Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Pointer Tutorial
Goto page 1, 2, 3, 4, 5, 6, 7, 8  Next
 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials -> Pointer tutorials
View previous topic :: View next topic  
Author Message
Glest
Master Cheater
Reputation: 0

Joined: 12 Jul 2006
Posts: 334
Location: The Netherlands

PostPosted: Fri Sep 08, 2006 7:32 am    Post subject: Pointer Tutorial Reply with quote

this was originaly a replie I never posted... Since the server went down this morning (or whatever happend).

---------To find a pointer:
Say you got an adress, doesn't matter what, but let's say it's for health. Right click it and select "find out what writes to this pointer". Get hit.
You'll have some code, maybe more pieces... they could be something like this:
Code:
dec [eax+65]
mov [eci+65],300
inc [eax+65]


So, clearly, there is something with the 65. It is the offset. Now, if you double click one of those lines, a window will pop-up. It will tell you the values of eax,eci and all the others. Find the one that you need (for the first it would be eax, the second eci and third eax again). Now, start a new scan, 4 bytes and tick the box HEX. Scan for the value that we just looked up.

Worst case scenario: you get thousends of adresses.
Best: you get one
If you get one adress it's simple... If you got more it gets a bit harder. Anyway, look for green adresses in the search list. They are static (meaning that it doesn't change). If there are no greens, than just continue with a black one.

Click the button "add manualy". Check the box pointer and enter the adress we just found. In offset, enter 65. Done.

Now, if you didn't have a green adress, repeat for the pointer from the beginning. But make sure you find out what writes to the pointer, not the value pointed to.


--------
There is another way... Let's say you found this:
mov [eax+65],300
And you can't seem to find a pointer. Click "show assembler". The top most line is the code we found. Scroll up a bit, and you might find a line writing to eax.. for example, you might see this:
Code:
mov eax,0026F286
mov [eax+65],300

Now you need to know what [] is for. When something is between [], it meens it is treated as a pointer.
so
Code:
mov eax,300      //moves 300 into eax
mov[eax],300             //moves 300 into the adress stored in eax.


Back to the example. eax now holds 0026F286. It might be an adress (and it is in this case)
Now, "mov [eax],300" will write to the adress stored in eax, wich we just saw. So, our pointer has to be 0026F286 with offset 65.

--------------------
it is also possible to treat adresses as pointers, instead of registers. So

mov [0026F286],300

is the same as

mov eax,0026F286
mov [eax],300

The problem with this way is that you can't use an offset.. unles "mov [0026F286]+65,300" is allowed. But I don't know that for sure...

_________________
Keyboard Piano
www.keyboard-piano.com

Reprograming in C++
Computer Piano
*Not done yet*
Back to top
View user's profile Send private message Visit poster's website
Pory
Advanced Cheater
Reputation: 0

Joined: 13 Aug 2005
Posts: 55

PostPosted: Fri Sep 08, 2006 10:22 am    Post subject: Reply with quote

Thank you so much for this! I'm having a hell of a time with pointers in Far Cry. Sad

EDIT: One thing though... this is what I get when I "view what writes to this address" for health, ammo, etc...

35501275 - 89 01 - mov [ecx],eax

Any help would be greatly appreciated, thanks. Smile

EDIT #2: Also...

"The value of the pointer needed to find the address is probably 1824418C"

But when I scan for that I get no results. I don't understand pointers at all, I have very little ASM knowledge (I only know the number converting system and a little about how the registers work.)

Here's a screenshot if it helps any...


_________________
<+billy_s> im taking a break from programming and trying to escape the world of geekness and then winamp brings up "Norah Jones - Pointer Song" GODAMN IT LEAVE ME ALONE
Back to top
View user's profile Send private message AIM Address
Glest
Master Cheater
Reputation: 0

Joined: 12 Jul 2006
Posts: 334
Location: The Netherlands

PostPosted: Fri Sep 08, 2006 3:34 pm    Post subject: Reply with quote

well, first of all, you might wonder what the offset is. It should be 0. Do keep in in dthat when you don't fill in anything in the offset field (in add adress manualy), your pointer wont work. It really needs to contain a zero.

The value you'll have to scan for should be 1824418C in hexadeciml. Did tick the box "Hex" when scanning for the pointer's adress?


If you did, and you still can't find it that means the game builds up the pointer. You'll have to browse in the disasembler to find out how ecx got to be what it got to be. So, you scroll up from the command nd write down every command writing to ecx.

If you can't you'll have to use assembler to eliminate the need of a pointer, or maybe just some simple nop's.

_________________
Keyboard Piano
www.keyboard-piano.com

Reprograming in C++
Computer Piano
*Not done yet*
Back to top
View user's profile Send private message Visit poster's website
Pory
Advanced Cheater
Reputation: 0

Joined: 13 Aug 2005
Posts: 55

PostPosted: Fri Sep 08, 2006 7:19 pm    Post subject: Reply with quote

Glest wrote:
If you did, and you still can't find it that means the game builds up the pointer. You'll have to browse in the disasembler to find out how ecx got to be what it got to be. So, you scroll up from the command nd write down every command writing to ecx.

If you can't you'll have to use assembler to eliminate the need of a pointer, or maybe just some simple nop's.


Know of any tutorials that could help me better understand this?

_________________
<+billy_s> im taking a break from programming and trying to escape the world of geekness and then winamp brings up "Norah Jones - Pointer Song" GODAMN IT LEAVE ME ALONE
Back to top
View user's profile Send private message AIM Address
bluehairman
Expert Cheater
Reputation: 0

Joined: 10 Sep 2006
Posts: 218
Location: Athomedonigstuffthatyounotneedknow

PostPosted: Tue Sep 12, 2006 6:23 pm    Post subject: Reply with quote

i have the same problem as pory Sad. (or what you put for no addresses showing up)
_________________
Lol... Legit hack pack... Legit and Hack just don't go together... FoOlS
Back to top
View user's profile Send private message Visit poster's website AIM Address
Glest
Master Cheater
Reputation: 0

Joined: 12 Jul 2006
Posts: 334
Location: The Netherlands

PostPosted: Tue Sep 12, 2006 11:36 pm    Post subject: Reply with quote

I'll write a tutorial on finding pointers by browsing the dissasembler when I get back from school. Smile
_________________
Keyboard Piano
www.keyboard-piano.com

Reprograming in C++
Computer Piano
*Not done yet*
Back to top
View user's profile Send private message Visit poster's website
dEagle
Expert Cheater
Reputation: 0

Joined: 17 Jun 2006
Posts: 225
Location: CheatEngine Forum

PostPosted: Sat Sep 16, 2006 2:56 am    Post subject: Reply with quote

OMFG Thanks Man! It Really Helped Me Out! With Finding pointers Laughing
Back to top
View user's profile Send private message
Thebug247
Advanced Cheater
Reputation: 0

Joined: 17 Oct 2006
Posts: 55

PostPosted: Tue Oct 17, 2006 8:15 pm    Post subject: Reply with quote

thx for making this tutorial help me a lot, but I have one problem though. I found the pointer and everything, but even though I freeze the value, my lifepoint on the game still goes down. I tried the "replace address that does nothing" option but it gives me this error

"Access violation at address xxxxxxxx in module 'DualEngine.exe'. Read of address xxxxxxxx."

Is there any other way to do this Question Question
Back to top
View user's profile Send private message
Glest
Master Cheater
Reputation: 0

Joined: 12 Jul 2006
Posts: 334
Location: The Netherlands

PostPosted: Sat Oct 21, 2006 2:36 am    Post subject: Reply with quote

what game is it? Cause if you're using Dual Engine it's probably an online game... And thus it may be serversided.
_________________
Keyboard Piano
www.keyboard-piano.com

Reprograming in C++
Computer Piano
*Not done yet*
Back to top
View user's profile Send private message Visit poster's website
lllll
Newbie cheater
Reputation: 0

Joined: 08 Oct 2006
Posts: 22

PostPosted: Sun Oct 22, 2006 11:20 am    Post subject: Reply with quote

a question do I really need to search with 4 byte becaus its a flash player game and with 4 byte i will not find any address??
Back to top
View user's profile Send private message
Glest
Master Cheater
Reputation: 0

Joined: 12 Jul 2006
Posts: 334
Location: The Netherlands

PostPosted: Sun Oct 22, 2006 1:49 pm    Post subject: Reply with quote

I'm not sure if flash games use pointers... Anyway, you won't find any valid pointer if you open it with your browser (I think).
_________________
Keyboard Piano
www.keyboard-piano.com

Reprograming in C++
Computer Piano
*Not done yet*
Back to top
View user's profile Send private message Visit poster's website
Alcatis
Newbie cheater
Reputation: 0

Joined: 22 Oct 2006
Posts: 14

PostPosted: Sun Oct 22, 2006 2:05 pm    Post subject: Reply with quote

Flash games does not use pointers.
Back to top
View user's profile Send private message
me
Grandmaster Cheater
Reputation: 2

Joined: 24 Jun 2004
Posts: 733
Location: location location

PostPosted: Sun Oct 29, 2006 8:53 am    Post subject: Reply with quote

Pory wrote:
Thank you so much for this! I'm having a hell of a time with pointers in Far Cry. Sad

EDIT: One thing though... this is what I get when I "view what writes to this address" for health, ammo, etc...

35501275 - 89 01 - mov [ecx],eax

Any help would be greatly appreciated, thanks. Smile

EDIT #2: Also...

"The value of the pointer needed to find the address is probably 1824418C"

But when I scan for that I get no results. I don't understand pointers at all, I have very little ASM knowledge (I only know the number converting system and a little about how the registers work.)

Here's a screenshot if it helps any...



esp is a stack pointer,
cant see all your code there but the call before ecx is loaded with the stack pointer might have the code that pushes or mov's your address you neeed onto the stack..........

_________________
Back to top
View user's profile Send private message
Ulixes
How do I cheat?
Reputation: 0

Joined: 12 Dec 2006
Posts: 4

PostPosted: Tue Dec 12, 2006 10:52 am    Post subject: Reply with quote

Can you explicate me what is a pointer and how i can find it?
I've read something, but i didn't understand a lot, cause i do not know assembler and so other things that you do like drink.
What is the correct pointer address if I've found more than a value??
Thanks Very Happy
Back to top
View user's profile Send private message
Thebug247
Advanced Cheater
Reputation: 0

Joined: 17 Oct 2006
Posts: 55

PostPosted: Tue Dec 26, 2006 6:38 am    Post subject: Reply with quote

hello, im trying to find a pointer but. I cant find it I dont know what im doing wrong here's what i got so far.

>>51406e7b - mov eax,[ebx+20]

EAX=00000161 EDX=77C60440 ESP=0012EBD8
EBX=0DF919DC ESI=00000000 EBP=0012EC44
ECX=0012EC1C EDI=0012EC2C EIP=51406E7E

now I think 20 should be the offset now what hex should i search for????
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials -> Pointer tutorials All times are GMT - 6 Hours
Goto page 1, 2, 3, 4, 5, 6, 7, 8  Next
Page 1 of 8

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites