gopher.createaforum.com/1/forums/roshacks/p/52

   DIR Return Create A Forum - Home
       ---------------------------------------------------------
       Hack Community
  HTML https://roshacks.createaforum.com
       ---------------------------------------------------------
       *****************************************************
   DIR Return to: Structs/Offsets
       *****************************************************
       #Post#: 146--------------------------------------------------
       Move Speed - Jump - Fast Parac [Pattern Scan with ASM]
       By: pipo1337 Date: April 10, 2018, 6:36 pm
       ---------------------------------------------------------
       MOVESPEED:
       [code]MOVESPEED_ADR_PATTERN: f3 0f 10 0d ?? ?? ?? ?? 83 ec ?? f3
       0f 59 c1
       \xf3\x0f\x10\x0d\x99\x99\x99\x99\x83\xec\x99\xf3\x0f\x59\xc1
       xxxx????xx?xxxx
       float movespeedval = 99;
       __declspec(naked) void movespeed_on()
       {
       __asm
       {
       movss xmm1,[movespeedval]
       jmp dword ptr [movespeed_ret]
       }
       }
       IN C.E: movss xmm1,[ros.exe+xxx]
       mov [ros.exe+xxx], (float)movespeedval [/code]
       Fast Parachute:
       [code]FASTPARAC_ADR_PATTERN: F3 0F 10 4E ?? 0F 57 ?? ?? ?? ?? ??
       F3 0F 58 86 ??
       \xF3\x0F\x10\x4E\x99\x0F\x57\x99\x99\x99\x99\x99\xF3\x0F\x58\x86
       \x99
       xxxx?xx?????xxxx?
       float fastparacval = 800;
       __declspec(naked) void fastparac_on()
       {
       __asm
       {
       movss xmm1,[fastparacval]
       jmp dword ptr [fastparac_ret]
       }
       }
       IN C.E: movss xmm1,[esi+0x4C]
       mov [esi+0x4C],(float)800[/code]
       Jump:
       [code]JUMP_ADR: 8b 41 ?? 56 8d ?? ?? c6 41 ?? ?? 89 81 ?? ?? ??
       \x8b\x41\x99\x56\x8d\x99\x99\xc6\x41\x99\x99\x89\x81\x99\x99\x99
       xx?xx??xx??xx???
       float jumpval = 200;
       __declspec(naked) void jump_on()
       {
       __asm
       {
       mov eax,jumpval
       jmp dword ptr [jump_ret]
       }
       }
       IN C.E mov eax,(float)jumpval // ecx+0x50 normal(offset might
       changed, check it.)[/code]
       *****************************************************