Arm Patching

KabutHitam · August 11, 2023

i need code fast like

~A8 FMOV S0, #0x41980000

but i want so fast

XEKEX · August 15, 2023

On 8/11/2023 at 4:49 AM, KabutHitam said:

i need code fast like

~A8 FMOV S0, #0x41980000

but i want so fast

what do u mean fast also is it 64 or 32

MAARS · August 15, 2023

I guess he want it like this, dom might help xD

KabutHitam · August 15, 2023

2 hours ago, XEKEX said:

what do u mean fast also is it 64 or 32

for 64, i using fmov for float

1 hour ago, MAARS said:

I guess he want it like this, dom might help xD

dom can't help me ahhahaha

MAARS · August 15, 2023

33 minutes ago, KabutHitam said:

for 64, i using fmov for float

2 hours ago, MAARS said:

Nice, but your request still lack context, what are you trying to do ?

THETWINSOFFICIAL · August 16, 2023

Have you tried it?

Like this ?

X1, x2

X0, x1

KabutHitam · August 16, 2023

23 hours ago, MAARS said:

Nice, but your request still lack context, what are you trying to do ?

i just want opcode high value for speed

14 hours ago, AMIYA said:

Have you tried it?

Like this ?

X1, x2

X0, x1

you get stuck when you use that, only fmov

MAARS · August 16, 2023

Use the first site to get arm/8 opcode then the second to convert it into bytes code

https://gcc.godbolt.org/
https://armconverter.com/

Make sure to configure gcc correctly by setting the language to c++ and the compiler to armv8-a or armv7-a

kiynox · August 16, 2023

[ @KabutHitam ]
---

Quote

i just want opcode high value for speed

From what I understand, you're trying to set a large possible value. You can use this template:
---
[ Float 0-65535 ]

MOVW R0, #(1-65535)
VMOV SO, R0
VCVT.F32.S32 S0, S0
VMOV R0, S0
BX LR

---
[ Float 65535 - 131072 ]: R0 = R0 + R1

MOVW R0, #(0-65535)
MOVW R1, #(0-65535)
ADD R0, R0, R1
VMOV SO, R0
VCVT.F32.S32 SO, S0
VMOV RO, SO
BX LR

---
[ Float 131072 - 429503284]: R0 = (R0 x R1) + R1

MOVW R0, #(0-65535)
MOVW R1, #(0-65535) --multiply here
MUL R0, R0, R1
MOVW R1, #(0-65535) --addition here
ADD R0, R0, R1
VMOV S0, R0
VCVT.F32.S32 S0, S0
VMOV R0, S0
BX LR

---
*Above mnemonic are replicable for getting a really high value.
*Do note that most function has it's own Max Limit, so you need to change them first (example: MaxHP & MinHP)
*( credit: @BadCase )

huanggua · August 17, 2023

21 hours ago, Xaviesz said:
[ @KabutHitam ]
---

From what I understand, you're trying to set a large possible value. You can use this template:
---
[ Float 0-65535 ]
MOVW R0, #(1-65535)
VMOV SO, R0
VCVT.F32.S32 S0, S0
VMOV R0, S0
BX LR
---
[ Float 65535 - 131072 ]: R0 = R0 + R1
MOVW R0, #(0-65535)
MOVW R1, #(0-65535)
ADD R0, R0, R1
VMOV SO, R0
VCVT.F32.S32 SO, S0
VMOV RO, SO
BX LR
---
[ Float 131072 - 429503284]: R0 = (R0 x R1) + R1
MOVW R0, #(0-65535)
MOVW R1, #(0-65535) --multiply here
MUL R0, R0, R1
MOVW R1, #(0-65535) --addition here
ADD R0, R0, R1
VMOV S0, R0
VCVT.F32.S32 S0, S0
VMOV R0, S0
BX LR
---
*Above mnemonic are replicable for getting a really high value.
*Do note that most function has it's own Max Limit, so you need to change them first (example: MaxHP & MinHP)
*( credit: @BadCase )

How to use GameGuardian to modify so many assembly codes?

kiynox · August 17, 2023

[ @huanggua ]
---

Quote

How to use GameGuardian to modify so many assembly codes?

Make sure that you're know the difference between Arm and Thumb. The difference between both is that: Arm uses 4 hexes / 8 bytes, meaningwhile, Thumb usually uses only 2 hexes / 4 bytes. For example:

Quote

Assembly: NOP
Arm: 00 F0 20 E3
Thumb: 00 BF

---
It is important because you can only change one instruction with another one WITH the same hex length. You can replace the next instruction to fit your long-patches, but make sure that: if it's a function, you need to ends it with:

Arm32: BX LR
Arm64: RET

---

Edited August 17, 2023 by Xaviesz

huanggua · August 20, 2023

On 2023/8/18 at 2:05 AM, Xaviesz said:
[ @huanggua ]
---

Make sure that you're know the difference between Arm and Thumb. The difference between both is that: Arm uses 4 hexes / 8 bytes, meaningwhile, Thumb usually uses only 2 hexes / 4 bytes. For example:

---
It is important because you can only change one instruction with another one WITH the same hex length. You can replace the next instruction to fit your long-patches, but make sure that: if it's a function, you need to ends it with:
Arm32: BX LR
Arm64: RET
---

Do you mean that, for example, after I find the address of the MAXHP function, I can use GameGuardian to modify this value and some subsequent values to MOVW R0, #(1-65535)

VMOV SO, R0

VCVT.F32.S32 S0, S0

VMOV R0, S0

BX LR ?

Maybe I didn't express myself clearly, see if you can understand now.

kiynox · August 20, 2023

[ @huanggua ]
---

Quote

some subsequent values

That's right. If it's doesn't fit, just replace the next instruction.
---

Sign In

Arm Patching

Question

KabutHitam

12 answers to this question

Recommended Posts

XEKEX

MAARS

KabutHitam

MAARS

THETWINSOFFICIAL

KabutHitam

MAARS

kiynox

huanggua

kiynox

huanggua

kiynox

Create an account or sign in to comment

Create an account

Sign in

Similar Content

ARM PATCH

ARM Patching (ADVANCED) 1 2

ARM CHECKER

ARM LDR 1 2

ARM CHECKER

Downloads

Activity

My Activity Streams

Important Information