Cheat Engine

Onelio · Newbie cheater Reputation: 0 Joined: 22 Mar 2016 Posts: 20

Am... I'm not sure.. But the game "load" it when it's running so I think that it's dynamically allocated.
This dynamic string is just a path that added to the domain make another url that download more data.

That is why I want both of the strings, the static and the dynamic one.
(Forget about the static one, I'm just mean it for explaining better where is the dynamic one)
I've tryed using WireShark to detect the dynamic path everytime the game download it and then I tryed to scan the memory searching for the offset but it always show 0 in the second scan...

ParkourPenguin · Posted: Thu Mar 24, 2016 6:22 pm Post subject:

Ok, search for the string using CE. Find the string and bring it down to the address list. Double click on the number under the "Address" column. If the same number is there, then it was dynamically allocated. If it shows something like derp.dll+DAF7, then it is a static address.

Try searching for the address of the string directly. Set the value type to 4 bytes, check the "Hex" checkbox, set the "Writable" and "Executable" checkboxes to grey (neither checked nor unchecked), and uncheck the "Fast Scan" checkbox. If anything pops up, disassemble that region and see if it looks like it's valid asm. If it is, then you should be able to copy the address of that instruction to some registered symbol just by using an AoB scan. You might be able to even if it's not valid asm, but try to find something that is.

Onelio · Newbie cheater Reputation: 0 Joined: 22 Mar 2016 Posts: 20

I've restarted the computer many times but I'm still getting more than 10.000 results... Am I missing something?

ParkourPenguin · Posted: Fri Mar 25, 2016 11:09 am Post subject:

No; that many results is pretty common. Just pick one and it should work for you. I generally go for the pointers with the lowest number of offsets and/or those in an important-looking module (i.e. the exe). You can also rescan the list at different points in the game. For example, rescan it when you start the game up, after you've played it for a while, and after you're ready to quit.

Those pointers should work for you; however, if you want a pointer that should also work for other people, you should rescan that list on another computer.

Onelio · Newbie cheater Reputation: 0 Joined: 22 Mar 2016 Posts: 20

One thing more, Some of the items in my list have as baseaddress "ThreadSTACK0"...
What this mean? Usually they should be more like "Process.exe"

ParkourPenguin · Posted: Fri Mar 25, 2016 11:59 am Post subject:

Threadstack addresses reside pretty low in the stack of the first few threads. These addresses are unlikely to change and as such can sometimes be treated as static addresses. Add it to your cheat table and see what's being written to it (if anything) to make sure that it's reasonably safe to use.

Onelio · Newbie cheater Reputation: 0 Joined: 22 Mar 2016 Posts: 20

Mm.. I thnk I will pass of using them xD.

WilliamW1979 · How do I cheat? Reputation: 0 Joined: 08 May 2020 Posts: 1

I was going nuts trying to figure out why I couldn't find a pointer, but your advice let me fine them all when I increased the offset searches. I appreciate this help, even if it is 4 years old it is still great advice that works today! Just in case anyone searches and finds this, they know it still works! Thanks again!