Cheat Engine

Snow1337 · Posted: Mon Oct 25, 2004 9:21 am Post subject: VERY Weird

I am trying to make a table for this game called "Stick Soldiers 2" I had everything I wanted.. like 14 options and WHAM I restarted to discover it had dma... so I pointered each value and restarted again.. what's this? they still all changed.. so I tried multi pointering but it wouldn't get the right value... can someone clue me in on wth is going on....

emperor · Posted: Mon Oct 25, 2004 1:40 pm Post subject:

If multiple addresses wrote to it then make sure you check out all of them and use all pointers, also gain more pointers by using the search for base pointer. Then find something that points to the pointers and go on until it works. If double pointer is not enough take one more...

Snow1337 · Posted: Mon Oct 25, 2004 3:33 pm Post subject:

I give up.. I have tried everything.. the value just won't pointer.

me · Posted: Mon Oct 25, 2004 4:54 pm Post subject:

ok this is dark bytes idea not mine,,
when you find all the addresses you need save them,,

and when you load up the table and game another time,,

do a search for the easiest to find address, then right click on the refound address and click on the recalculate option,

you might try to use a text search to recalculate from, if that is more convinient in that particular game,,

another way might be to look for static adresses,,
that'll be in the advanced options,,
and mabe work out the range of memory to search from the found addresses,,
that can take a while to work through though,,

online games are flakey to mess with anyway,
and online players flakier,,

they get funny if they think your cheating Wink

is stick soldiers a multiplayer game, never heard of it,, Question

Snow1337 · Posted: Mon Oct 25, 2004 5:52 pm Post subject:

No, it's single player I have never in my life seen so much protection on a single player game..it even has protection against win32dasm... it's just a lineart shooting game for crying out loud.. if you want to give this game a whirl...
http://www.pcgaming.ws/viewgame.php?game=stick_soldiers_2

If you get it pointer'd you must tell me how.. I am done messing with it.

me · Posted: Mon Oct 25, 2004 11:12 pm Post subject:

came up with some interesting code,,

44a0b5 mov[eax+1c],edx

44c756 mov[eax+1c],00000000

449d95 mov,[edx+1c],00000008 (this was when holding a weapon with 8 ammo)

77c40e4b mov[ecx],eax

436880 mov[eax+1c],edx

the offset 1c comes up a lot,,

saw a sub in the code above these somewhere,

well I replaced all of them with code that does nothing to see what happened ,,
just for a first test,,

and it stopped all the bots firing at each other they just run about ,,

and there weapons floated above them and player 1(that's us),

try to see what address that code writes to,,

and this game don't pause when you alt+tab out so you really need to set a pause hotkey,,
it's in settings and it works on this game,,

just got in from a night out so haven't had much time on this,,

but that's halfway to the ammo there,,

see if we can sort out the health next,,

oh by the way I got 2 moniters running,,

it's a bit awkward with somes games using the pause cos it keeps you too the game screen at times,,
when you ctrl+alt+page down to bring cheat engine to the front,,

anyway try and mess with that code,,
if the game adresses differently on you machine you can do a hex search for it,,

Snow1337 · Posted: Tue Oct 26, 2004 4:20 pm Post subject:

Snow1337 · Posted: Tue Oct 26, 2004 4:27 pm Post subject:

Also, there is a flag for your head...

1=Head
0=Headless

You could use the debugger and play with that some... fun times XD

me · Posted: Tue Oct 26, 2004 4:48 pm Post subject:

this seems to do the trick on my machine for the health,,

1FC4C38 + d8

started the game a dozen times and it stayed there,,

and reloaded the game as well and it was ok,,

and your right it's a pain in the arse to find,,

you can't recalculate the addresses either,,

Snow1337 · Posted: Tue Oct 26, 2004 5:32 pm Post subject:

Didn't work.. this game is confusing.

me · Posted: Tue Oct 26, 2004 6:43 pm Post subject:

well here's the code that accesses my pointer

4148ac cmp dword ptr [eax+4],00

4148b0 sub eax,[edx+4]

here's the chunk of code with hex if your adresses are different,,

4148ac - 83 78 04 00 - cmp dword ptr [eax+4],00
4148b0 - 75 09 - jne 4148bb
4148b2 - c7 45 f8 00 - mov [ebp-8],00000000
4148b9 - eb 17 - jmp 4148d2
4148bb - 8b 4d fc - mov ecx [ebp-4]
4148be - 8b 55 fc - mov edx [ebp-4]
4148c1 - 8b 41 08 - mov eax [ecx+8]
4148c4 -2b 42 04 - sub eax [edx+4]

if you can find what the sub writes too it might give you the pointer you want,,

hope that helps you, but with this game I won't count on it :shock:

you'll still need d8 +as the offset not +4 if it does find the pointer ,, Rolling Eyes

well anyway at least it's easy to find the adresses ,
a floating point seach on health will get the result in 2 hits,,
so it's no big deal,,

some games are just like that,,
proberbly more to do with the way there written an compiled than any protection,, or it would'nt be so easy to find the health and ammo addresses in the first place,,

but I did notice that the pointer seems to go through some gymnastics,,
messed about with the high and low byte, dword and quadword,,

and the pointer address is juggled around the registers for a long time before it reach's the code we first find with the,,, find what accesses this address,,,

could'nt be arsed to trace further back for a line art game,,

still it kill's a few minutes of boredom,,funny little game,, I got to like it,,

me · Posted: Thu Oct 28, 2004 12:39 pm Post subject:

ok your proberbly sick of this game by now,,

but I've traced though to the health base pointer's,,

don't have much time on my own pc because every one else hogs it,,

you can work out the offset between my adresses and yours and it'll let you see a bit deeper into the code,,

I'll leave it at that for this game before you get fed up with me posting about it,,

Snow1337 · Posted: Thu Oct 28, 2004 2:54 pm Post subject:

I could easily do this if I understood multi pointering better... I am still getting used to CE.

me · Posted: Fri Oct 29, 2004 2:49 am Post subject:

ok find your pointer in the usual way,,

then find the pointer to the pointer,

you just right click on the pointer you've found and do a,

find out what writes to this address or what accesses this address,,

same as you did before,,

when you've got found some code,you can then go through it to see what one is useful to you,,

to get further into the program and see what's going on,

right click on the code you want to look at and choose open disassembler

or click on the memory view button,to get the memory viewer window up,,

in the assembly window just highlight the code you want to put a breakpoint on and press F5,

then you can F7 to step through the code or f9 to run till the breakpoint is reached again,,

use the debug options to see all the hotkeys for it,

one thing that caught me out a few times is using F5 to toggle breakpoints,

you have to be at the line of code you put the breakpoint on to toggle it on and off,,

at first I thought it was a straight on off toggle,

but if your not at the lines you've breakpointed, instead of switching a breakpoint off you set a new one,,

Shocked

BTW I can see you know what your doing,,

I used tsearch before cheat engine,,

and it does take quite a bit of time to find your way around it,,

there are a lot of options on it that just take a while to find,,

so I know what you mean,,

I like the speech on tsearch,,

have'nt used it in quite a while now though, but still got it tucked away,,

Snow1337 · Posted: Sat Oct 30, 2004 12:04 am Post subject:

I gave up on that game.. I had it all right....... I had health multi-pointered and restarted the game and it changed again..... there was no more pointers after 2.