Difference between revisions of "Help File:Big endian 4 byte"

From Cheat Engine
Jump to navigation Jump to search
(Created page with '<hr><div align="left"><font face="Arial" color="#010101" class="Arial2"> alloc(TypeName,256)</font></div><div align="left"><font face="Arial" color="#010101" class="Arial2"> …')
 
Line 1: Line 1:
<hr><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
This script will add the 2 byte Big Endian type support to cheat engine.
alloc(TypeName,256)</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
 
alloc(ByteSize,4)</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  alloc(TypeName,256)
alloc(ConvertRoutine,1024)</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  alloc(ByteSize,4)
alloc(ConvertBackRoutine,1024)</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  alloc(ConvertRoutine,1024)
TypeName:</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  alloc(ConvertBackRoutine,1024)
db '4 Byte Big Endian',0</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
ByteSize:</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
dd 4</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  TypeName:
//The convert routine should hold a routine that converts the data to an integer (in eax)</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  db '4 Byte Big Endian',0
//function declared as: stdcall int ConvertRoutine(unsigned char *input);</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
//Note: Keep in mind that this routine can be called by multiple threads at the same time.</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
ConvertRoutine:</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  ByteSize:
//jmp dllname.functionname</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  dd 4
[64-bit]</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
//or manual:</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
//parameters: (64-bit)</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //The convert routine should hold a routine that converts the data to an integer (in eax)
//rcx=address of input</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //function declared as: stdcall int ConvertRoutine(unsigned char *input);
xor eax,eax</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //Note: Keep in mind that this routine can be called by multiple threads at the same time.
mov eax,[rcx] //eax now contains the bytes 'input' pointed to</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  ConvertRoutine:
bswap eax //convert to big endian</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //jmp dllname.functionname
ret</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  [64-bit]
[/64-bit]</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //or manual:
[32-bit]</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //parameters: (64-bit)
//jmp dllname.functionname</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //rcx=address of input
//or manual:</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  xor eax,eax
//parameters: (32-bit)</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  mov eax,[rcx] //eax now contains the bytes 'input' pointed to
push ebp</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  bswap eax //convert to big endian
mov ebp,esp</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
//[ebp+8]=input</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
//example:</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  ret
mov eax,[ebp+8] //place the address that contains the bytes into eax</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  [/64-bit]
mov eax,[eax] //place the bytes into eax so it's handled as a normal 4 byte value</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
bswap eax</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
pop ebp</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  [32-bit]
ret 4</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //jmp dllname.functionname
[/32-bit]</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //or manual:
//The convert back routine should hold a routine that converts the given integer back to a row of  
+
  //parameters: (32-bit)
bytes (e.g when the user wats to write a new value)</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  push ebp
//function declared as: stdcall void ConvertBackRoutine(int i, unsigned char *output);</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  mov ebp,esp
ConvertBackRoutine:</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //[ebp+8]=input
//jmp dllname.functionname</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //example:
//or manual:</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  mov eax,[ebp+8] //place the address that contains the bytes into eax
[64-bit]</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  mov eax,[eax] //place the bytes into eax so it's handled as a normal 4 byte value
//parameters: (64-bit)</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
//ecx=input</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
//rdx=address of output</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  bswap eax
//example:</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
bswap ecx //convert the little endian input into a big endian input</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
mov [rdx],ecx //place the integer the 4 bytes pointed to by rdx</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  pop ebp
ret</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  ret 4
[/64-bit]</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  [/32-bit]
[32-bit]</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
//parameters: (32-bit)</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
push ebp</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //The convert back routine should hold a routine that converts the given integer back to a row of bytes (e.g when the user wats to write a new value)
mov ebp,esp</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //function declared as: stdcall void ConvertBackRoutine(int i, unsigned char *output);
//[ebp+8]=input</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  ConvertBackRoutine:
//[ebp+c]=address of output</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //jmp dllname.functionname
//example:</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //or manual:
push eax</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  [64-bit]
push ebx</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //parameters: (64-bit)
mov eax,[ebp+8] //load the value into eax</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //ecx=input
mov ebx,[ebp+c] //load the address into ebx</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //rdx=address of output
//convert the value to big endian</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //example:
bswap eax</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  bswap ecx //convert the little endian input into a big endian input
mov [ebx],eax //write the value into the address</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  mov [rdx],ecx //place the integer the 4 bytes pointed to by rdx
pop ebx</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
pop eax</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
pop ebp</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  ret
ret 8</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  [/64-bit]
[/32-bit] </font></div>
+
  &nbsp;
 +
  &nbsp;
 +
  [32-bit]
 +
  //parameters: (32-bit)
 +
  push ebp
 +
  mov ebp,esp
 +
  //[ebp+8]=input
 +
  //[ebp+c]=address of output
 +
  //example:
 +
  push eax
 +
  push ebx
 +
  mov eax,[ebp+8] //load the value into eax
 +
  mov ebx,[ebp+c] //load the address into ebx
 +
  &nbsp;
 +
  &nbsp;
 +
  //convert the value to big endian
 +
  bswap eax
 +
  &nbsp;
 +
  &nbsp;
 +
  mov [ebx],eax //write the value into the address
 +
  pop ebx
 +
  pop eax
 +
  &nbsp;
 +
  &nbsp;
 +
  pop ebp
 +
  ret 8
 +
  [/32-bit]
 +
 
 +
 
 +
== Links ==
 +
* [[Cheat Engine:Help File|Help File]]
 +
 
 +
* [[Help_File:Big_endian_2_byte|Back]]
 +
 
 +
* [[Help_File:Unsigned_values|Next]]

Revision as of 08:07, 10 March 2017

This script will add the 2 byte Big Endian type support to cheat engine. 

 alloc(TypeName,256)
 alloc(ByteSize,4)
 alloc(ConvertRoutine,1024)
 alloc(ConvertBackRoutine,1024)
  
  
 TypeName:
 db '4 Byte Big Endian',0
  
  
 ByteSize:
 dd 4
  
  
 //The convert routine should hold a routine that converts the data to an integer (in eax)
 //function declared as: stdcall int ConvertRoutine(unsigned char *input);
 //Note: Keep in mind that this routine can be called by multiple threads at the same time.
 ConvertRoutine:
 //jmp dllname.functionname
 [64-bit]
 //or manual:
 //parameters: (64-bit)
 //rcx=address of input
 xor eax,eax
 mov eax,[rcx] //eax now contains the bytes 'input' pointed to
 bswap eax //convert to big endian
  
  
 ret
 [/64-bit]
  
  
 [32-bit]
 //jmp dllname.functionname
 //or manual:
 //parameters: (32-bit)
 push ebp
 mov ebp,esp
 //[ebp+8]=input
 //example:
 mov eax,[ebp+8] //place the address that contains the bytes into eax
 mov eax,[eax] //place the bytes into eax so it's handled as a normal 4 byte value
  
  
 bswap eax
  
  
 pop ebp
 ret 4
 [/32-bit]
  
  
 //The convert back routine should hold a routine that converts the given integer back to a row of bytes (e.g when the user wats to write a new value)
 //function declared as: stdcall void ConvertBackRoutine(int i, unsigned char *output);
 ConvertBackRoutine:
 //jmp dllname.functionname
 //or manual:
 [64-bit]
 //parameters: (64-bit)
 //ecx=input
 //rdx=address of output
 //example:
 bswap ecx //convert the little endian input into a big endian input
 mov [rdx],ecx //place the integer the 4 bytes pointed to by rdx
  
  
 ret
 [/64-bit]
  
  
 [32-bit]
 //parameters: (32-bit)
 push ebp
 mov ebp,esp
 //[ebp+8]=input
 //[ebp+c]=address of output
 //example:
 push eax
 push ebx
 mov eax,[ebp+8] //load the value into eax
 mov ebx,[ebp+c] //load the address into ebx
  
  
 //convert the value to big endian
 bswap eax
  
  
 mov [ebx],eax //write the value into the address
 pop ebx
 pop eax
  
  
 pop ebp
 ret 8
 [/32-bit]


Links



Retrieved from "https://wiki.cheatengine.org/index.php?title=Help_File:Big_endian_4_byte&oldid=2926"