 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Migu
How do I cheat?
![]() Reputation: 0
Joined: 27 Jun 2017
Posts: 1
|
 Posted: Tue Jun 27, 2017 1:34 am Post subject: Finding and interpreting a function |
 |
|
Sorry if my terminology is wrong, I'm pretty new to this.
I want to find the "function" that is run when the character walks. I'm using Desmume. I've found the position address and looked at "find what writes to this address". Here is the opcode:
mov [edx+DeSmuME_0.9.9_x86.exe+2EE3FE0],eax
I understand this: it takes the value in the register eax and puts it in the address edx+DeSmuME_0.9.9_x86.exe+2EE3FE0. One question I have is: what does DeSmuME_0.9.9_x86.exe mean in this case? As far as I can tell, it simply represents the number 0x00400000.
But onto my main question. That opcode seems to be the final step of a function. I would expect this function to look at the initial position and speed, check for what direction is being pressed, check for collision, calculate the final position, and finally write this final position into the position address. Once again, this final step seems to be precisely what the opcode I found is doing. My question is, how can I find the opcodes that do the other steps? Is there a way to find all opcodes that are run?
This seems like it's common thing people want to do, so there's probably a name for it and a better way to explain it. 
|
|
| Back to top |
|
 |
OldCheatEngineUser
Whateven rank
 Reputation: 20
Joined: 01 Feb 2016
Posts: 1587
|
| Posted: Tue Jun 27, 2017 2:05 am Post subject: Re: Finding and interpreting a function |
|
|
| Migu wrote: |
I want to find the "function" that is run when the character walks.
|
if you mean "function" then
| Code: | | mov [edx+DeSmuME_0.9.9_x86.exe+2EE3FE0],eax |
is what you are looking for, otherwise you want a "flag"
| Migu wrote: |
I'm using Desmume. I've found the position address and looked at "find what writes to this address". Here is the opcode:
mov [edx+DeSmuME_0.9.9_x86.exe+2EE3FE0],eax
I understand this: it takes the value in the register eax and puts it in the address edx+DeSmuME_0.9.9_x86.exe+2EE3FE0.
|
yes true
| Migu wrote: |
One question I have is: what does DeSmuME_0.9.9_x86.exe mean in this case? As far as I can tell, it simply represents the number 0x00400000.
|
it doesnt mean anything, its very clear. its matter of calculation.
calculation of addresses in memory, it calculate address plus | Code: | | DeSmuME_0.9.9_x86.exe+2EE3FE0 |
. so it calculate then it moves the value of into that final result of the previous calculation.
| Code: | | [edx+DeSmuME_0.9.9_x86.exe+2EE3FE0] |
equal the same address you did "find what writes to this address".
| Migu wrote: |
But onto my main question. That opcode seems to be the final step of a function. I would expect this function to look at the initial position and speed, check for what direction is being pressed, check for collision, calculate the final position, and finally write this final position into the position address. Once again, this final step seems to be precisely what the opcode I found is doing. My question is, how can I find the opcodes that do the other steps? Is there a way to find all opcodes that are run?
|
yes there is a way or more, but these things arent easy at all. because they are constants. NON-WRITABLE VALUES. (dont misunderstand, writable is different than modifiable)
| Migu wrote: |
This seems like it's common thing people want to do, so there's probably a name for it and a better way to explain it.
|
maybe if you use other words, OR say whats your point/trying to do. then people here will get your point better / faster and in a clear way.
remember this is a forum/community. lot of advanced cheaters/game hacker are here. so definitely you will get a help hand or a guide.
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
| STN wrote: | | i am a sweetheart. |
|
|
| Back to top |
|
|
ParkourPenguin
I post too much
 Reputation: 140
Joined: 06 Jul 2014
Posts: 4291
|
| Posted: Tue Jun 27, 2017 9:02 am Post subject: |
|
|
"DeSmuME_0.9.9_x86.exe" is the name of an image (i.e. an exe or dll). They are loaded into the process's address space at a particular address. In this case, that exe was loaded at 0x00400000 (this is common for 32-bit exe files, but don't assume it's always the case).
| Migu wrote: | | That opcode seems to be the final step of a function. I would expect this function to look at the initial position and speed, check for what direction is being pressed, check for collision, calculate the final position, and finally write this final position into the position address. Once again, this final step seems to be precisely what the opcode I found is doing. My question is, how can I find the opcodes that do the other steps? Is there a way to find all opcodes that are run? |
First of all, that's an instruction. A body of instructions that are designed to be called is a subroutine (in the language the source code was written in, it could be called a function, method, etc.).
Secondly, your expectation of that subroutine is baseless. DeSmuME is an emulator. It emulates other hardware. This is commonly done through interpretation: the emulator runs the game's code without compiling it. In that case, the instruction you found likely accesses many other addresses, and trying to modify the emulator itself on your native system would be convoluted.
DeSmuME does have a "dynamic recompiler" feature (aka JIT compilation). This could mean the ARM was compiled into assembly when it was first asked to run, which would mean changing it natively could be as easy as stuff written in languages like Java, Flash, or .NET (e.g. C#). However, JIT compilation has its own problems, and your expectation could still be wrong even if it was written in a statically compiled language like C or C++.
TL;DR: don't use CE. CE changes the native code running on your system. You should change the code running on the emulator, which DeSmuME allows you to do. Use Google to learn about ARM and how to debug stuff on DeSmuME.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
