Cheat Engine

Ballisitc · How do I cheat? Reputation: 0 Joined: 04 Jan 2015 Posts: 6

Hi everyone!

So currently I'm stuck because I think this is beyond my understanding. I'm trying to achieve invisibility mode to always stay when sprinting.

In this game, in order to activate invisibility mode on I have to sprint and it lasts for 3 seconds then off. Apparently I cannot find the timer, I wish I could because it would be a lot easier, but apparently the dynamic address that I found works just as good. The value decreases whenever I turn invis and then increases back to original when not invis, that's when I freeze the value when NOT invis, I stay invis completely when I start sprinting until I stop sprinting, I turn back to normal. I click "what writes to this address" and it points me to the address "27DEF0CF - 89 46 58" whenever invisibility is activated. I immediately NOP the address, but then I realize I couldn't turn invisible anymore. I looked back and realize the address is also wrote to when the the invisibility is turned off. I tried NOP'ing other addresses but no avail. I either don't turn invisible or the game crashes. I realize I need to do some AA or reverse engineering to make this work, which I have very little knowledge.

I click "select current function" and it highlighted the details for you guys to see.

NOTE - Not sure if I could name the name of the game since it is a Multiplayer game....

Krampus · Cheater Reputation: 0 Joined: 22 Nov 2014 Posts: 41

What's in the EAX register when invisibility is on, then when it's off? You could probably make a simple AA script that moves the value for invisible into the register, unless it's some sort of timer in which case you may have to go and reverse a little bit further.

Ballisitc · How do I cheat? Reputation: 0 Joined: 04 Jan 2015 Posts: 6

The EAX is 0. When turning invis and going off of invis, both procs the same address.

Lithium. · Newbie cheater Reputation: 1 Joined: 21 Jan 2015 Posts: 17

Looks like it's moving the value of what "invisible" would be. I bet it would be something like Invisible =1 and Normal = 0. Have you tried NOP'ing the instruction to see what happens? If you have, and the effects were what you wanted then try this below.

Replace mov [esi+58],eax with: mov [esi+58],1

See how that works out.

EDIT: Another thing that might work...

mov eax,1
mov [esi+58],eax

SteveAndrew · Posted: Fri Feb 06, 2015 6:22 am Post subject:

Yeah I'm with Lithium on this one, I bet eax did actually contain a nonzero value for when you become invisible. You likely just didn't catch it when that happened. The find what accesses 'more info' only shows you the info from the first execution / first count it debugged.

I say this because the "test eax,eax" looks important. You could try flipping/reversing the conditional jump or nopping it like so: