Tomvita's tools

Group forum Group members

How to disassemble a ASM hack and perhaps customize it to fit your preference

TomSwitch

TomSwitch

Well-Known Member
OP
Member
Level 24
Joined
Jan 10, 2019
Messages
4,565
Trophies
1
Age
44
XP
14,795
Country
United States
Here is an example ASM code
04000000 00376F2C D503201F
Command Offset Value
To write 4 bytes at Main + Offset
What is written in this example is D503201F

You want to know what D503201F do you have to disassemble it.

First you have to reverse the byte order in this case
D503201F becomes 1F2003D5

Here are some examples https://armconverter.com/?disasm&code=1F2003D5 081980D2 8A090A0B

nop means no operation i.e. do nothing, you can not do much here unless you want to dig deeper into the game code, this hack stop the game from doing something but you do don't know what yet.

mov is interesting, check the value 0xc8, it's 200 in decimal, if this code make qty = 200 then you should know what to do if you want something different

lsl #2 means shift left by 2 which means multiply by 2^2 = 4. If this code multiply something by 4 you know you can change that to other multiple of 2

1642042550213.png

Example customization https://armconverter.com/?code=mov x8, #0xc8 add w10, w12, w10, lsl #2 mov x8, #400 add w10, w12, w10, lsl #3

Change qty to 400
Change multiplier to 8

You can use the code directly when GDB/LLDB is on, no need to reverse the byte order as it is already done for you

1642043281969.png
 
Last edited by TomSwitch,
  • Like
Reactions: ZER-O, arismendy64, jhmiller and 2 others
jhmiller

jhmiller

Well-Known Member
Member
Level 15
Joined
Nov 23, 2010
Messages
637
Trophies
2
Location
Madrid
XP
4,741
Country
Spain
Thanks @TomSwitch, I have a doubt: in the MOV you have put 400 in decimal.
Shouldn't it be in hex? That is, put #0x190?
Sorry if it's a very obvious question, but I have no clue about ASM.
 
TomSwitch

TomSwitch

Well-Known Member
OP
Member
Level 24
Joined
Jan 10, 2019
Messages
4,565
Trophies
1
Age
44
XP
14,795
Country
United States
jhmiller said:
Thanks @TomSwitch, I have a doubt: in the MOV you have put 400 in decimal.
Shouldn't it be in hex? That is, put #0x190?
Sorry if it's a very obvious question, but I have no clue about ASM.
Click to expand...
You can use decimal if you like, there is no need to convert it to hex. The problem is often forget to put 0x for address.

Normally when there is a need to put 0x that means decimal is recognized without any modifier.

PS: Fun fact, do you know 0123 is not the same as 123? Since not many people would type in 0123 when they want 123 this is not likely to become a problem but if for some reason there are leftover 0 make sure to delete it. 0 is use to make it a octal number. 0123 = 83. If your first search is 10123 and second is 123 you must not only delete the 1.
 
Last edited by TomSwitch,
  • Like
Reactions: jhmiller
You must log in or register to reply here.

Site & Scene News

Go to forum More news

Group statistics

Members:
213
Threads:
44
Messages:
138