 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
XxSongixX
How do I cheat?
![]() Reputation: 0
Joined: 06 Mar 2022
Posts: 6
|
 Posted: Wed Oct 25, 2023 9:58 am Post subject: My script multiplies a value without control |
 |
|
Greetings, I have a question, I have tried different things for a long time and I don't know how to advance further, I have achieved something similar to what I am looking for.
The thing is that I try to multiply the speed value by executing a script that I will leave at the end, but when I indicate the value to be multiplied, if it goes beyond 1.04 the value begins to increase without control and never decays returning to 0.
The purpose of the script, is simply executing a bigger jump, but for that there has to be a moment of falling towards the ground
| Code: | [ENABLE]
aobscanmodule(writeVelocity,sekiro.exe,0F 29 87 60 01 00 00 48) // should be unique
alloc(newmem,$1000,writeVelocity)
alloc(veloc,16,writeVelocity)
veloc:
dd (float)1 (float)1.04 (float)1 (float)1
label(code)
label(return)
newmem:
mulps xmm0,[veloc]
code:
movaps [rdi+00000160],xmm0
jmp return
writeVelocity:
jmp newmem
nop 2
return:
registersymbol(writeVelocity)
[DISABLE]
writeVelocity:
db 0F 29 87 60 01 00 00
unregistersymbol(writeVelocity)
dealloc(newmem) |
Thanks in advance.
| Description: |
| I add the image of the script in case it is easier to read |
|
| Filesize: |
32.37 KB |
| Viewed: |
1701 Time(s) |
|
|
|
| Back to top |
|
 |
LeFiXER
Grandmaster Cheater Supreme
![]() Reputation: 20
Joined: 02 Sep 2011
Posts: 1069
Location: 0x90
|
| Posted: Wed Oct 25, 2023 3:32 pm Post subject: |
|
|
xmm/ymm are 16-byte registers meaning they can hold numerous values as you seem to be aware; however, you have defined a dword value for this which is just 4-bytes.
| Code: |
[ENABLE]
aobscanmodule(writeVelocity,sekiro.exe,0F 29 87 60 01 00 00 48) // should be unique
alloc(newmem,$1000,writeVelocity)
alloc(veloc,16,writeVelocity)
label(code)
label(return)
veloc:
dd (float)1 (float)1.04 (float)1 (float)1
newmem:
movaps xmm15,[veloc]
mulps xmm0,xmm15
code:
movaps [rdi+00000160],xmm0
jmp return
writeVelocity:
jmp newmem
nop 2
return:
registersymbol(writeVelocity)
[DISABLE]
writeVelocity:
db 0F 29 87 60 01 00 00
unregistersymbol(writeVelocity)
dealloc(newmem)
|
Scalar and Packed Intructions
SSE defines two types of operations; scalar and packed. Scalar operation only operates on the least-significant data element (bit 0~31), and packed operation computes all four elements in parallel. SSE instructions have a suffix -ss for scalar operations (Single Scalar) and -ps for packed operations (Parallel Scalar).
See image below for clarification:
Note that upper 3 elements in xmm0 for scalar operation remain unchanged.
|
|
| Back to top |
|
|
ParkourPenguin
I post too much
 Reputation: 152
Joined: 06 Jul 2014
Posts: 4700
|
| Posted: Wed Oct 25, 2023 3:55 pm Post subject: |
|
|
| LeFiXER wrote: | | Code: | movaps xmm15,[veloc]
mulps xmm0,xmm15 |
|
OP used `mulps` too. Putting it in an xmm register first doesn't make any difference.
OP:
The injection point is probably run continuously. Find a different injection point that's only run when you jump.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
LeFiXER
Grandmaster Cheater Supreme
![]() Reputation: 20
Joined: 02 Sep 2011
Posts: 1069
Location: 0x90
|
| Posted: Wed Oct 25, 2023 5:59 pm Post subject: |
|
|
| ParkourPenguin wrote: |
OP used `mulps` too. Putting it in an xmm register first doesn't make any difference.
|
That's good to know, wasn't aware that mulps worked on values stored in memory. Thanks 
|
|
| Back to top |
|
|
XxSongixX
How do I cheat?
![]() Reputation: 0
Joined: 06 Mar 2022
Posts: 6
|
| Posted: Thu Oct 26, 2023 6:01 am Post subject: Thanks for the contribution, it helped me clarify a little b |
|
|
| LeFiXER wrote: | xmm/ymm are 16-byte registers meaning they can hold numerous values as you seem to be aware; however, you have defined a dword value for this which is just 4-bytes.
Scalar and Packed Intructions
SSE defines two types of operations; scalar and packed. Scalar operation only operates on the least-significant data element (bit 0~31), and packed operation computes all four elements in parallel. SSE instructions have a suffix -ss for scalar operations (Single Scalar) and -ps for packed operations (Parallel Scalar).
Note that upper 3 elements in xmm0 for scalar operation remain unchanged. |
Thanks for the contribution, it helped me clarify a
little better with something that I did not take into account.
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
