Ask for help wow x64 TraceLine

**gdfsxwy** · 06-30-2015

I'm sorry I'm not good English.

Google translation.

x32 Use normal.

x32 code:

Code:

int Flag;

address = Memory.AllocateMemory(4);

address1 = Memory.AllocateMemory(12);
Memory.WriteBytes(address1 , System.BitConverter.GetBytes(0));
Memory.WriteBytes(address1 + 4, System.BitConverter.GetBytes(0));
Memory.WriteBytes(address1 + 8, System.BitConverter.GetBytes(0));

address2 = Memory.AllocateMemory(12);
Memory.WriteBytes(address2 , System.BitConverter.GetBytes(X1));
Memory.WriteBytes(address2 + 4, System.BitConverter.GetBytes(Y1));
Memory.WriteBytes(address2 + 8, System.BitConverter.GetBytes(Z1));

address3 = Memory.AllocateMemory(12);
Memory.WriteBytes(address3 , System.BitConverter.GetBytes(X2));
Memory.WriteBytes(address3 + 4, System.BitConverter.GetBytes(Y2));
Memory.WriteBytes(address3 + 8, System.BitConverter.GetBytes(Z2));


String[] asm = new String[] 
{
	"push 0x0",	
	"push " + Flag,
	"push 0x1",
	"push "+ address1,
	"push 0x0" + address2,
	"push 0x0"+ address3,
	"call " + Offsets.TraceLine
	"mov byte ptr [" + address + "],al",
	"retn"

}

x64 IDA:

I don't understand the assembly

Code:

I don't understand the assembly


.text:000000014094D310 sub_14094D310   proc near               ; CODE XREF: sub_140462170+1D9p
.text:000000014094D310                                         ; sub_140462170+293p ...
.text:000000014094D310
.text:000000014094D310 var_18          = qword ptr -18h
.text:000000014094D310 var_10          = dword ptr -10h
.text:000000014094D310 arg_20          = dword ptr  28h
.text:000000014094D310
.text:000000014094D310                 sub     rsp, 38h
.text:000000014094D314                 movss   xmm2, dword ptr [rdx]
.text:000000014094D318                 movss   xmm0, dword ptr [rdx+4]
.text:000000014094D31D                 movss   xmm1, dword ptr [rdx+8]
.text:000000014094D322                 mov     r10, rcx
.text:000000014094D325                 subss   xmm2, dword ptr [rcx]
.text:000000014094D329                 subss   xmm0, dword ptr [rcx+4]
.text:000000014094D32E                 subss   xmm1, dword ptr [rcx+8]
.text:000000014094D333                 mulss   xmm2, xmm2
.text:000000014094D337                 mulss   xmm0, xmm0
.text:000000014094D33B                 mulss   xmm1, xmm1
.text:000000014094D33F                 addss   xmm2, xmm0
.text:000000014094D343                 addss   xmm2, xmm1
.text:000000014094D347                 andps   xmm2, cs:xmmword_140F92AF0
.text:000000014094D34E                 comiss  xmm2, cs:dword_14100DCA0
.text:000000014094D355                 jb      short loc_14094D38C
.text:000000014094D357                 mov     rax, cs:qword_14175D3C8
.text:000000014094D35E                 test    rax, rax
.text:000000014094D361                 jz      short loc_14094D38C
.text:000000014094D363                 mov     rcx, [rax+10h]
.text:000000014094D367                 test    rcx, rcx
.text:000000014094D36A                 jz      short loc_14094D38C
.text:000000014094D36C                 mov     eax, [rsp+38h+arg_20]
.text:000000014094D370                 mov     [rsp+38h+var_10], eax
.text:000000014094D374                 mov     [rsp+38h+var_18], r9
.text:000000014094D379                 mov     r9, r8
.text:000000014094D37C                 mov     r8, rdx
.text:000000014094D37F                 mov     rdx, r10
.text:000000014094D382                 call    sub_1409870E0
.text:000000014094D387                 add     rsp, 38h
.text:000000014094D38B                 retn
.text:000000014094D38C ; ---------------------------------------------------------------------------
.text:000000014094D38C
.text:000000014094D38C loc_14094D38C:                          ; CODE XREF: sub_14094D310+45j
.text:000000014094D38C                                         ; sub_14094D310+51j ...
.text:000000014094D38C                 xor     al, al
.text:000000014094D38E                 add     rsp, 38h
.text:000000014094D392                 retn
.text:000000014094D392 sub_14094D310   endp

x64 code:

Code:

String[] asm = new String[] 
{
	"push    rbp",
	"push    rsi",
	"push    rdi",
	"push    r12",
	"sub     rsp, 0E8",
	"mov r9 " + Flag,
	"mov r8 0x1",
	"mov rdx "+ address1,
	"mov rcx " + address2,
	"mov [rsp+0E8+20]"+ address3,
	"call " + Offsets.TraceLine
	"mov byte ptr [" + address + "],al",
	"add rsp, 0x0E8
	"pop r12"
	"pop rdi"
	"pop rsi"
	"pop rbp"
	"retn"

}

No response after x64 code operation
Where is the error?
Please give a code reference.
Thank you!

**Jadd** · 06-30-2015

Originally Posted by gdfsxwy

Code:

String[] asm = new String[] 
{
	"push 0x0",	
	"push " + Flag,
	"push 0x1",
	"push "+ address1,
	"push 0x0" + address2,
	"push 0x0"+ address3,
	"call " + Offsets.TraceLine
	"mov byte ptr [" + address + "],al",
	"retn"

}

I got a question for you too: how on earth does this not crash every time you run it?

**gdfsxwy** · 06-30-2015

Originally Posted by Jadd

I got a question for you too: how on earth does this not crash every time you run it?

Code:

String[] asm = new String[] 
{
	"push 0x0",	
	"push " + Flag,
	"push 0x1",
	"push "+ address1,
	"push " + address2,
	"push "+ address3,
	"call " + Offsets.TraceLine
	"mov byte ptr [" + address + "],al",
	"retn"

}

Will not crash, released a part of the code.

x32 Has been normal operation, and now to improve the X64 code

Shout-Out

User Tag List

Thread: Ask for help wow x64 TraceLine

Thread Tools

Search Thread

Ask for help wow x64 TraceLine

Similar Threads

[Hack] Ask for help, complete automatic loot pickup

[Model Swap] I tried, I almost succeded, I fell and asked for help.

Asking for help with video's like dvd wise.

OwnedCore Forums

casino

CoreCoins

My OwnedCore

About Us

Casino