Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Add float number

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
Thiago
Newbie cheater
Reputation: 0

Joined: 30 Jan 2017
Posts: 18

PostPosted: Wed Jan 10, 2018 11:00 pm    Post subject: Add float number Reply with quote

What am I doing wrong here?

It was suppoust to add both float numbers and make me fly!!!

I often see people using xmm# to do float operations, isn't xmm# 64 bit only?!

Code:

[ENABLE]

alloc(newmem,100)
label(returnhere)
label(originalcode)
label(exit)
label(val)

newmem:

originalcode:
fld qword ptr [edi+18]
fstp dword ptr [esi+eax*8+14]
cmp ecx, 391d2f50 // hardcoded
jne exit
cmp [ecx+44], (float)77000
jge exit
push edx
xor edx, edx
fld dword ptr [edx]
fadd dword ptr [val]
fstp dword ptr [edx]
mov [ecx+44], edx
pop edx

val:
dd (float)0.001

exit:
jmp returnhere

"Flash.ocx"+449915:
jmp newmem
nop
nop
returnhere:


 
 
[DISABLE]

dealloc(newmem)
"Flash.ocx"+449915:
fld qword ptr [edi+18]
fstp dword ptr [esi+eax*8+14]



I get that hardcoded address by putting a breakpoint in the instruction and copying its address.

_________________
I'm newbie ...
Back to top
View user's profile Send private message
OldCheatEngineUser
Whateven rank
Reputation: 20

Joined: 01 Feb 2016
Posts: 1586

PostPosted: Wed Jan 10, 2018 11:20 pm    Post subject: Reply with quote

Thiago wrote:
I often see people using xmm# to do float operations, isn't xmm# 64 bit only?!

8 xmm registers available in 32-bit mode, while 16 xmm registers in 64-bit mode.

im not sure what you code exactly doing, but there is a mistake here:

Thiago wrote:
Code:
push edx
xor edx, edx
fld dword ptr [edx]
fadd dword ptr [val]
fstp dword ptr [edx]
mov [ecx+44], edx
pop edx


push edx, so whatever in edx is in the stack now
xor edx,edx means clear whatever edx contains, so edx becomes 0
fld dw p [edx] load it into st(0)
kinda funny here but, fadd dw p [val] and val is 0.001
then fstp store whatever in st(0) into edx and pop that value.
then mov [ecx+44],edx <- you are moving 0.001 into ecx+44
well finally you retrieve the old float value from he stack with pop edx

you didnt meant to do this?
explain your code, idk what all these lines doing and dealing with what.

_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
STN wrote:
i am a sweetheart.
Back to top
View user's profile Send private message Visit poster's website
Thiago
Newbie cheater
Reputation: 0

Joined: 30 Jan 2017
Posts: 18

PostPosted: Wed Jan 10, 2018 11:48 pm    Post subject: Reply with quote

OldCheatEngineUser wrote:
Thiago wrote:
I often see people using xmm# to do float operations, isn't xmm# 64 bit only?!

8 xmm registers available in 32-bit mode, while 16 xmm registers in 64-bit mode.

im not sure what you code exactly doing, but there is a mistake here:

Thiago wrote:
Code:
push edx
xor edx, edx
fld dword ptr [edx]
fadd dword ptr [val]
fstp dword ptr [edx]
mov [ecx+44], edx
pop edx


push edx, so whatever in edx is in the stack now
xor edx,edx means clear whatever edx contains, so edx becomes 0
fld dw p [edx] load it into st(0)
kinda funny here but, fadd dw p [val] and val is 0.001
then fstp store whatever in st(0) into edx and pop that value.
then mov [ecx+44],edx <- you are moving 0.001 into ecx+44
well finally you retrieve the old float value from he stack with pop edx

you didnt meant to do this?
explain your code, idk what all these lines doing and dealing with what.


Basically I have my player Vec3, with X, Y, Z.

The values in the Vec3 are stored at:

Code:

[ecx+40]
[ecx+44]
[ecx+48]


respectively.

I wanted to gradually increase my Y value, but doing this:

Code:


add [ecx+44], (float)0.001



didn't work.

So I searched for some topics related to float operations and copied it to my code, that's why it's so confusing.

_________________
I'm newbie ...
Back to top
View user's profile Send private message
OldCheatEngineUser
Whateven rank
Reputation: 20

Joined: 01 Feb 2016
Posts: 1586

PostPosted: Wed Jan 10, 2018 11:53 pm    Post subject: Reply with quote

if you read carefully, then you are storing 0.001 float in your y coord.

one more thing, you forgot to add:
jmp exit after pop edx.

_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
STN wrote:
i am a sweetheart.
Back to top
View user's profile Send private message Visit poster's website
Csimbi
I post too much
Reputation: 92

Joined: 14 Jul 2007
Posts: 3102

PostPosted: Thu Jan 11, 2018 12:00 pm    Post subject: Reply with quote

This is just plain wrong, mate:
Code:
xor edx, edx
fld dword ptr [edx]
fadd dword ptr [val]
fstp dword ptr [edx]
mov [ecx+44], edx 


This compiles to:
load FPU from 0x0000000
add to FPU from val
store FPU to 0x0000000
set [ecx+44] to 0.

It should crash at the first FPU instruction already.
You need to learn some assembly.
Back to top
View user's profile Send private message
Thiago
Newbie cheater
Reputation: 0

Joined: 30 Jan 2017
Posts: 18

PostPosted: Thu Jan 11, 2018 3:50 pm    Post subject: Reply with quote

Csimbi wrote:
This is just plain wrong, mate:
Code:
xor edx, edx
fld dword ptr [edx]
fadd dword ptr [val]
fstp dword ptr [edx]
mov [ecx+44], edx 


This compiles to:
load FPU from 0x0000000
add to FPU from val
store FPU to 0x0000000
set [ecx+44] to 0.

It should crash at the first FPU instruction already.
You need to learn some assembly.


Code:


[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,$100)
alloc(addr, $100)
label(returnhere)
label(originalcode)
label(exit)
label(val)
label(addrs)

newmem: //this is allocated memory, you have read,write,execute access
//place your code here

originalcode:
fld qword ptr [edi+18]
fstp dword ptr [esi+eax*8+14]
cmp ecx, 38A0A240 // hardcoded
jne exit
cmp [ecx+44], (float)77000
jge exit
fld dword ptr [ecx+44]
fadd dword ptr [val]
fstp dword ptr [addr]
push edx
xor edx, edx
mov edx, [addr]
mov [ecx+44], edx
pop edx

jmp returnhere

addrs:
dd addr

val:
dd (float)150

exit:
jmp returnhere

"Flash.ocx"+449915:
jmp newmem
nop
nop
returnhere:


[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
"Flash.ocx"+449915:
fld qword ptr [edi+18]
fstp dword ptr [esi+eax*8+14]
//Alt: db DD 47 18 D9 5C C6 14



This is my final code, it ends up just adding 1 and not doing anything, but I think it is because in this game, the player Y is attached to the ground, so you can't really jump or fly in the air (without cheats, obviously).

_________________
I'm newbie ...
Back to top
View user's profile Send private message
Csimbi
I post too much
Reputation: 92

Joined: 14 Jul 2007
Posts: 3102

PostPosted: Fri Jan 12, 2018 5:18 am    Post subject: Reply with quote

I have no idea about this game or what that code does, but I do have a comment on that code regarding this bit:
Quote:
fld dword ptr [ecx+44]
fadd dword ptr [val]
fstp dword ptr [addr]
push edx
xor edx, edx
mov edx, [addr]
mov [ecx+44], edx
pop edx

Well, two comments:
    1. Zeroing out EDX is unnecessary when the next instruction overwrites it anyway.
    2. Why don't you write back to the destination directly?:

Quote:
fld dword ptr [ecx+44]
fadd dword ptr [val]
fstp dword ptr [ecx+44]


If you can jump or fly without cheats, then that means that the game uses the Z coordinate (unless of course it's a 2D game and jump is actually the Y coordinate).
Try adding a bigger number than just 1. In unreal games, 1 means more or less nothing, you would not even notice.
Add 10, 100, 1000 and so on.
If you are changing the right value, you will see the difference in the game eventually.
However, make sure that the value is not updated by anything else prior to its use, or else your changes will be lost.

Just one more thing. If it's a jump you want, you don't really need any of that code. Just register the address in the AA script, add that registered symbol to the address list and assign a hotkey to that entry that simply increments the Z coordinate (whenever the hotkey is pressed).

Code:
label(fCoordZ)
registersymbol(fCoordZ)
...
push edx
lea edx, [ecx+44]
mov dword ptr [fCoordZ]
pop edx
...
fCoordZ:
dd 0
...
unregistersymbol(fCoordZ)


Add a float to the table and enter fCoordZ as the address, then assign your hotkey with the appropriate action.

Good luck!
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites