Pivo58 Posted June 12, 2023 Posted June 12, 2023 So i have an arm64 opcode like LDR S0, [X0,#0x230] RET How do i edit it to return my value like MOV W0, #123 or FMOV S0, #0x40400000 Videos would be very appreciated because i'm very bad at english and it's hard for me to understand complicated texts
XEKEX Posted June 13, 2023 Posted June 13, 2023 you can check my guide :Â ARM Patching (ADVANCED) (#7p8tyasm) Â
Pivo58 Posted June 13, 2023 Author Posted June 13, 2023 28 minutes ago, XEKEX said: you can check my guide :Â ARM Patching (ADVANCED) (#7p8tyasm) Â Your guide is really helpful, i know how to patch float and double offsets now but i still don't understand how to edit LDR Could you please make a video editing a LDR opcode or an edited result of the LDR opcode in my question?
THETWINSOFFICIAL Posted June 14, 2023 Posted June 14, 2023 5 hours ago, Pivo58 said: Your guide is really helpful, i know how to patch float and double offsets now but i still don't understand how to edit LDR Could you please make a video editing a LDR opcode or an edited result of the LDR opcode in my question? Change use mov and see what happen
XEKEX Posted June 14, 2023 Posted June 14, 2023 @Pivo58Â here is what LDR and STR do :Â Â in your case it load the value of the pointer X0 +Â 0x230 into FPUÂ S0 = (the value of the pointer) X0 + 0x230 <-- this value is a float
Pivo58 Posted June 14, 2023 Author Posted June 14, 2023 14 hours ago, AMIYA said: Change use mov and see what happen like how? If i will replace ldr with mov then absolutely nothing happens and even the game doesn't crash
Pivo58 Posted June 14, 2023 Author Posted June 14, 2023 11 hours ago, XEKEX said: @Pivo58Â here is what LDR and STR do :Â Â in your case it load the value of the pointer X0 +Â 0x230 into FPUÂ S0 = (the value of the pointer) X0 + 0x230 <-- this value is a float So yeah, LDR R1, [R0] Will load r0 into r1 but how do i turn r0 into my value and especially how do i make this in gameguardian. Could you please send any screenshots of some already edited LDRs in gameguardian, i want to know how does the structure looks like (or sequence idk how do i call it correctly)
XEKEX Posted June 15, 2023 Posted June 15, 2023 8 hours ago, Pivo58 said: So yeah, LDR R1, [R0] Will load r0 into r1 but how do i turn r0 into my value and especially how do i make this in gameguardian. Could you please send any screenshots of some already edited LDRs in gameguardian, i want to know how does the structure looks like (or sequence idk how do i call it correctly) R0 is the caller address (CA region) + 0x230 will give you the value of the float being loaded into R1 • you can manually pointer search for that method applying the offset then edit the value of it • you can allocate new memory in XA region and write you custom code ( using mov ) then replace the method pointer to your allocated memory • overwrite the actual instructions with MOV etc
XEKEX Posted June 15, 2023 Posted June 15, 2023 On 6/14/2023 at 5:25 PM, Pivo58 said: like how? If i will replace ldr with mov then absolutely nothing happens and even the game doesn't crash if nothing change that mean the method doesn't get called
Question
Pivo58
So i have an arm64 opcode like
LDR S0, [X0,#0x230]
RET
How do i edit it to return my value like MOV W0, #123 or FMOV S0, #0x40400000
Videos would be very appreciated because i'm very bad at english and it's hard for me to understand complicated texts
8 answers to this question
Recommended Posts
Archived
This topic is now archived and is closed to further replies.