 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Dereta
How do I cheat?
![]() Reputation: 0
Joined: 21 Aug 2016
Posts: 9
|
 Posted: Tue Mar 28, 2017 11:07 am Post subject: Problem with Distance between to Points in 2D (Floats!) |
 |
|
Hey everyone 
I have some problems to calculate the distance between two position points.
In Calculator etc i know how to get it. But in ASM i don't figure out how i can do it.. my try was this:
| Code: |
alloc(playerX,8)
alloc(playerY,8)
alloc(monsterX,8)
alloc(monsterY,8)
alloc(distance,8)
playerX:
dd (float)0
playerY:
dd (float)0
monsterX:
dd (float)0
monsterY:
dd (float)0
distance:
dd (float)0
// First get (mX - pX) hoch 2
mov eax, [esi+6C]
mov [monsterX], eax // Write Mob X
mov eax, [game90.exe+005E0FD0]
mov eax, [eax+C]
lea eax, [eax+707] // Multilevel Pointer
mov [playerX], eax // Write Player X
|
(code that work is exluded)
after i move the position in playerX and monsterX there are not the same as normal...
Any 1 can give me some tips how to save it correctly and calculating it right?
Thanks 4 any help
Greatz Ben
|
|
| Back to top |
|
 |
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Tue Mar 28, 2017 11:33 am Post subject: |
|
|
Why are you wanting to calculate the distance? Are you trying to write a vac cheat or something else?
Please paste your script in its entirety and provide more details so that we can offer better help.
|
|
| Back to top |
|
|
Dereta
How do I cheat?
![]() Reputation: 0
Joined: 21 Aug 2016
Posts: 9
|
| Posted: Tue Mar 28, 2017 12:50 pm Post subject: |
|
|
what do you mean with vac cheat? ^^ don't unterstand. If you mean the Anti Cheat System from Valve. No this game dosen't use it.
For now it works.. but i have now small problems with div a value from a float..
I try to get Monsters that distance <= 100 teleported to me... (higher distance won't work correct) so i can attack/kill them
here's the complete ASM Code:
(I am grateful for suggestions for improvement and explanations)
it's my first try to make a hack this way.. so please don't be to hart to me :3
| Code: |
[ENABLE]
aobscan(MobLockFinal, 8B 07 89 86 84 04 00 00) // should be unique
alloc(newmem,$1000)
alloc(location,8)
alloc(substract,8)
alloc(playerX,8)
alloc(playerY,8)
alloc(monsterX,8)
alloc(monsterY,8)
alloc(distanceX,8)
alloc(distanceY,8)
alloc(distance,8)
label(code)
label(return)
location:
dd 0
substract:
dd (float)75
playerX:
dd (float)0
playerY:
dd (float)0
monsterX:
dd (float)0
monsterY:
dd (float)0
distanceX:
dd (float)0
distanceY:
dd (float)0
distance:
dd (float)0
newmem:
// Declare Code
code:
pusha
pushf
// Rasse und Geschlecht prüfen (Mehrere Prüfungen notwendig!)
lea eax, [esi+41C]
cmp [eax], (int)10
jle ende
{
// Waffenhaltung Prüfen (andere Spieler Pferde etc)
lea eax, [esi+350]
cmp [eax], (int)3
ja ende
}
// Player on Horse?
mov eax, [game90.exe+005E0FD0]
mov eax, [eax+C]
lea eax, [eax+63C]
cmp eax, #11
jae onHorse
mov [substract], (float)0
onHorse:
// Check Mob Distsance to Player --------------
// Write Monster X
lea eax, [esi+484]
movss xmm0, [eax]
divss xmm0, [100] // Leads into crash
movss [monsterX], xmm0
// Write Monster Y
lea eax, [esi+488]
movss xmm0, [eax]
divss xmm0, [100] // Leads into crash
movss [monsterY], xmm0
// Write Player X
mov eax, [game90.exe+005E0FD0]
mov eax, [eax+C]
lea eax, [eax+770]
movss xmm0, [eax]
divss xmm0, [100] // Leads into crash
movss [playerX], xmm0
// Write Player Y
mov eax, [game90.exe+005E0FD0]
mov eax, [eax+C]
lea eax, [eax+774]
movss xmm0, [eax]
divss xmm0, [100] // Leads into crash
movss [playerY], xmm0
// Calculate Distance
// X
movss xmm0, [playerX]
subss xmm0, [monsterX]
mulss xmm0, xmm0
movss [distanceX], xmm0
// Y
movss xmm0, [playerY]
subss xmm0, [monsterY]
mulss xmm0, xmm0
movss [distanceY], xmm0
movss xmm0, [distanceX]
movss xmm1, [distanceY]
addss xmm0, xmm1
movss [distance], xmm0
{
fld qword [distance]
fsqrt
fstp qword [distance]
}
cmp [distance], (float)100
jae ende
// Check Distance END --------------
mov eax, [game90.exe+005E0FD0]
mov eax, [eax+C]
lea eax, [eax+770]
movss xmm0, [eax]
movss [esi+484], xmm0
mov eax, [game90.exe+005E0FD0]
mov eax, [eax+C]
lea eax, [eax+774]
movss xmm0, [eax]
movss [esi+488], xmm0
mov eax, [game90.exe+005E0FD0]
mov eax, [eax+C]
lea eax, [eax+778]
movss xmm0, [eax]
//addss xmm0, [substract]
movss [esi+48C], xmm0
ende:
// Finish All
popf
popa
pop edi
pop esi
pop ebp
ret 0004
MobLockFinal:
jmp newmem
nop
nop
nop
return:
registersymbol(MobLockFinal)
registersymbol(playerX)
registersymbol(playerY)
registersymbol(monsterX)
registersymbol(monsterY)
registersymbol(distanceX)
registersymbol(distanceY)
registersymbol(distance)
[DISABLE]
MobLockFinal:
db 8B 07 89 86 84 04 00 00
unregistersymbol(MobLockFinal)
unregistersymbol(playerX)
unregistersymbol(playerY)
unregistersymbol(monsterX)
unregistersymbol(monsterY)
unregistersymbol(distanceX)
unregistersymbol(distanceY)
unregistersymbol(distance)
dealloc(newmem)
|
|
|
| Back to top |
|
|
FreeER
Grandmaster Cheater Supreme
![]() Reputation: 53
Joined: 09 Aug 2013
Posts: 1091
|
| Posted: Tue Mar 28, 2017 1:45 pm Post subject: |
|
|
| Code: |
divss xmm0, [100] // Leads into crash
|
yeah... remember that [] are used for accessing/indexing/dereferencing memory addresses? Well what this is saying is divide the float in xmm0 by the value at address 100 (in hex so 16*2 or 256 in base 10/decimal)... that's probably not what you meant to say
You'll need to store 100 (as a float) somewhere in memory (or find a, probably static, address storing 100 that you can make use of) or load 100 into an xmm register and use .
I didn't see any other obvious issues, but I really only skimmed over the code after finding the above issue.
Last edited by FreeER on Tue Mar 28, 2017 6:01 pm; edited 1 time in total |
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Tue Mar 28, 2017 4:16 pm Post subject: |
|
|
| vac == vacuum == teleport all desired characters/objects to a location of your choosing and keep them there until you choose otherwise
|
|
| Back to top |
|
|
Dereta
How do I cheat?
![]() Reputation: 0
Joined: 21 Aug 2016
Posts: 9
|
| Posted: Tue Mar 28, 2017 4:33 pm Post subject: |
|
|
yeah some sort of this.. all works so far  teleport etcpp
but i cann't exclude some monsters that a from an other type... :'D because i dosen't find any difference beetween them and the other monsters... but thx so far.
|
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Tue Mar 28, 2017 7:56 pm Post subject: |
|
|
Some tips for code segregation:
| ++METHOS wrote: | - You can use a pointer address for your filter, inside of your script, for the value that you are trying to manipulate.
- You can use pointer trees inside of the data structure to find something viable.
- You can shift the data structure (+ or -) and/or expand its size to find something useful.
- You can use the structure spider to find workable strings and/or for comparative analysis.
- You can check the register values by attaching the debugger or setting a breakpoint to see if something can be used for your filter.
- You can check to see if there are any instructions that are exclusive to the address/value that you are trying to manipulate and store the address for your filter by creating a second injection point.
- You can check to see if there are any instructions that are exclusive to any other address/value inside of the data structure for the address/value that you are trying to manipulate and store the address for your filter by creating a second injection point.
- You can analyze assembly code to see if an identifier is being checked or assigned somewhere.
- Et al.
|
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
