Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Multiplying by the custom value indicated in label

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
justNOPing
Newbie cheater
Reputation: 0

Joined: 09 Aug 2022
Posts: 11
PostPosted: Mon Jan 06, 2025 2:22 pm    Post subject: Multiplying by the custom value indicated in label Reply with quote
Hello. I was making an experience multiplier hack, following a guide called "
How to make a 'x2 experience hack' [ASM QUESTION]" posted on this forum. mgr.inz.Player's code worked well for my particular situation, however, I want to multiply the experience income by the user-defined value, kind of like this:

Code:

label(code expm)
registersymbol(expm)
label(return)
code:
  sub eax,dword [ecx+00000388] //SUBTRACT XP INCOME
  imul eax,eax,[expm] //MULTIPLY BY LABEL
  add dword [ecx+00000388],eax
  //mov [ecx+00000388],eax //original code
  jmp return

expm:
dd 2

This one gives me compiling error.
Code:
imul eax,eax, 2
And this one works flawlessly, but I'm looking for a way to make this particular multiplier customizable to avoid hardcoding it. How can I do this?

Here's the current (working) version of the script:

Code:

[ENABLE]

aobscanmodule(XPMULT,fate.exe,89 81 88 03 00 00 8B 85) // should be unique
alloc(newmem,$1000)
label(code expm)
registersymbol(expm)
label(return)

newmem:
code:
  sub eax,dword [ecx+00000388] //SUBTRACT XP INCOME
  imul eax,eax,4 //MULTIPLY BY 4
  add dword [ecx+00000388],eax
  //mov [ecx+00000388],eax //original code
  jmp return

XPMULT:
  jmp newmem
  nop
return:
registersymbol(XPMULT)

[DISABLE]

XPMULT:
  db 89 81 88 03 00 00

unregistersymbol(*)
dealloc(*)

{
// ORIGINAL CODE - INJECTION POINT: fate.exe+1AFB61

fate.exe+1AFB32: FF 75 08              - push [ebp+08]
fate.exe+1AFB35: 8B 8D 4C FF FF FF     - mov ecx,[ebp-000000B4]
fate.exe+1AFB3B: E8 69 08 EE FF        - call fate.exe+903A9
fate.exe+1AFB40: 8B C8                 - mov ecx,eax
fate.exe+1AFB42: E8 33 FF FF FF        - call fate.exe+1AFA7A
fate.exe+1AFB47: E9 0D 01 00 00        - jmp fate.exe+1AFC59
fate.exe+1AFB4C: 8B 85 4C FF FF FF     - mov eax,[ebp-000000B4]
fate.exe+1AFB52: 8B 80 88 03 00 00     - mov eax,[eax+00000388]
fate.exe+1AFB58: 03 45 10              - add eax,[ebp+10]
fate.exe+1AFB5B: 8B 8D 4C FF FF FF     - mov ecx,[ebp-000000B4]
// ---------- INJECTING HERE ----------
fate.exe+1AFB61: 89 81 88 03 00 00     - mov [ecx+00000388],eax
// ---------- DONE INJECTING  ----------
fate.exe+1AFB67: 8B 85 4C FF FF FF     - mov eax,[ebp-000000B4]
fate.exe+1AFB6D: 83 B8 88 03 00 00 00  - cmp dword ptr [eax+00000388],00
fate.exe+1AFB74: 7D 0D                 - jnl fate.exe+1AFB83
fate.exe+1AFB76: 8B 85 4C FF FF FF     - mov eax,[ebp-000000B4]
fate.exe+1AFB7C: 83 A0 88 03 00 00 00  - and dword ptr [eax+00000388],00
fate.exe+1AFB83: 8B 8D 4C FF FF FF     - mov ecx,[ebp-000000B4]
fate.exe+1AFB89: E8 76 2F F9 FF        - call fate.exe+142B04
fate.exe+1AFB8E: 0F B6 C0              - movzx eax,al
fate.exe+1AFB91: 85 C0                 - test eax,eax
fate.exe+1AFB93: 0F 84 C0 00 00 00     - je fate.exe+1AFC59
}
Back to top
View user's profile Send private message
ParkourPenguin
I post too much
Reputation: 152

Joined: 06 Jul 2014
Posts: 4696
PostPosted: Mon Jan 06, 2025 5:34 pm    Post subject: Reply with quote
https://www.felixcloutier.com/x86/imul

`imul eax,[expm]` should work
_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
justNOPing
Newbie cheater
Reputation: 0

Joined: 09 Aug 2022
Posts: 11
PostPosted: Tue Jan 07, 2025 3:56 am    Post subject: Reply with quote
ParkourPenguin wrote:

`imul eax,[expm]` should work


Thank you. Yeah, that's what I tried doing first hand. However, it gives unexpected results.

imul eax,[expm]
Judging by breakpoint, EAX returns value of "80000000" by the time it reaches add [ecx+00000388],eax

Here are the screenshots for comparison:

cheatengine-x86_64_GXnoAsSfbF.png
 Description:
imul 2
 Filesize:  81.98 KB
 Viewed:  2319 Time(s)

cheatengine-x86_64_GXnoAsSfbF.png
cheatengine-x86_64_IbRG95srVA.png
 Description:
imul label
 Filesize:  69.46 KB
 Viewed:  2319 Time(s)

cheatengine-x86_64_IbRG95srVA.png
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 470

Joined: 09 May 2003
Posts: 25785
Location: The netherlands
PostPosted: Tue Jan 07, 2025 5:49 am    Post subject: Reply with quote
remove the (float)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
justNOPing
Newbie cheater
Reputation: 0

Joined: 09 Aug 2022
Posts: 11
PostPosted: Tue Jan 07, 2025 8:07 am    Post subject: Reply with quote
Dark Byte wrote:
remove the (float)


Thank you so much. Damn, I didn't even think about it. Rolling Eyes
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites