| View previous topic :: View next topic |
| Author |
Message |
Classicus
Advanced Cheater
![]() Reputation: 0
Joined: 22 Dec 2011
Posts: 51
|
 Posted: Sat May 10, 2014 8:47 am Post subject: fstp auto assemble help |
 |
|
Hi,
I'm a long time follower of CE and it's forums. I recently starting using auto assemble and learned how to do AOB scans and modify values such as add/sub/mov
But the floaters I'm completely lost, and don't know how to modify it to my liking. In this particular case, in RimWorld I'm trying to create a script that will add 1000 points everytime someone gains experience in a particular stat [cooking, crafting etc...]
This is the code [with aobscan] that writes to a float address I found where experience is gained by crafting an item [for crafting].
| Code: | [enable]
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
label(skillsets)
registersymbol(skillsets)
aobscan(aob1,D9 5F 18 8B 47 10 69 C0 E8 03 00 00)
newmem:
originalcode:
fstp dword ptr [edi+18]
mov eax,[edi+10]
exit:
jmp returnhere
aob1:
skillsets:
jmp newmem
nop
returnhere:
[disable]
dealloc(newmem)
skillsets:
db D9 5F 18 8B 47 10 69 C0 E8 03 00 00
unregistersymbol(skillsets) |
How can I go about adding a numeric value of 1000 to crafting? I tried looking for fadd nearby, but that doesn't seem to exist anywhere near this code. I see faddp right above this value, but there's nothing with it, so I'm not sure what address I might have to try and adjust. Attached is a screenshot of the codes in this area.
| Description: |
|
| Filesize: |
27.06 KB |
| Viewed: |
14850 Time(s) |
|
|
|
| Back to top |
|
 |
Geri
Moderator
![]() Reputation: 111
Joined: 05 Feb 2010
Posts: 5636
|
| Posted: Sat May 10, 2014 9:12 am Post subject: |
|
|
| Code: | [enable]
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
label(skillsets)
registersymbol(skillsets)
aobscan(aob1,D9 5F 18 8B 47 10 69 C0 E8 03 00 00)
alloc(whatever,4)
whatever:
dd (float)1000
newmem:
originalcode:
fadd dword ptr [whatever]
fstp dword ptr [edi+18]
mov eax,[edi+10]
exit:
jmp returnhere
aob1:
skillsets:
jmp newmem
nop
returnhere:
[disable]
dealloc(newmem)
skillsets:
db D9 5F 18 8B 47 10 69 C0 E8 03 00 00
unregistersymbol(skillsets)
dealloc(whatever) |
_________________
|
|
| Back to top |
|
|
Classicus
Advanced Cheater
![]() Reputation: 0
Joined: 22 Dec 2011
Posts: 51
|
| Posted: Sat May 10, 2014 9:35 am Post subject: |
|
|
Thank you Geri! That works perfectly.
So basically, you have to create a new mem, define its value, and fadd it. Interesting. I've been wanting to know this for a long time and it looks rather simple.
edit: I'm trying to give you rep for your post Geri, but can't find where to do this. I did a lot of googling and couldn't find this answer, but you came along and answered it so quickly. Maybe I don't have enough posts to add rep?
|
|
| Back to top |
|
|
Geri
Moderator
![]() Reputation: 111
Joined: 05 Feb 2010
Posts: 5636
|
| Posted: Sat May 10, 2014 9:51 am Post subject: |
|
|
New members with low post count can't give reps, but I don't care about it anyway. Float instructions are somewhat confusing for beginners, because they are working differently from other instructions, but basically it's like this:
fld will load a value to a register where you can use it for calculations
fadd, fsub, fmul, fdiv etc will increase, decrease the value on the register
fstp will copy the value from the register to an address and remove it from the register
In your case, fadd has added 1000 to the value in the register right before the program has copied it back to the address where your exp is stored.
It's a bit more complex than this, but this is the very basic and if you know this, you can increase, decrease, multiply and divide float values.
_________________
|
|
| Back to top |
|
|
shakib187
Expert Cheater
 Reputation: 0
Joined: 24 May 2007
Posts: 215
|
| Posted: Sun May 11, 2014 2:45 pm Post subject: |
|
|
cant you just do
| Code: |
fstp dword ptr [edi+18]
add [edi+18],(float)1000
mov eax,[edi+10]
|
?
Last edited by shakib187 on Sun May 11, 2014 4:08 pm; edited 1 time in total |
|
| Back to top |
|
|
Geri
Moderator
![]() Reputation: 111
Joined: 05 Feb 2010
Posts: 5636
|
| Posted: Sun May 11, 2014 2:49 pm Post subject: |
|
|
No, because that will change the value to 1000, not add 1000 to it.
_________________
|
|
| Back to top |
|
|
shakib187
Expert Cheater
Reputation: 0
Joined: 24 May 2007
Posts: 215
|
| Posted: Sun May 11, 2014 4:09 pm Post subject: |
|
|
| Geri wrote: | | No, because that will change the value to 1000, not add 1000 to it. |
Woops my mistake Geri, I changed it to add now(which is what I originally meant), I usually do it like that and it seems to work.
I was more concerned about the format not the add or mov by itself
|
|
| Back to top |
|
|
Geri
Moderator
![]() Reputation: 111
Joined: 05 Feb 2010
Posts: 5636
|
| Posted: Sun May 11, 2014 4:41 pm Post subject: |
|
|
If you use add, the value will be handled as integer, not as float. It will add 1148846080 instead of 1000 to the value which will be also handled as integer. So instead of adding 2 float values together, it will add 2 integer values together and the result will be some seemingly random number and totally not what you expect.
_________________
|
|
| Back to top |
|
|
Chris12
Expert Cheater
![]() Reputation: 1
Joined: 27 Apr 2012
Posts: 103
|
| Posted: Mon May 12, 2014 12:56 am Post subject: |
|
|
| shakib187 wrote: | cant you just do
***
? |
add is an instruction that operates on integer values.
the encoding of the number at edi+18 is float, you can't re-interpret the bits at that address directly as int.
I think you can use "fadd (float)1000" just before the fstp though.
http://x86.renejeschke.de/html/file_module_x86_id_81.html
it should be easier like that way (no indirection through a memory address)
the general thing to keep in mind here is that all floats and doubles are processed by a "co-processor" called the FPU (floating point unit).
that coprocessor has its own stack of variables st0,st1, etc...
all f* commands (fstp fld fadd, etc...) work on that stack.
you cannot address the fpu registers directly you can only save,load and manipulate them using the f* instructions.
what this means: if you want to modify a float you have to modify it before it's moved back to the ram again. in your case thats the fstp instruction (pops the topmost item from the fpu stack and saves it into the given address)
if you want to modify a float in the general case first load it into the fpu with 'FLD <address>' then modify it with fadd fmul fsub or whatever, then write it back to the address you've got it from with fstp.
there are a lot more useful f* instructions to calculate the sinus, modulo and other stuff...
does that make it more clear for you Classicus??
|
|
| Back to top |
|
|
shakib187
Expert Cheater
Reputation: 0
Joined: 24 May 2007
Posts: 215
|
| Posted: Mon May 12, 2014 3:18 am Post subject: |
|
|
| Hmm I see! thanks
|
|
| Back to top |
|
|
Geri
Moderator
![]() Reputation: 111
Joined: 05 Feb 2010
Posts: 5636
|
| Posted: Mon May 12, 2014 5:42 am Post subject: |
|
|
| Chris12 wrote: | I think you can use "fadd (float)1000" just before the fstp though.
|
You can't. It's not a valid instruction. You can use FPU registers (eg st(0) ) or memory location only.
_________________
|
|
| Back to top |
|
|
Classicus
Advanced Cheater
![]() Reputation: 0
Joined: 22 Dec 2011
Posts: 51
|
| Posted: Mon May 12, 2014 11:36 am Post subject: |
|
|
| Thanks for that info Geri and Chris12. It's nice to understand how floats work and should help out when I'm trying to figure how to write something involving this.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
