Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Rydian's Value/Address Finding Examples
Goto page Previous  1, 2, 3  Next
 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials
View previous topic :: View next topic  
Author Message
Rydian
Grandmaster Cheater Supreme
Reputation: 31

Joined: 17 Sep 2012
Posts: 1358

PostPosted: Sun Aug 30, 2015 12:56 am    Post subject: Reply with quote

I don't know if it's going to work like that, I've never tried it because it seems like a hassle. Finding the ID of what's in your slots and changing it directly is quicker, easier, and lets you change anything into anything else without swapping around ID pairs and having to go pick up specific things in-game.
_________________
Back to top
View user's profile Send private message
Zares
How do I cheat?
Reputation: 0

Joined: 29 Aug 2015
Posts: 2

PostPosted: Sun Aug 30, 2015 1:37 am    Post subject: Reply with quote

Rydian wrote:
I don't know if it's going to work like that, I've never tried it because it seems like a hassle. Finding the ID of what's in your slots and changing it directly is quicker, easier, and lets you change anything into anything else without swapping around ID pairs and having to go pick up specific things in-game.


How to even find the address of thing that in our inventory slot? There's no value to search.

_________________
I'm here just to learn everything about hacking, let me know if there's a tutorial about something I haven't learn yet.
Back to top
View user's profile Send private message
Rydian
Grandmaster Cheater Supreme
Reputation: 31

Joined: 17 Sep 2012
Posts: 1358

PostPosted: Sun Aug 30, 2015 2:08 am    Post subject: Reply with quote

Zares wrote:
Rydian wrote:
I don't know if it's going to work like that, I've never tried it because it seems like a hassle. Finding the ID of what's in your slots and changing it directly is quicker, easier, and lets you change anything into anything else without swapping around ID pairs and having to go pick up specific things in-game.


How to even find the address of thing that in our inventory slot? There's no value to search.
Find the current amount of an item in your inventory that you know the ID for. Search for the ID close to the current item count, find how many bytes away it is, etc.

http://forum.cheatengine.org/viewtopic.php?t=572465

Option 2 here can potentially be used to get the base address of your inventory, and then you can do some pointer stuff to figure out where item slot 1 is.

Like, in Terraria I used that method to hook into some function that finds the player base address.
[_playerbase]
In Terraria the player structure has a pointer to the inventory structure.
[[_playerbase]+ac]
And item slot 1 is +c from that.
[[[_playerbase]+ac]+c]
And for item slot 1, the ID is +6C...
[[[_playerbase]+ac]+c]+6c
And the count is +80...
[[[_playerbase]+ac]+c]+80

I found out what lead to what by using the Dissect Data/Structures option and putting in the base address of the player.

_________________
Back to top
View user's profile Send private message
CJAmper
How do I cheat?
Reputation: 0

Joined: 17 Dec 2015
Posts: 8
Location: Cuyapo

PostPosted: Thu Dec 17, 2015 5:20 am    Post subject: Please Don't Snob me i just want to ask Reply with quote

Sir do you have a Social media like facebook
that i can pm you sir ?

I can't pm you in this site theres a rules sir

_________________
True Gamers Never Die ..

We Respawn ..
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger
Rydian
Grandmaster Cheater Supreme
Reputation: 31

Joined: 17 Sep 2012
Posts: 1358

PostPosted: Thu Dec 17, 2015 11:43 am    Post subject: Reply with quote

I do not help with MMOs or things of that nature, and I don't care about keeping cheats secret because anything you do with CE can be found out.
_________________
Back to top
View user's profile Send private message
danrevella
Master Cheater
Reputation: 2

Joined: 11 Jun 2008
Posts: 290

PostPosted: Fri Dec 18, 2015 4:58 pm    Post subject: Reply with quote

I have experimented severe difficult in founding a parameter.
In my case it is the value of the shield of my ship.
It assume only 3 value: green, yellow, red, then my ship is destroyed.
I have search for unknow initial value, then changed/unchanged value, the problem is that I dead so soon that my research still give me f.e. 2 million of possible location.
If I re-start the mission the value is no longer in the same location, so every time I have to start from ZERO....... I understand that this is a pointer of pointer problem, but if I'm unable in founding the hidden parameter at least one time I may not start in searching for pointer or trying for injection code.
Speedhack in this case seems to me be unuseful.
maybe some other trick is possible?
Thanks for all your excellent tutorials.
Back to top
View user's profile Send private message
Rydian
Grandmaster Cheater Supreme
Reputation: 31

Joined: 17 Sep 2012
Posts: 1358

PostPosted: Fri Dec 18, 2015 7:47 pm    Post subject: Reply with quote

In cases like this you could try to make guesses on the types and values.

If each shield color is a single hit, try searching for a byte value and then decreased as the ship is hit (and unchanged when not).

If each color is a stage/percentage you could try the same but 4-byte, or even float if the game has highly-variable damage.

_________________
Back to top
View user's profile Send private message
danrevella
Master Cheater
Reputation: 2

Joined: 11 Jun 2008
Posts: 290

PostPosted: Sat Dec 19, 2015 5:49 am    Post subject: Reply with quote

Rydian wrote:
In cases like this you could try to make guesses on the types and values.

If each shield color is a single hit, try searching for a byte value and then decreased as the ship is hit (and unchanged when not).

This is the case, but my problem is that after two hit i'm dead, the mission restart, the location vary, and I still have more than 2 million possible value... too much for trial and error......

Crying or Very sad
Back to top
View user's profile Send private message
ParkourPenguin
I post too much
Reputation: 138

Joined: 06 Jul 2014
Posts: 4275

PostPosted: Mon Dec 28, 2015 4:02 pm    Post subject: Reply with quote

Unless you're absolutely certain the address of your shields changes when you restart the level, it's good to make certain of that. Select "All value types", then do an unknown initial value scan. After that, do changed/unchanged value scans (make sure you do a changed one first to help cut down on the initial results more). If something comes up, great. If nothing comes up, then it's going to get much more complicated than just searching and changing values. If you don't know any ASM, you should practice by making some scripts for something (tutorial).

If nothing comes up, then the easiest method I can think of is to use ultimap. Use it to find the function that's called when you take damage, then NOP that function call and make sure any arguments on the stack are taken care of. Here's a YouTube video showing off ultimap:
https://www.youtube.com/watch?v=T5sXoEEPFBQ

If you can't load DBVM to use ultimap, then there are a few other solutions I can think of, but they aren't very good solutions. The first one is to do unchanged value scans over and over again (hundreds of times), then get damaged once, and scan for a changed value. Then, repeat. If you die, then try again, but this time, do more unchanged value scans. You'll need to be lucky and patient if you try to do this.

If you know what the values are, then you can do a pointer scan for that value. I tried this using step 6 of the CE tutorial and it worked out well. You can also try this if you don't know what the values are, but you'll have to guess and be very lucky.
Recommended settings for the pointer scan:
  • Obviously, make sure you have "Value to find:" selected at the top
  • Max level = 2 or 3
  • Turn off "Only find paths with a static address"
  • Turn on "Stop traversing a path when a static has been found"
  • Turn on "No looping pointers"
  • Turn off "Allow stack addresses of the first thread(s) to be handled as static"

The last (and hardest) method would be to find some value that's somewhat related to your shields (can use some addresses found from the changed/unchanged value scan method). Then, look at the ASM around instructions that access that address which are only run when you take damage. If you can find a call somewhere nearby that's only run when you take damage, then you can try to NOP that call and see if it makes you invincible. You'll need to know the basics of backtracing (tutorial), understand a decent amount of ASM, and have enough patience to sift through possibly thousands of instructions.

_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
danrevella
Master Cheater
Reputation: 2

Joined: 11 Jun 2008
Posts: 290

PostPosted: Mon Dec 28, 2015 5:22 pm    Post subject: Reply with quote

@ParkourPenguin
Many thanks!!!
You gave me a new hope........Wink in this star wars game......
For first i'll try to learn ultimap, even if it's hard to master, will be really usefull in future situations.
Then I'll try to look at the asm call nearby to when I'll take damage.
Does exist (as was in the old Softice x winnt) a code break key in CE?
Back to top
View user's profile Send private message
ParkourPenguin
I post too much
Reputation: 138

Joined: 06 Jul 2014
Posts: 4275

PostPosted: Mon Dec 28, 2015 5:31 pm    Post subject: Reply with quote

If you're talking about a breakpoint, then yes, it's under the Debug menu in the memory viewer. There are also several other things you can do if you right click on an instruction in the disassembler (top half of the memory viewer).
_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
danrevella
Master Cheater
Reputation: 2

Joined: 11 Jun 2008
Posts: 290

PostPosted: Mon Dec 28, 2015 6:06 pm    Post subject: Reply with quote

no, I refer to an hotkey who break in the code that is executed in that moment, and let me land in debugger with no need I first have set a breakpoint....
(ollydbg does NOT have this, I remember this opportunity only in Softice for dos os in Sersoft debugger-driver version)
But i understand that may not be possible: I speak about old debuggers running on ring0.........
BTW Now I have a good opportunity to start, many thanks.
Back to top
View user's profile Send private message
GiGiGiGi
How do I cheat?
Reputation: 0

Joined: 05 Feb 2016
Posts: 3

PostPosted: Fri Feb 05, 2016 6:29 pm    Post subject: Reply with quote

I Already opened a tread on this, but i saw that you all seems to be very prepared, so i'll try here:
I'm playing a basketball game called SBM, Sportando Basket Manager. Now, i'd like to change my money amount, that should be "512.363 €". I don't know what Type of value should i use, but i tried them all and no one work. I also tried to scan unwritable values, and it's like the first time that i cannot even find a value that seems to be basilar. Maybe it not "512.363" but something like x*y=512.363.
I also tried to use the classical Decreased/unchanged process, but it seems useless. It's like if the number... isn't a number! I Mean, if i start from a unknown number, and i always decrease it(and search for decreased), something should come out, but no! i just find a lot of numbers like "2.67803342671789E-319", That decrease everytime i decrease money in the game. However, if i just wait some time, and do it again, EVERY value disappear. But it's senseless, i mean, it MUST be a value. I Tried it all, D:
Back to top
View user's profile Send private message
danrevella
Master Cheater
Reputation: 2

Joined: 11 Jun 2008
Posts: 290

PostPosted: Fri Feb 05, 2016 8:07 pm    Post subject: Reply with quote

GiGiGiGi wrote:
I also tried to use the classical Decreased/unchanged process, but it seems useless.

IMO you have to select "ALL" type then scan for changed/unchanged, NOT Decreased/unchanged.
I hope this help.
Back to top
View user's profile Send private message
GiGiGiGi
How do I cheat?
Reputation: 0

Joined: 05 Feb 2016
Posts: 3

PostPosted: Fri Feb 05, 2016 11:45 pm    Post subject: Reply with quote

I did, but nothing changed. At the end, i have like 15 results, three 4 bytes like "38294928" and a lot of floats like before. It's like if the result of the money is some strange operation between these values. But i'm not sure, i tried to change them but nothing happened in the game.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials All times are GMT - 6 Hours
Goto page Previous  1, 2, 3  Next
Page 2 of 3

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites