 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Bunny_Wabbit
Newbie cheater
![]() Reputation: 0
Joined: 23 Sep 2017
Posts: 23
Location: United Kingdom
|
 Posted: Tue Apr 27, 2021 3:40 am Post subject: Doing a one-hit kill hack in tutorial step 9? |
 |
|
I did this step last night, but I wanted to try something different and kill the enemies with a single hit as opposed to adding HP onto my team. I thought doing this would work:
| Code: |
cmp [ebx+10],2
jne originalcode
fsubr dword ptr [ebx+04],500
fstp dword ptr [ebp-30]
jmp exit
originalcode:
fsubr dword ptr [ebx+04]
fstp dword ptr [ebp-30]
|
But it doesn't seem to like me simply adding "500" to the end of the 'fsubr' instruction. Am I using the syntax wrong or does the value have to be in hexadecimal?
Edit:
So I found this via a quick search:
'Makingspaghetti monsterMode & One Hit Kill cheats on Cheat Engine 6.6 Tutorial Step 9.'
I can't post links so putting that into Google might take you to the page I'm talking about.
I'm confused by a few things here, inspaghetti monsterMode, I'm assuming writing something in 'mem' replaces existing definitions or adds a new variable, such as this:
| Code: | mem:
dd (float)100.0 |
But I don't know what these are supposed to do:
| Code: | fstp st(0)
fld dword ptr [mem] |
I'm guessing the second line just ensures that the value will be frozen at 100, as defined in 'mem' and the first line makes it possible by allocating enough space for the float variable? Complete guess.
Now in One Hit Kill, he intentionally jumps to the original code and writes the new code there. Isn't that a little backwards? Why not just write the new code in 'newmem'?
Also, what's the difference between 'fsubr' and simply subtracting a float? Specifically in this block:
| Code: | sub [ebx+04],(float)500
fsubr dword ptr [ebx+04]
fstp dword ptr [ebp-30] |
I think I understand why he's referencing [ebx+04], because that's the health offset whereas the team placement is [ebx+10], but I hadn't thought it be as simple as taking away HP from the value.
If someone could just confirm my theories here I'd be very grateful, I've been working my way through these tutorials while bored at work (I work from home).
Edit 2: Yes thank you forum software. I'm sure you know what I was trying to type as the name of the thread.
|
|
| Back to top |
|
 |
TheyCallMeTim13
Wiki Contributor
 Reputation: 51
Joined: 24 Feb 2017
Posts: 976
Location: Pluto
|
| Posted: Tue Apr 27, 2021 6:41 am Post subject: Re: Doing a one-hit kill hack in tutorial step 9? |
|
|
| Bunny_Wabbit wrote: | ...
But it doesn't seem to like me simply adding "500" to the end of the 'fsubr' instruction. Am I using the syntax wrong or does the value have to be in hexadecimal?
... |
FSUB and FSUBR don't take any immediates, they only use the FPU stack.
Here is a site I use to look up instructions:
https://www.felixcloutier.com/x86/
| Bunny_Wabbit wrote: | ...
But I don't know what these are supposed to do:
| Code: | fstp st(0)
fld dword ptr [mem] |
I'm guessing the second line just ensures that the value will be frozen at 100, as defined in 'mem' and the first line makes it possible by allocating enough space for the float variable? Complete guess.
... |
FSTP pops the FPU stack and in this case it just clears the value. And FLD loads the value stored in "mem". So you are correct, basically it replaces the original value with 100, thus freezing the value.
| Bunny_Wabbit wrote: | ...
Now in One Hit Kill, he intentionally jumps to the original code and writes the new code there. Isn't that a little backwards? Why not just write the new code in 'newmem'?
... |
Yeah, that's how I'd set it up.
| Bunny_Wabbit wrote: | ...
Also, what's the difference between 'fsubr' and simply subtracting a float? Specifically in this block:
| Code: |
sub [ebx+04],(float)500
fsubr dword ptr [ebx+04]
fstp dword ptr [ebp-30]
|
... |
FSUBR is a floating point reverse subtract. And the SUB is for integers, it likely works here but won't in all cases.
For a one hit kill you can just pop the original value then load zero and pop it in the address:
| Code: | fstp st(0) // just pops/clears the value from the FPU stack.
fldz // loads zero
fstp dword ptr [ebp-30] // pops the value to the address of EBP-0x30 |
_________________
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
