Re: How to registersymbol?
Posted: Fri Jan 05, 2024 8:16 am
^:
alloc(infPoints,8)
...
mov [seePoints],rsi
cmp [infPoints],1
jne code
push r15
mov r15,SetPoints
mov r15d,dword ptr [r15]
mov [rsi+18],r15d
pop r15
...
if the game gives you them mem_issues, you'll have to stick to the same principle everywhere (like in every script in that table):
> basically your cpu tries to mov/cmp a register with a value away past +2GB... and fails (offset too big, etc)
(in worst case scenario, CE will "screw up" the injection altogether ~ i've seen this already plenty of times; iow you'll crash !)
> by moving your label's mem_address to a registry, it "just" compares 2 reg_values on the stack... sort of
(there are some topics @CEF discussing/explaining this ~ mem_mgmt is not my thing)
*******************
alloc(infPoints,4) <= int 4bytes
...
push r15
mov r15,seePoints
mov [r15],rsi
mov r15,infPoints
cmp [r15],1
jne code
mov r15,SetPoints
mov r15d,dword ptr [r15]
mov [rsi+18],r15d
code:
pop r15 <= just make sure r15 is properly pop-ed
movsxd rdx,dword ptr [rsi+18]
test rdx,rdx
mov rcx,rax
jmp return
*******************
=> your original code might work today, but not tomorrow. it all depends on how windows allocate/offer memory to CE, i guess...
ps: video - yep, that guy is really good; any of his videos are worth to watch... (~ Chris Fayte)
alloc(infPoints,8)
...
mov [seePoints],rsi
cmp [infPoints],1
jne code
push r15
mov r15,SetPoints
mov r15d,dword ptr [r15]
mov [rsi+18],r15d
pop r15
...
if the game gives you them mem_issues, you'll have to stick to the same principle everywhere (like in every script in that table):
> basically your cpu tries to mov/cmp a register with a value away past +2GB... and fails (offset too big, etc)
(in worst case scenario, CE will "screw up" the injection altogether ~ i've seen this already plenty of times; iow you'll crash !)
> by moving your label's mem_address to a registry, it "just" compares 2 reg_values on the stack... sort of
(there are some topics @CEF discussing/explaining this ~ mem_mgmt is not my thing)
*******************
alloc(infPoints,4) <= int 4bytes
...
push r15
mov r15,seePoints
mov [r15],rsi
mov r15,infPoints
cmp [r15],1
jne code
mov r15,SetPoints
mov r15d,dword ptr [r15]
mov [rsi+18],r15d
code:
pop r15 <= just make sure r15 is properly pop-ed
movsxd rdx,dword ptr [rsi+18]
test rdx,rdx
mov rcx,rax
jmp return
*******************
=> your original code might work today, but not tomorrow. it all depends on how windows allocate/offer memory to CE, i guess...
ps: video - yep, that guy is really good; any of his videos are worth to watch... (~ Chris Fayte)