How can i edit this instruction?

[nok1a]

I'm not sure what can be done with this instruction. What are the options to which i can edit it, like bool or making it negative value..etc:

[AMIYA]

17 hours ago, nok1a said:

I'm not sure what can be done with this instruction. What are the options to which i can edit it, like bool or making it negative value..etc:

You can edit that

[nok1a]

2 hours ago, AMIYA said:

You can edit that

Oke, how? What are my options?

[AMIYA]

9 hours ago, nok1a said:

Oke, how? What are my options?

U use dump.cs ?

[nok1a]

2 hours ago, AMIYA said:

U use dump.cs ?

No, its UE4

[MC189]

Hi @nok1a, are you refer to "STR" instruction?:

• STR: is intended to STORE Register, an opposite of LDR (LOAD Register)
• X21: is destination of the Register to Store, which X is for 64-bit or W for 32-bit
• SP: is Stack Pointer, a Register that's mostly hold temporary variable
• #0x30: is the Offset from SP
• ! : Writeback syntax: will writes the address (and offset) into itself.

Thus we know, the value from the Stack Pointer is 64-bit, but we don't know what's the value to be specific. Thus you can directly edit the current X21 with immediate value:

MOV X21, #0 --for values
MOV X21, 0x123 --for address

I also wasn't sure what X21 is containing, it might be some address through ADRP, or else.

[CmP]

It can be edited to any valid instruction, if it's a part of modification that overwrites function's original code with custom code. Which meaningful options for modification there are in particular case depends on intended change of behavior, what targeted function does, amount and types of it's parameters and type of it's returned value.

[XEKEX]

@nok1a if the game uses LIBC you can hook that function and reverse engineer the arm code using FRIDA to see each registers values and what it does after that you can also edit the arm code inspot to see the changes

Edited Tuesday at 04:58 AM by XEKEX