|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
Thiago Newbie cheater Reputation: 0
Joined: 30 Jan 2017 Posts: 18
|
Posted: Wed Jan 10, 2018 11:00 pm Post subject: Add float number |
|
|
What am I doing wrong here?
It was suppoust to add both float numbers and make me fly!!!
I often see people using xmm# to do float operations, isn't xmm# 64 bit only?!
Code: |
[ENABLE]
alloc(newmem,100)
label(returnhere)
label(originalcode)
label(exit)
label(val)
newmem:
originalcode:
fld qword ptr [edi+18]
fstp dword ptr [esi+eax*8+14]
cmp ecx, 391d2f50 // hardcoded
jne exit
cmp [ecx+44], (float)77000
jge exit
push edx
xor edx, edx
fld dword ptr [edx]
fadd dword ptr [val]
fstp dword ptr [edx]
mov [ecx+44], edx
pop edx
val:
dd (float)0.001
exit:
jmp returnhere
"Flash.ocx"+449915:
jmp newmem
nop
nop
returnhere:
[DISABLE]
dealloc(newmem)
"Flash.ocx"+449915:
fld qword ptr [edi+18]
fstp dword ptr [esi+eax*8+14]
|
I get that hardcoded address by putting a breakpoint in the instruction and copying its address.
_________________
I'm newbie ... |
|
Back to top |
|
|
OldCheatEngineUser Whateven rank Reputation: 20
Joined: 01 Feb 2016 Posts: 1587
|
Posted: Wed Jan 10, 2018 11:20 pm Post subject: |
|
|
Thiago wrote: | I often see people using xmm# to do float operations, isn't xmm# 64 bit only?! |
8 xmm registers available in 32-bit mode, while 16 xmm registers in 64-bit mode.
im not sure what you code exactly doing, but there is a mistake here:
Thiago wrote: | Code: | push edx
xor edx, edx
fld dword ptr [edx]
fadd dword ptr [val]
fstp dword ptr [edx]
mov [ecx+44], edx
pop edx |
|
push edx, so whatever in edx is in the stack now
xor edx,edx means clear whatever edx contains, so edx becomes 0
fld dw p [edx] load it into st(0)
kinda funny here but, fadd dw p [val] and val is 0.001
then fstp store whatever in st(0) into edx and pop that value.
then mov [ecx+44],edx <- you are moving 0.001 into ecx+44
well finally you retrieve the old float value from he stack with pop edx
you didnt meant to do this?
explain your code, idk what all these lines doing and dealing with what.
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
STN wrote: | i am a sweetheart. |
|
|
Back to top |
|
|
Thiago Newbie cheater Reputation: 0
Joined: 30 Jan 2017 Posts: 18
|
Posted: Wed Jan 10, 2018 11:48 pm Post subject: |
|
|
OldCheatEngineUser wrote: | Thiago wrote: | I often see people using xmm# to do float operations, isn't xmm# 64 bit only?! |
8 xmm registers available in 32-bit mode, while 16 xmm registers in 64-bit mode.
im not sure what you code exactly doing, but there is a mistake here:
Thiago wrote: | Code: | push edx
xor edx, edx
fld dword ptr [edx]
fadd dword ptr [val]
fstp dword ptr [edx]
mov [ecx+44], edx
pop edx |
|
push edx, so whatever in edx is in the stack now
xor edx,edx means clear whatever edx contains, so edx becomes 0
fld dw p [edx] load it into st(0)
kinda funny here but, fadd dw p [val] and val is 0.001
then fstp store whatever in st(0) into edx and pop that value.
then mov [ecx+44],edx <- you are moving 0.001 into ecx+44
well finally you retrieve the old float value from he stack with pop edx
you didnt meant to do this?
explain your code, idk what all these lines doing and dealing with what. |
Basically I have my player Vec3, with X, Y, Z.
The values in the Vec3 are stored at:
Code: |
[ecx+40]
[ecx+44]
[ecx+48]
|
respectively.
I wanted to gradually increase my Y value, but doing this:
Code: |
add [ecx+44], (float)0.001
|
didn't work.
So I searched for some topics related to float operations and copied it to my code, that's why it's so confusing.
_________________
I'm newbie ... |
|
Back to top |
|
|
OldCheatEngineUser Whateven rank Reputation: 20
Joined: 01 Feb 2016 Posts: 1587
|
Posted: Wed Jan 10, 2018 11:53 pm Post subject: |
|
|
if you read carefully, then you are storing 0.001 float in your y coord.
one more thing, you forgot to add:
jmp exit after pop edx.
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
STN wrote: | i am a sweetheart. |
|
|
Back to top |
|
|
Csimbi I post too much Reputation: 94
Joined: 14 Jul 2007 Posts: 3110
|
Posted: Thu Jan 11, 2018 12:00 pm Post subject: |
|
|
This is just plain wrong, mate:
Code: | xor edx, edx
fld dword ptr [edx]
fadd dword ptr [val]
fstp dword ptr [edx]
mov [ecx+44], edx |
This compiles to:
load FPU from 0x0000000
add to FPU from val
store FPU to 0x0000000
set [ecx+44] to 0.
It should crash at the first FPU instruction already.
You need to learn some assembly.
|
|
Back to top |
|
|
Thiago Newbie cheater Reputation: 0
Joined: 30 Jan 2017 Posts: 18
|
Posted: Thu Jan 11, 2018 3:50 pm Post subject: |
|
|
Csimbi wrote: | This is just plain wrong, mate:
Code: | xor edx, edx
fld dword ptr [edx]
fadd dword ptr [val]
fstp dword ptr [edx]
mov [ecx+44], edx |
This compiles to:
load FPU from 0x0000000
add to FPU from val
store FPU to 0x0000000
set [ecx+44] to 0.
It should crash at the first FPU instruction already.
You need to learn some assembly. |
Code: |
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,$100)
alloc(addr, $100)
label(returnhere)
label(originalcode)
label(exit)
label(val)
label(addrs)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
originalcode:
fld qword ptr [edi+18]
fstp dword ptr [esi+eax*8+14]
cmp ecx, 38A0A240 // hardcoded
jne exit
cmp [ecx+44], (float)77000
jge exit
fld dword ptr [ecx+44]
fadd dword ptr [val]
fstp dword ptr [addr]
push edx
xor edx, edx
mov edx, [addr]
mov [ecx+44], edx
pop edx
jmp returnhere
addrs:
dd addr
val:
dd (float)150
exit:
jmp returnhere
"Flash.ocx"+449915:
jmp newmem
nop
nop
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
"Flash.ocx"+449915:
fld qword ptr [edi+18]
fstp dword ptr [esi+eax*8+14]
//Alt: db DD 47 18 D9 5C C6 14
|
This is my final code, it ends up just adding 1 and not doing anything, but I think it is because in this game, the player Y is attached to the ground, so you can't really jump or fly in the air (without cheats, obviously).
_________________
I'm newbie ... |
|
Back to top |
|
|
Csimbi I post too much Reputation: 94
Joined: 14 Jul 2007 Posts: 3110
|
Posted: Fri Jan 12, 2018 5:18 am Post subject: |
|
|
I have no idea about this game or what that code does, but I do have a comment on that code regarding this bit:
Quote: | fld dword ptr [ecx+44]
fadd dword ptr [val]
fstp dword ptr [addr]
push edx
xor edx, edx
mov edx, [addr]
mov [ecx+44], edx
pop edx |
Well, two comments:
1. Zeroing out EDX is unnecessary when the next instruction overwrites it anyway.
2. Why don't you write back to the destination directly?:
Quote: | fld dword ptr [ecx+44]
fadd dword ptr [val]
fstp dword ptr [ecx+44]
|
If you can jump or fly without cheats, then that means that the game uses the Z coordinate (unless of course it's a 2D game and jump is actually the Y coordinate).
Try adding a bigger number than just 1. In unreal games, 1 means more or less nothing, you would not even notice.
Add 10, 100, 1000 and so on.
If you are changing the right value, you will see the difference in the game eventually.
However, make sure that the value is not updated by anything else prior to its use, or else your changes will be lost.
Just one more thing. If it's a jump you want, you don't really need any of that code. Just register the address in the AA script, add that registered symbol to the address list and assign a hotkey to that entry that simply increments the Z coordinate (whenever the hotkey is pressed).
Code: | label(fCoordZ)
registersymbol(fCoordZ)
...
push edx
lea edx, [ecx+44]
mov dword ptr [fCoordZ]
pop edx
...
fCoordZ:
dd 0
...
unregistersymbol(fCoordZ)
|
Add a float to the table and enter fCoordZ as the address, then assign your hotkey with the appropriate action.
Good luck!
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|