Page 1 of 1
I have a problem with a string
Posted: Tue Aug 10, 2021 4:37 pm
by SilverRabbit90
Can anyone help me with a problem? I tried to do a cheat for infinite life, comparing a string with a specific name gives me error saying it can't be compiled.
Like this code:
label(code)
label(return)
newmem:
cmp [esi+A88],'zL$health'
je code
nop
nop
nop
nop
nop
jmp return
code:
movss [esi+48],xmm0
jmp return
I tried to remove $ and it no longer gives compile error, but the cheat wan't work, how can I make a code keeping the string 'zl$health' ?
In this code the string work, example:
aobscanmodule(INJECT,Blightbound.exe,F3 0F 11 96 94 00 00 00 0F 57 C9 8B CE C7 46 7C 00 00 00 00 E8 94) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
label(w)
newmem:
cmp [esi+10],'gold'
jne code
addss xmm2,[w]
movss [esi+00000094],xmm2
jmp return
w:
dq (float)10000
code:
movss [esi+00000094],xmm2
jmp return
INJECT:
jmp newmem
nop 3
return:
registersymbol(INJECT)
This code add money on pick up, the string 'gold' is accepted and does not give a compilation error, how can I do the same thing for the other code?
Re: I have a problem with a string
Posted: Tue Aug 10, 2021 5:17 pm
by PeaceBeUponYou
First of you need to know that a
cmp
instruction only supports
imm8
,
imm16
and
imm32
, numbers in source operand, and each CHAR in a string is 1 byte that is why in here:
cmp [esi+10],'gold'
it works as
gold = 67 6F 6C 64
and compiles but in here
cmp [esi+A88],'zL$health'
the
zL$health = 7A 6C 24 68 65 61 6C 74 68
it is even bigger than
imm64 (8bytes), that is why it is not compiling. But for strings none of these ways are right, sometime it does work but the proper way would be using string specific instructions to compare like so:
Code: Select all
alloc(strCmp,$20)
label(strToCmprWith)
strCmp: //ebp+10 = source1, ebp+C = source2 , ebp+8= #source1
push ebp
mov ebp,esp
push esi
push edi
push ecx
xor eax,eax
mov esi,[ebp+10]
mov edi,[ebp+C]
mov ecx,[ebp+8]
loophere:
cmpsb
jne popregs
loop loophere
mov eax,01 //if match successful
popregs:
pop ecx
pop edi
pop esi
mov esp,ebp
pop ebp
ret C
newmem:
push eax
lea eax,[strToCmprWith] //source1
push eax
lea eax,[esi+A88] //source2
push eax
mov eax,9 //== no of chars in strToCmprWith
push eax //
call strCmp
test eax,eax
pop eax
je failed
//cmp [esi+A88],'zL$health'
//je code
nop
nop
nop
nop
nop
jmp return
code:
movss [esi+48],xmm0
jmp return
strToCmprWith:
db 'zL$health',0
Re: I have a problem with a string
Posted: Wed Aug 11, 2021 10:18 am
by SilverRabbit90
PeaceBeUponYou wrote: ↑Tue Aug 10, 2021 5:17 pm
First of you need to know that a
cmp
instruction only supports
imm8
,
imm16
and
imm32
, numbers in source operand, and each CHAR in a string is 1 byte that is why in here:
cmp [esi+10],'gold'
it works as
gold = 67 6F 6C 64
and compiles but in here
cmp [esi+A88],'zL$health'
the
zL$health = 7A 6C 24 68 65 61 6C 74 68
it is even bigger than
imm64 (8bytes), that is why it is not compiling. But for strings none of these ways are right, sometime it does work but the proper way would be using string specific instructions to compare like so:
Code: Select all
alloc(strCmp,$20)
label(strToCmprWith)
strCmp: //ebp+10 = source1, ebp+C = source2 , ebp+8= #source1
push ebp
mov ebp,esp
push esi
push edi
push ecx
xor eax,eax
mov esi,[ebp+10]
mov edi,[ebp+C]
mov ecx,[ebp+8]
loophere:
cmpsb
jne popregs
loop loophere
mov eax,01 //if match successful
popregs:
pop ecx
pop edi
pop esi
mov esp,ebp
pop ebp
ret C
newmem:
push eax
lea eax,[strToCmprWith] //source1
push eax
lea eax,[esi+A88] //source2
push eax
mov eax,9 //== no of chars in strToCmprWith
push eax //
call strCmp
test eax,eax
pop eax
je failed
//cmp [esi+A88],'zL$health'
//je code
nop
nop
nop
nop
nop
jmp return
code:
movss [esi+48],xmm0
jmp return
strToCmprWith:
db 'zL$health',0
Thank you very much, I could never have imagined such a complex code, it will take me a while to understand it completely XD
Re: I have a problem with a string
Posted: Wed Aug 11, 2021 10:30 am
by notpikachu
SilverRabbit90 wrote: ↑Wed Aug 11, 2021 10:18 am
Thank you very much, I could never have imagined such a complex code, it will take me a while to understand it completely XD
You could always do it like this if that's to complex.
Code: Select all
label(code)
label(return)
newmem:
cmp dword ptr [esi+A88],'zL$h'
jne code
cmp word ptr [esi+A8C],'ea'
jne code
cmp word ptr [esi+A8E],'lt'
jne code
cmp byte ptr [esi+A90],'h'
jne code
db 90 90 90 90 90
jmp return
code:
movss [esi+48],xmm0
jmp return
but I highly recommend you check out the cmps[b, w, d, q] like the post above
.
edit1:I checked back the original code and look back at mine and it seems that's a wrong way to put je if you trying to nop the damage on your own character, unless that string is actually own by the enemies? please ignore this if that's exactly what you trying to do. but if it's otherwise, please use jne.
Re: I have a problem with a string
Posted: Wed Aug 11, 2021 11:18 am
by SilverRabbit90
notpikachu wrote: ↑Wed Aug 11, 2021 10:30 am
SilverRabbit90 wrote: ↑Wed Aug 11, 2021 10:18 am
Thank you very much, I could never have imagined such a complex code, it will take me a while to understand it completely XD
You could always do it like this if that's to complex.
Code: Select all
label(code)
label(return)
newmem:
cmp dword ptr [esi+A88],'zL$h'
je code
cmp word ptr [esi+A8C],'ea'
je code
cmp word ptr [esi+A8E],'lt'
je code
cmp byte ptr [esi+A90],'h'
je code
db 90 90 90 90 90
jmp return
code:
movss [esi+48],xmm0
jmp return
but I highly recommend you check out the cmps[b, w, d, q] like the post above
.
Oh this is much simpler, I can understand it too XD
Re: I have a problem with a string
Posted: Wed Aug 11, 2021 11:37 am
by GreenHouse
This is what I recommend. As it's easier to add multiple strings and not make it a mess.
It's a little bit more advanced in terms of ASM, but it should work.
Code: Select all
label(code)
label(return)
label(string)
alloc(stringCheck,4)
registersymbol(stringCheck)
string:
db 'zL$health' 00
newmem:
pushad
lea eax,[esi+A88]
mov [stringCheck],eax
push string
push [stringCheck]
call strstr
add esp,08
test eax,eax
popad
je code //If it's not equal, jump to code
**Do whatever here**
code:
movss [esi+48],xmm0
jmp return
Re: I have a problem with a string
Posted: Wed Aug 11, 2021 2:51 pm
by PeaceBeUponYou
SilverRabbit90 wrote: ↑Wed Aug 11, 2021 10:18 am
I could never have imagined such a complex code, it will take me a while to understand it completely XD
Well this is the right way to compare a string in ASM, you can also use
scasb
and derivatives if you want to scan for a pattern in a string.
Besides this method does not only allows you to compare the whole string but you can also limit the number of chars to compare at line:
mov eax,9 //== no of chars in strToCmprWith
, if you want to compare limited part only. But if you want to compare the whole string and do not want to manually put CHAR count each time, you can use this script to get string length and use its
return value at that line:
Code: Select all
strlengthA: //ebp+8=*stringToLength
enter 4,0
push edi
mov edi, [ebp+8]
xor eax,eax
mov [ebp-4],eax //tempVar
loophere:
inc dword ptr [ebp-4]
scasb
jne loophere
dec dword ptr [ebp-4]
mov eax, [ebp-4]
pop edi
leave
ret 4
newmem:
push eax
lea eax,[ptrToStringVariable] //*stringToLength
push eax
call strlengthA
//length is return in eax, you can store it in some variable is you want or use it directly
pop eax