View previous topic :: View next topic |
Author |
Message |
Ejay1984 Newbie cheater Reputation: 0
Joined: 16 Nov 2017 Posts: 24
|
Posted: Tue Feb 06, 2018 5:45 am Post subject: Help with Superjump Hack |
|
|
Hi
I'm trying to have a go at a superjump hack for Blackhole, but I'm having trouble as the line I'm trying to input isn't working as I get an error. The original script is below:
Code: | aobscanmodule(INJECT,BH.exe,F2 0F 59 07 F2 0F 11 07 EB 1B 8D 84 24 D0 36) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
code:
mulsd xmm0,[edi]
movsd [edi],xmm0
jmp return
INJECT:
jmp newmem
nop
nop
nop
return:
registersymbol(INJECT)
[DISABLE]
INJECT:
db F2 0F 59 07 F2 0F 11 07
unregistersymbol(INJECT)
dealloc(newmem) |
I'm trying to insert movsd [edi],(double)10 in the original code.
Any help with this will be appreciated. Thanks
|
|
Back to top |
|
|
OldCheatEngineUser Whateven rank Reputation: 20
Joined: 01 Feb 2016 Posts: 1587
|
Posted: Tue Feb 06, 2018 6:11 am Post subject: |
|
|
Code: | newmem:
mov [edi],(double)10.00 |
but that might not give you an actual super jump.
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
STN wrote: | i am a sweetheart. |
|
|
Back to top |
|
|
Ejay1984 Newbie cheater Reputation: 0
Joined: 16 Nov 2017 Posts: 24
|
Posted: Tue Feb 06, 2018 6:26 am Post subject: |
|
|
OldCheatEngineUser wrote: | Code: | newmem:
mov [edi],(double)10.00 |
but that might not give you an actual super jump. |
Unfortunately it doesn't work
This is what I attempted to do;
Code: | label(code)
label(return)
newmem:
code:
mulsd xmm0,[edi]
movsd [edi],xmm0
jmp return
INJECT:
jmp newmem
nop
nop
nop
return:
registersymbol(INJECT)
[DISABLE] |
|
|
Back to top |
|
|
OldCheatEngineUser Whateven rank Reputation: 20
Joined: 01 Feb 2016 Posts: 1587
|
Posted: Tue Feb 06, 2018 6:33 am Post subject: |
|
|
what do you mean with doesnt work?
- compile error? thats impossible!
- not giving you super jump? well yeah probably wont!
and whats the difference between your first post and second post?
both scripts are the same!
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
STN wrote: | i am a sweetheart. |
|
|
Back to top |
|
|
Ejay1984 Newbie cheater Reputation: 0
Joined: 16 Nov 2017 Posts: 24
|
Posted: Tue Feb 06, 2018 9:00 am Post subject: |
|
|
OldCheatEngineUser wrote: | what do you mean with doesnt work?
- compile error? thats impossible!
- not giving you super jump? well yeah probably wont!
and whats the difference between your first post and second post?
both scripts are the same! |
Apologies I used the wrong copy and paste
label(code)
label(return)
newmem:
code:
mov [edi],(double)10.00
mulsd xmm0,[edi]
movsd [edi],xmm0
jmp return
INJECT:
jmp newmem
nop
nop
nop
return:
registersymbol(INJECT)
[DISABLE]
Basically it doesn't give me the super jump. Nopping the instruction makes the player stationary when I jump so I assumed it was the code to alter.
|
|
Back to top |
|
|
OldCheatEngineUser Whateven rank Reputation: 20
Joined: 01 Feb 2016 Posts: 1587
|
Posted: Tue Feb 06, 2018 9:46 am Post subject: |
|
|
Ejay1984 wrote: | Basically it doesn't give me the super jump. |
OldCheatEngineUser wrote: | but that might not give you an actual super jump. |
if you want a real super jump, then you might have to find the constant or the multiplier. (or divider in some games)
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
STN wrote: | i am a sweetheart. |
|
|
Back to top |
|
|
Ejay1984 Newbie cheater Reputation: 0
Joined: 16 Nov 2017 Posts: 24
|
Posted: Tue Feb 06, 2018 9:56 am Post subject: |
|
|
OldCheatEngineUser wrote: | Ejay1984 wrote: | Basically it doesn't give me the super jump. |
OldCheatEngineUser wrote: | but that might not give you an actual super jump. |
if you want a real super jump, then you might have to find the constant or the multiplier. (or divider in some games) |
Thanks. It's quite difficult finding the value but I'll keep trying. Cheers
|
|
Back to top |
|
|
OldCheatEngineUser Whateven rank Reputation: 20
Joined: 01 Feb 2016 Posts: 1587
|
Posted: Tue Feb 06, 2018 10:02 am Post subject: |
|
|
not always difficult (and not in every game)
see what accesses the address then jump
what instruction keep reading while your z coord is increasing
what instruction keeps reading while your z coord is decreasing
what instruction(s) read when you hit the ground (this might be useful for fly hacks)
and there is many other ways, and remember it depends on the game .. so you cant walk into the same valley for every game.
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
STN wrote: | i am a sweetheart. |
|
|
Back to top |
|
|
sbryzl Master Cheater Reputation: 6
Joined: 25 Jul 2016 Posts: 252
|
Posted: Tue Feb 06, 2018 2:30 pm Post subject: |
|
|
This won't work.
mov [edi],(double)10.00
You can't move a 64 bit immediate into a memory location only to a 64 bit register.
You can use the following which would accomplish the desired effect.
mov [edi+4],40240000
|
|
Back to top |
|
|
TheyCallMeTim13 Wiki Contributor Reputation: 50
Joined: 24 Feb 2017 Posts: 976 Location: Pluto
|
Posted: Tue Feb 06, 2018 4:39 pm Post subject: |
|
|
For super speed and super jump I find Y coordinate, then Y coordinate Delta, then find the engines multiplier or add one. In some games this can be done with 1 injection. But most of the time I run in to problems when multiplying the Y except in instructions that only fire when jumping. But around instructions that only fire when jumping you can find the force or height of the jump or even a multiplier as well.
Super speed tutorial
Super jump tutorial
_________________
|
|
Back to top |
|
|
OldCheatEngineUser Whateven rank Reputation: 20
Joined: 01 Feb 2016 Posts: 1587
|
Posted: Tue Feb 06, 2018 7:43 pm Post subject: |
|
|
sbryzl wrote: | This won't work.
mov [edi],(double)10.00
You can't move a 64 bit immediate into a memory location only to a 64 bit register.
You can use the following which would accomplish the desired effect.
mov [edi+4],40240000 |
you can move it, but that doesnt mean it gonna work.
it takes 8 bytes in memory (in reverse order)
when cpu read it, it gonna read the lower 32-bit (edi)
he still have multiple choices, using SSE instructions, FPU ...
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
STN wrote: | i am a sweetheart. |
|
|
Back to top |
|
|
TheyCallMeTim13 Wiki Contributor Reputation: 50
Joined: 24 Feb 2017 Posts: 976 Location: Pluto
|
Posted: Tue Feb 06, 2018 7:56 pm Post subject: |
|
|
It actually works, as long as the first 4 bytes are zreos.
Description: |
|
Filesize: |
54.39 KB |
Viewed: |
5238 Time(s) |
|
_________________
|
|
Back to top |
|
|
sbryzl Master Cheater Reputation: 6
Joined: 25 Jul 2016 Posts: 252
|
Posted: Tue Feb 06, 2018 8:48 pm Post subject: |
|
|
OldCheatEngineUser wrote: |
you can move it, but that doesnt mean it gonna work. |
No, you can't move it, that's why it won't work.
Quote: | it takes 8 bytes in memory (in reverse order) |
Yes and you can only move 4 bytes to a memory location using immediate values and the 4 bytes that will be put at [edi] are all zero because (double)10 is 00h 00h 00h 00h 00h 00h 24h 40h.
Even if cheat engine used 00h 00h 24h 40h instead it still wouldn't make a (double)10. It would be a very small number very close to zero.
|
|
Back to top |
|
|
OldCheatEngineUser Whateven rank Reputation: 20
Joined: 01 Feb 2016 Posts: 1587
|
Posted: Tue Feb 06, 2018 10:37 pm Post subject: |
|
|
sbryzl wrote: | No, you can't move it, that's why it won't work. |
OldCheatEngineUser wrote: | it gonna read the lower 32-bit (edi) |
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
STN wrote: | i am a sweetheart. |
|
|
Back to top |
|
|
sbryzl Master Cheater Reputation: 6
Joined: 25 Jul 2016 Posts: 252
|
Posted: Tue Feb 06, 2018 10:51 pm Post subject: |
|
|
OldCheatEngineUser wrote: | sbryzl wrote: | No, you can't move it, that's why it won't work. |
OldCheatEngineUser wrote: | it gonna read the lower 32-bit (edi) |
|
As I have already said there are only 32 bits to move not an upper and lower.
When you give Cheat Engine an invalid value like:
Code: | mov [edi],(double)10.00 |
It's going to turn it into something readable so it will become this:
|
|
Back to top |
|
|
|