.

cheat the game have video about that

I need to see the function, If I don't see it I can't know what's wrong. Just share a screenshot.

sorry i dont understan what screenshot u want
can u give me exeple so i know what to take?

[GreenHouse]

sorry i dont understan what screenshot u want
can u give me exeple so i know what to take?

Just the main template of AOB does show some of the nearby code. If I don't know what is doing what, I don't know what's wrong.
According to your script, "FC64.dll"+1F352BE should have what I'm asking for. Go there, and do a screenshot or copy/paste the code that is near that.

[Kitsos]

It usually doesn't matter much, but the jumps should be near each other.
Try: (If allocations have a lot of space between. Usually its not that)
alloc(newmem,$1000,"FC64.dll"+1F352BE)
alloc(my_thing,256,"FC64.dll"+1F352BE)

Confirm that the instruction you inject, doesn't access anything else (rightclick->what other addresses it accesses)

The original code: movaps xmm1,[rax+120] is obviously messing with floats.
I dont know id prefer to use an xmm register:
like:
movss xmm11,[rax+120]
movss [pos_x],xmm11
--breakpoints (to check if it crashes before or after it writes the floats)

pushf and popf (before the cmp and after the code (eg. on return: label)
We don't know where you inject, you might be changing a flag

Are you also sure that you are writing to the actual position and not the 'displayed' position?
(eg. If you alter one of the positions it moves the character.. (you can also double-check the XYZ axis, which is rarely in another order.))

Try and set break points and figure where it crashes. (Pause CE->EnableScript->Set Breakpoints->Resume... after it hits the first go step by step)

What happens if you spawn on the ground? Do you collide, or keep falling? (add smthing to Z (height) (thats why you have to figure it cause i also believe it should be the rax+128)

Spoiler

Use search (for FC4)! Cause I did it at half-point..
Who knows someone might have already a Teleport Script in The forum! Use it as reference to compare it and figure your faults!