| View previous topic :: View next topic |
| Author |
Message |
Nemexia55
Expert Cheater
![]() Reputation: 0
Joined: 28 Jan 2014
Posts: 160
|
 Posted: Tue Dec 09, 2014 1:58 pm Post subject: Whats wrong with this code? |
 |
|
hi i really cant figure out that what is wrong with this code:
any idea?
| Code: | [ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
mov eax,[ebx+00000480]
mov ecx,#2
div ecx
add [ebx+00000480],eax
originalcode:
//sub [ebx+00000480],eax
exit:
jmp returnhere
"Tutorial-i386.exe"+24FFB:
jmp newmem
nop
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
"Tutorial-i386.exe"+24FFB:
sub [ebx+00000480],eax
//Alt: db 29 83 80 04 00 00 |
_________________
|
|
| Back to top |
|
 |
mgr.inz.Player
I post too much
 Reputation: 218
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Tue Dec 09, 2014 5:54 pm Post subject: |
 |
|
Probably because you altered value of ECX and EDX registers - info.
Anyway, why DIV? This would be better
| Code: | [ENABLE]
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
mov eax,[ebx+00000480]
sar eax,1
add [ebx+00000480],eax
originalcode:
//sub [ebx+00000480],eax
exit:
jmp returnhere
"Tutorial-i386.exe"+24FFB:
jmp newmem
nop
returnhere:
[DISABLE]
dealloc(newmem)
"Tutorial-i386.exe"+24FFB:
sub [ebx+00000480],eax
//Alt: db 29 83 80 04 00 00
|
_________________
|
|
| Back to top |
|
|
Nemexia55
Expert Cheater
![]() Reputation: 0
Joined: 28 Jan 2014
Posts: 160
|
| Posted: Wed Dec 10, 2014 10:27 am Post subject: |
|
|
Oh Thanks for answering:
i had to do this:
| Code: | newmem:
access
mov eax,[ebx+00000480]
mov edx,#00
mov ecx,#2
div ecx
add [ebx+00000480],eax |
And what is this code's function?
| Code: | mov eax,[ebx+00000480]
sar eax,1
add [ebx+00000480],eax |
_________________
|
|
| Back to top |
|
|
zm0d
Master Cheater
 Reputation: 7
Joined: 06 Nov 2013
Posts: 423
|
| Posted: Wed Dec 10, 2014 10:50 am Post subject: |
|
|
sar stands for Shift Arithmetic Right , which simply moves the bits of the value in EAX by 1 to the right (the number after the comma)... this is a fast way to divide a value by 2^x, where x stands for the right operand.
sal is the opponent to sar. It multiplies a value in a register with 2^x.
|
|
| Back to top |
|
|
Nemexia55
Expert Cheater
![]() Reputation: 0
Joined: 28 Jan 2014
Posts: 160
|
| Posted: Wed Dec 10, 2014 1:21 pm Post subject: |
|
|
| mgr.inz.Player wrote: |
Anyway, why DIV? This would be better
|
because i can divide it by other numbers 
_________________
|
|
| Back to top |
|
|
mgr.inz.Player
I post too much
Reputation: 218
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Wed Dec 10, 2014 5:50 pm Post subject: |
|
|
For that, you should use something like this:
| Code: | push eax
push ecx
push edx
mov eax,[ebx+00000480]
mov ecx,#2
cdq
idiv ecx
add [ebx+00000480],eax
pop edx
pop ecx
pop eax |
_________________
|
|
| Back to top |
|
|
Nemexia55
Expert Cheater
![]() Reputation: 0
Joined: 28 Jan 2014
Posts: 160
|
| Posted: Thu Dec 11, 2014 2:59 am Post subject: sorry |
|
|
sorry i ask again but what are these?
i'm somehow beginner in assembly...
i understand the whole code except this part:
i mean what is
and what's the difference between
and
_________________
|
|
| Back to top |
|
|
zm0d
Master Cheater
Reputation: 7
Joined: 06 Nov 2013
Posts: 423
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
