me Grandmaster Cheater Reputation: 2
Joined: 24 Jun 2004 Posts: 733 Location: location location
|
Posted: Thu Sep 28, 2006 7:38 am Post subject: step 8 tutorial, extra help |
|
|
in the settings/code finder tab darkbyte recomments usings "memory access exceptions" instead of "use debug registers" when your using the "find out what writes to this address option",
meant to help you catch the pointers when the offset is not directcly in the register you broke on but has been set before,
and when you scanned for the pointer >"8fa0dc" you should scan directly for "8fa0dc" and not put the offset with it in the search, you can add the offsets afterwards when you have got down to the static pointer,
the reason your pointer back to your first found address os because you added the offset so it is correctly pointing to the rtight address,
this is what you have got
45615E mov eax,[eax] << contents of eax=8FA178
456160 mov [eax+18],esi << contents of eax=8FA178, add 18 offset to 8FA178=8FA190,
then
456160 mov [eax+18],esi << esi then loads 8FA190 with the value you eventually want to hold 5000,
so set your debugger to
"memory access exceptions"
hex search for the pointers without the offsets,
add them after you have found your pointers down to the static pointer,
you can see the registers and pointers in the code directly above those lines ie mov eax,[eax+0c]
mov eax,[eax+14]
multi pointering is one of the hardest things to learn in ce so dont worry if it takes a bit of time to do it, multi level pointers are a bit awkward to find,
it's handy to learn though as some games reload dll's ect when you reach a new level so they write over the code you may have nopped for instance, then you have to un-nopp it(with a report that the code is not what it should be, thats ok check in the memory viewer that the right code has been written back over your nops) then re-nop it,
I got a table for v3 of the tutorial but I dont think dark byte will want me to post it because that will defeat the cause of his tutorial and you won't learn how to do it.
_________________
|
|