Page 1 of 1
Auto assambler, stuck at script, need help
Posted: Sun Aug 21, 2022 3:42 am
by Sub-7
Hello everyone,
I'm quite inexperienced with scripts and need your help.
I'm trying Auto Assembler right now.
Here it works as expected, change 1 to 0 (4 bytes) (changed manually and watched what happens in Memory Viewer
)
Code: Select all
[ENABLE]
[[[[[["GAME.exe"+0554A568]+B08]+A8]+F8]+50]+250]+F40:
add [rax],al
[DISABLE]
[[[[[["GAME.exe"+0554A568]+B08]+A8]+F8]+50]+250]+F40:
add [rax],eax
Now I'm dealing with float, the original value is 10, and activated it should be 0, but completely different numbers come out.
Can someone please help?
Code: Select all
[ENABLE]
[[[[[[["GAME.exe"+050E64B0]+2A0]+2A0]+280]+D0]+28]+A0]+D0C:
add [rax],(float)0
[DISABLE]
[[[[[[["GAME.exe"+050E64B0]+2A0]+2A0]+280]+D0]+28]+A0]+D0C:
add [rax],(float)10
Re: Auto assambler, stuck at script, need help
Posted: Mon Aug 22, 2022 12:50 pm
by LeFiXER
This isn't the correct category since it's about Auto Assembler and not Lua; however, float values use either the FPU stack or the XMM registers. You can either use those or allocate memory to store an arbitray value. Either of these methods require copy injection methods.
Code: Select all
...
alloc(my_float,8)
my_float:
dq (float)10
newmem:
sub rsp,0x10
movdqu [rsp],xmm0
movss xmm0,[my_float]
movss [rax],xmm0
movdqu xmm0,[rsp]
add rsp,0x10
...
This snippet allocates 8 bytes to store our arbitrary value, and under the
newmem: label we subtract 16-bytes from the stack to store the value held in the xmm0 register just in case. We then copy (move) the arbitrary value to the xmm0 register which is then copied to [rax]. We then move the stack value back to xmm0 and restore the stack by adding 16-bytes back.
Re: Auto assambler, stuck at script, need help
Posted: Tue Aug 23, 2022 3:25 pm
by SunBeam
What I'm trying to understand is why he's doing "add [rax],al". Who teaches you people these things o_O? Tell me which post you read or video you watched to go after them...
It should be plain simple:
[[[[[["GAME.exe"+0554A568]+B08]+A8]+F8]+50]+250]+F40:
db 1
-or-
dd 1
-or-
dd (float)1.0
Take your pick.
Re: Auto assambler, stuck at script, need help
Posted: Tue Aug 23, 2022 4:13 pm
by LeFiXER
SunBeam wrote: ↑Tue Aug 23, 2022 3:25 pm
What I'm trying to understand is why he's doing "add [rax],al". Who teaches you people these things o_O? Tell me which post you read or video you watched to go after them...
It should be plain simple:
[[[[[["GAME.exe"+0554A568]+B08]+A8]+F8]+50]+250]+F40:
db 1
-or-
dd 1
-or-
dd (float)1.0
Take your pick.
Rather elegant solution, although I did find the instruction the OP posted quite strange myself.
Re: Auto assambler, stuck at script, need help
Posted: Tue Aug 23, 2022 5:49 pm
by AlexS
SunBeam wrote: ↑Tue Aug 23, 2022 3:25 pm
What I'm trying to understand is why he's doing "add [rax],al". Who teaches you people these things o_O? Tell me which post you read or video you watched to go after them...
(Google translate)
This is a very, very important and useful assembler instruction, it is used very often, even many times in a row.
For example, the first lines of code in the Cheat Engine program are:
Re: Auto assambler, stuck at script, need help
Posted: Tue Aug 23, 2022 8:28 pm
by Toga
^ ehh that's not a good entry point
Look at your offsets... it's the PE header
let's say for now it's just data which disassembles in that kind of instructions
nb. if that is executed that way it probably will crash