Cheat Engine

gamerp · Newbie cheater Reputation: 0 Joined: 20 Mar 2024 Posts: 10

Hello all,

I'm new to writing scripts for CE so hope I'm posting in the right place.

So recently I've read up on how to do AOB scans. Looking at the memory viewer I can see it seems to be moving a value from rcx+00000214 here.

1. Is it possible to register the address as a symbol? I've tried googling about this but can't seem to find anything about it (or at least some code I can follow).

2. Since this pointer address seems to be 8 values in hex, does that mean 8 bytes is enough? Or should it be 16 because it's 64bit?

[See screen 1]

3. At some point I tried to perform an AOB scan (with no injection script enabled) but it doesn't find anything even though I can see the signature bytes in the memory viewer.

I then try to restart both the game and CE but it's still not found. If I then enable the aobscanmodule script itself despite the 0 results, the script still works using the same signature.

Why is this?

[See screen 2]

LeFiXER · Posted: Wed Mar 20, 2024 9:58 am Post subject:

Each byte consists of 2 characters. So 4-bytes = 32-bit and 8-bytes = 64-bit. You can register a symbol to use the pointer:

ParkourPenguin · Posted: Wed Mar 20, 2024 2:43 pm Post subject:

1: search "injection copy"
2: 1 byte = 8 bits. (8 bytes = 64 bits)
3: the memory you're searching for probably isn't writable. Right click that "Writable / Executable / Copy on Write" area under "Memory Scan Options" in the main window and select "Preset: scan all memory"

gamerp · Newbie cheater Reputation: 0 Joined: 20 Mar 2024 Posts: 10

@parkour
I saw one of your other posts but I end up with a very detailed posts with broken screenshots so I can't see what's being done ^^;

I can't link but it's titled "Guides: Pointer Scanner + Injection Copies + AOB To Data"?

@fixer

Thanks for the reply.

I'm not quite following the code but yes, I know "inject" is just a default template. I'm guessing the code does the following?

ParkourPenguin · Posted: Wed Mar 20, 2024 3:30 pm Post subject:

All registers have values. `test rcx,rcx` / `je ...` checks if `rcx` is 0. In the context of copying addresses, this does nothing since the game would crash if the address was 0.

`moneyptr` is memory you allocated. You're storing the address of something else in that memory. A value that stores the address of some other value is a pointer. Click the "pointer" checkbox, put "moneyptr" (no quotes) as the base address, and use "328" as the only offset.

Also, the game must run the code for your code injection to do anything. The value of moneyptr will be 0 until the game runs that code.

gamerp · Newbie cheater Reputation: 0 Joined: 20 Mar 2024 Posts: 10

Thanks for the quick replies and patience Smile

I'm pretty certain the game is running the code because I can see the code working i.e. in this case instead of copying whatever's in ecx, it just adds 100000 money instead. Only the moneyptr doesn't seem to get anything copied into it.

If I change from address to pointer there's nothing in the "moneyptr" I allocated for some reason.

ParkourPenguin · Posted: Wed Mar 20, 2024 7:38 pm Post subject:

The base address is the one on the bottom; the field with arrows on the side of it is the offset. Don't use "+00000328" for the offset either; just use "328" (no quotes)

PS: Don't put `dealloc(moneyptr,8)`; just do what CE does and only put the symbol

gamerp · Newbie cheater Reputation: 0 Joined: 20 Mar 2024 Posts: 10

Doh, of course! Been using pointers so much before doing this code injection as well :facepalm:

Thanks, ParkourPenguin! Pointing correctly now!