Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Tutorial steps for part 8 don't work? CE 6.5.1

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
Abominas
How do I cheat?
Reputation: 0

Joined: 25 Jun 2015
Posts: 2

PostPosted: Thu Jul 07, 2016 5:03 am    Post subject: Tutorial steps for part 8 don't work? CE 6.5.1 Reply with quote

I don't know if this is me or a bug, but I can't find the pointer in step 8 following the steps in the tutorial, using CE 6.5.1.
I found the pointer with pointer scan, the pointer had offsets C, 14, 0, 18.
But why won't this way work?

Step 1: I find address, then use find what writes to this address.
Instruction:00425B5C - 89 46 18 - mov [esi+18],eax
pointer value 016B76A8.

Step 2: I find the first pointer, offset 18, it points to the right address, etc.

Step 3: I click on the pointer, find what accesses this address, click find what accesses this pointer...
press change value button, I get these two instructions:
00425B1A - 83 3E 00 - cmp dword ptr [esi],00
00425B1F - 8B 36 - mov esi,[esi]

Cmp doesn't make sense, and it doesn't find the right pointer either...
mov esi,[esi] works right? WRONG
The pointer value from this mov is also 016B76A8.
What did I do wrong??? I even followed this tutorial on youtube by David B.
( /watch?v=YTSbHsJs8xw )
Back to top
View user's profile Send private message
ParkourPenguin
Grandmaster Cheater Supreme
Reputation: 51

Joined: 06 Jul 2014
Posts: 1739
Location: Arcadian Suburbia

PostPosted: Thu Jul 07, 2016 9:30 am    Post subject: Reply with quote

You didn't search for the cmp correctly if it didn't work. I'm not sure why you'd think it doesn't make sense either. It has the same offset as the other instruction that's accessing that address.

mov esi,[esi] is writing to the exact same register it's reading from. CE's guess may be incorrect in this case since the displayed registers are shown after the instruction has already been executed, hence why you're getting the same value.

Regardless, it's obvious the offset is 0 in this case (you said that yourself). Therefore, all you have to do is search for the address of the L1 pointer. Look at what address the value 016B76A8 is stored at, and search for it.

_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
Abominas
How do I cheat?
Reputation: 0

Joined: 25 Jun 2015
Posts: 2

PostPosted: Thu Jul 07, 2016 9:15 pm    Post subject: Reply with quote

I found the pointer! I added the offsets wrong. (<<<LOL NOOB)
Still, wonder what caused the instructions to change from what they were using CE 6.4?
Anyways, thanks. Time for step 9...
Back to top
View user's profile Send private message
lisaK
How do I cheat?
Reputation: 0

Joined: 03 Oct 2016
Posts: 1

PostPosted: Mon Oct 03, 2016 6:20 am    Post subject: Reply with quote

Hi CE comunity,
I encounter the same problem but can't get it working!
I'm using CE 6.5.1.

1. I'm looking for the memory address which holds the value. 019B11B0.
2. Find out what writes to this address -> Change value.
00425B5C - 89 46 18 - mov [esi+18],eax
ESI=019B1198
3. I do hex search for 019B1198 and pick the closest address to 019B1198 which in my case is 019B1128.
4. I click 'Add address manually', check pointer and enter 019B1128 + Offset 18 which gets my P->019B11B0 and the correct value.
5. Find out what accesses this address -> Find out what accesses this pointer brings up the window 'the following opcodes accessed 019B1128' and the following opcodes:

00425B1A - 83 3E 00 - cmp dword ptr [esi],00
ESI=019B1128

and

00425B1F - 8B 36 - mov esi,[esi]
ESI=019B1198

In all the tutorials to CE 6.4 the get a mov eax, [esi] instruction when looking for what accesses the pointer and can go on from there.

Can somebody explain to me what I do wrong and how i can solve Step 8 under CE 6.5.1.
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 338

Joined: 09 May 2003
Posts: 19891
Location: The netherlands

PostPosted: Mon Oct 03, 2016 7:19 am    Post subject: Reply with quote

pick the first one and apply as offset 0

but to explain, notice the text that says register states are shown after execution
that means the register states are shown after mov esi, [esi] has been executed

esi was originally 019B1128, but after execution it got the value 019B1198

anyhow, don't look too much as the register, the offset is the important part. you know the address it accesses is 019b1128, you just did the debugging so you'd know the offset

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Back to top
View user's profile Send private message MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites