Difference between revisions of "Help File:Big endian 4 byte"

From Cheat Engine
Jump to navigation Jump to search
(Created page with '<hr><div align="left"><font face="Arial" color="#010101" class="Arial2"> alloc(TypeName,256)</font></div><div align="left"><font face="Arial" color="#010101" class="Arial2"> …')
 
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
<hr><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
[[Category:Help]]
alloc(TypeName,256)</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
This script will add the 2 byte Big Endian type support to cheat engine.
alloc(ByteSize,4)</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
 
alloc(ConvertRoutine,1024)</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  alloc(TypeName,256)
alloc(ConvertBackRoutine,1024)</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  alloc(ByteSize,4)
TypeName:</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  alloc(ConvertRoutine,1024)
db '4 Byte Big Endian',0</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  alloc(ConvertBackRoutine,1024)
ByteSize:</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
dd 4</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
//The convert routine should hold a routine that converts the data to an integer (in eax)</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  TypeName:
//function declared as: stdcall int ConvertRoutine(unsigned char *input);</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  db '4 Byte Big Endian',0
//Note: Keep in mind that this routine can be called by multiple threads at the same time.</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
ConvertRoutine:</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
//jmp dllname.functionname</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  ByteSize:
[64-bit]</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  dd 4
//or manual:</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
//parameters: (64-bit)</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
//rcx=address of input</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //The convert routine should hold a routine that converts the data to an integer (in eax)
xor eax,eax</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //function declared as: stdcall int ConvertRoutine(unsigned char *input);
mov eax,[rcx] //eax now contains the bytes 'input' pointed to</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //Note: Keep in mind that this routine can be called by multiple threads at the same time.
bswap eax //convert to big endian</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  ConvertRoutine:
ret</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //jmp dllname.functionname
[/64-bit]</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  [64-bit]
[32-bit]</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //or manual:
//jmp dllname.functionname</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //parameters: (64-bit)
//or manual:</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //rcx=address of input
//parameters: (32-bit)</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  xor eax,eax
push ebp</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  mov eax,[rcx] //eax now contains the bytes 'input' pointed to
mov ebp,esp</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  bswap eax //convert to big endian
//[ebp+8]=input</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
//example:</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
mov eax,[ebp+8] //place the address that contains the bytes into eax</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  ret
mov eax,[eax] //place the bytes into eax so it's handled as a normal 4 byte value</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  [/64-bit]
bswap eax</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
pop ebp</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
ret 4</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  [32-bit]
[/32-bit]</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //jmp dllname.functionname
//The convert back routine should hold a routine that converts the given integer back to a row of  
+
  //or manual:
bytes (e.g when the user wats to write a new value)</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //parameters: (32-bit)
//function declared as: stdcall void ConvertBackRoutine(int i, unsigned char *output);</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  push ebp
ConvertBackRoutine:</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  mov ebp,esp
//jmp dllname.functionname</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //[ebp+8]=input
//or manual:</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //example:
[64-bit]</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  mov eax,[ebp+8] //place the address that contains the bytes into eax
//parameters: (64-bit)</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  mov eax,[eax] //place the bytes into eax so it's handled as a normal 4 byte value
//ecx=input</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
//rdx=address of output</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
//example:</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  bswap eax
bswap ecx //convert the little endian input into a big endian input</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
mov [rdx],ecx //place the integer the 4 bytes pointed to by rdx</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
ret</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  pop ebp
[/64-bit]</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  ret 4
[32-bit]</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  [/32-bit]
//parameters: (32-bit)</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
push ebp</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
mov ebp,esp</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //The convert back routine should hold a routine that converts the given integer back to a row of bytes (e.g when the user wats to write a new value)
//[ebp+8]=input</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //function declared as: stdcall void ConvertBackRoutine(int i, unsigned char *output);
//[ebp+c]=address of output</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  ConvertBackRoutine:
//example:</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //jmp dllname.functionname
push eax</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //or manual:
push ebx</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  [64-bit]
mov eax,[ebp+8] //load the value into eax</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //parameters: (64-bit)
mov ebx,[ebp+c] //load the address into ebx</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //ecx=input
//convert the value to big endian</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //rdx=address of output
bswap eax</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  //example:
mov [ebx],eax //write the value into the address</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  bswap ecx //convert the little endian input into a big endian input
pop ebx</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  mov [rdx],ecx //place the integer the 4 bytes pointed to by rdx
pop eax</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2"><br></font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
pop ebp</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  &nbsp;
ret 8</font></div><div align="left"><font face="Arial"  color="#010101"  class="Arial2">
+
  ret
[/32-bit] </font></div>
+
  [/64-bit]
 +
  &nbsp;
 +
  &nbsp;
 +
  [32-bit]
 +
  //parameters: (32-bit)
 +
  push ebp
 +
  mov ebp,esp
 +
  //[ebp+8]=input
 +
  //[ebp+c]=address of output
 +
  //example:
 +
  push eax
 +
  push ebx
 +
  mov eax,[ebp+8] //load the value into eax
 +
  mov ebx,[ebp+c] //load the address into ebx
 +
  &nbsp;
 +
  &nbsp;
 +
  //convert the value to big endian
 +
  bswap eax
 +
  &nbsp;
 +
  &nbsp;
 +
  mov [ebx],eax //write the value into the address
 +
  pop ebx
 +
  pop eax
 +
  &nbsp;
 +
  &nbsp;
 +
  pop ebp
 +
  ret 8
 +
  [/32-bit]
 +
 
 +
 
 +
== Links ==
 +
* [[Cheat Engine:Help File|Help File]]
 +
 
 +
* [[Help_File:Big_endian_2_byte|Back]]
 +
 
 +
* [[Help_File:Unsigned_values|Next]]

Latest revision as of 12:02, 19 March 2017

This script will add the 2 byte Big Endian type support to cheat engine.

 alloc(TypeName,256)
 alloc(ByteSize,4)
 alloc(ConvertRoutine,1024)
 alloc(ConvertBackRoutine,1024)
  
  
 TypeName:
 db '4 Byte Big Endian',0
  
  
 ByteSize:
 dd 4
  
  
 //The convert routine should hold a routine that converts the data to an integer (in eax)
 //function declared as: stdcall int ConvertRoutine(unsigned char *input);
 //Note: Keep in mind that this routine can be called by multiple threads at the same time.
 ConvertRoutine:
 //jmp dllname.functionname
 [64-bit]
 //or manual:
 //parameters: (64-bit)
 //rcx=address of input
 xor eax,eax
 mov eax,[rcx] //eax now contains the bytes 'input' pointed to
 bswap eax //convert to big endian
  
  
 ret
 [/64-bit]
  
  
 [32-bit]
 //jmp dllname.functionname
 //or manual:
 //parameters: (32-bit)
 push ebp
 mov ebp,esp
 //[ebp+8]=input
 //example:
 mov eax,[ebp+8] //place the address that contains the bytes into eax
 mov eax,[eax] //place the bytes into eax so it's handled as a normal 4 byte value
  
  
 bswap eax
  
  
 pop ebp
 ret 4
 [/32-bit]
  
  
 //The convert back routine should hold a routine that converts the given integer back to a row of bytes (e.g when the user wats to write a new value)
 //function declared as: stdcall void ConvertBackRoutine(int i, unsigned char *output);
 ConvertBackRoutine:
 //jmp dllname.functionname
 //or manual:
 [64-bit]
 //parameters: (64-bit)
 //ecx=input
 //rdx=address of output
 //example:
 bswap ecx //convert the little endian input into a big endian input
 mov [rdx],ecx //place the integer the 4 bytes pointed to by rdx
  
  
 ret
 [/64-bit]
  
  
 [32-bit]
 //parameters: (32-bit)
 push ebp
 mov ebp,esp
 //[ebp+8]=input
 //[ebp+c]=address of output
 //example:
 push eax
 push ebx
 mov eax,[ebp+8] //load the value into eax
 mov ebx,[ebp+c] //load the address into ebx
  
  
 //convert the value to big endian
 bswap eax
  
  
 mov [ebx],eax //write the value into the address
 pop ebx
 pop eax
  
  
 pop ebp
 ret 8
 [/32-bit] 


Links[edit]