| View previous topic :: View next topic |
| Author |
Message |
Darimus
How do I cheat?
![]() Reputation: 0
Joined: 21 Sep 2004
Posts: 8
|
 Posted: Sat Oct 02, 2004 6:34 pm Post subject: Trying to find pointer in d2 |
 |
|
In single-player d2 ExPack version 1.10,
I found the address that represents health, but when I found out what writes to it, then searched for what it points to in hex, it found nothing...
-----------
oh and while i'm talking about pointers, heres two things I noticed:
'propably' is spelled wrong (probably)
and I wish I could highlight the address, so I could copy and paste it... instead of retyping it in notepad, then copying it into the search box
|
|
| Back to top |
|
 |
emperor
Master Cheater
![]() Reputation: 0
Joined: 16 May 2003
Posts: 470
Location: Germany
|
| Posted: Sun Oct 03, 2004 3:20 am Post subject: |
|
|
| Same happened to me in another game: it said the address that points to it should be 0a07baec however that address wasn't in the game. Well I guess that does not always work huh..
|
|
| Back to top |
|
|
stomperz
Expert Cheater
![]() Reputation: 0
Joined: 18 Jul 2004
Posts: 193
Location: USA Chicago
|
| Posted: Sun Oct 03, 2004 6:44 am Post subject: |
|
|
Have had the same problem.
Maby a pointer to a pointer?
btw - When I attach the debugger to "what writes to this address" I have no problems, but when I use the "what (reads from/accesses) this address" some games freeze. (Risk Your Life)
Must be very memory intensive, games that work slow down and takes awhile to get results.
Anyone else experience this problem?
|
|
| Back to top |
|
|
Dark Byte
Site Admin
 Reputation: 458
Joined: 09 May 2003
Posts: 25287
Location: The netherlands
|
| Posted: Sun Oct 03, 2004 10:38 am Post subject: |
|
|
First thing, make sure you are also scanning read-only memory for the pointer.
when the value of the register isn't stored in the memory you'll have to find find another way to get to the pointer. My suggestion is look at the code arround that instruction.
for example:
mov [esi+12],12
and esi=1a402bed
if you scan for 1a402bed and you don't find anything look at the assembler code.
if you're lucky it could be that there is a calculation done with esi just before the instruction. (but could also be a little before it)
So, let's say before that there's a "ADD esi,ed"
then scan the memory for 1a402b00 and scan that memory. when you find it, then add that address as the base pointer and as offset (ed+12=)ff
---
another thing I added in CE 4.4 to help you find the pointer without the need of a debugger is the static scanner. (memory view->view->static addresses)
It scans the memory for code that reads a value from the memory. (eg:mov esi,[00512890] )
first fill in the range of the code (the default is pretty good for small games(arround 200KB), but you might need several tries before you've figured out the good code ranges, and the bigger the range the longer a scan will take)
When it is done scanning sort the center column and look for a result that's close to your address. Then add the address on the left side as the base pointer and set the offset so that the address matches that of what you need.
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
