|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
Abominas How do I cheat? Reputation: 0
Joined: 25 Jun 2015 Posts: 2
|
Posted: Thu Jul 07, 2016 5:03 am Post subject: Tutorial steps for part 8 don't work? CE 6.5.1 |
|
|
I don't know if this is me or a bug, but I can't find the pointer in step 8 following the steps in the tutorial, using CE 6.5.1.
I found the pointer with pointer scan, the pointer had offsets C, 14, 0, 18.
But why won't this way work?
Step 1: I find address, then use find what writes to this address.
Instruction:00425B5C - 89 46 18 - mov [esi+18],eax
pointer value 016B76A8.
Step 2: I find the first pointer, offset 18, it points to the right address, etc.
Step 3: I click on the pointer, find what accesses this address, click find what accesses this pointer...
press change value button, I get these two instructions:
00425B1A - 83 3E 00 - cmp dword ptr [esi],00
00425B1F - 8B 36 - mov esi,[esi]
Cmp doesn't make sense, and it doesn't find the right pointer either...
mov esi,[esi] works right? WRONG
The pointer value from this mov is also 016B76A8.
What did I do wrong??? I even followed this tutorial on youtube by David B.
( /watch?v=YTSbHsJs8xw )
|
|
Back to top |
|
|
ParkourPenguin I post too much Reputation: 140
Joined: 06 Jul 2014 Posts: 4299
|
Posted: Thu Jul 07, 2016 9:30 am Post subject: |
|
|
You didn't search for the cmp correctly if it didn't work. I'm not sure why you'd think it doesn't make sense either. It has the same offset as the other instruction that's accessing that address.
mov esi,[esi] is writing to the exact same register it's reading from. CE's guess may be incorrect in this case since the displayed registers are shown after the instruction has already been executed, hence why you're getting the same value.
Regardless, it's obvious the offset is 0 in this case (you said that yourself). Therefore, all you have to do is search for the address of the L1 pointer. Look at what address the value 016B76A8 is stored at, and search for it.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
Back to top |
|
|
Abominas How do I cheat? Reputation: 0
Joined: 25 Jun 2015 Posts: 2
|
Posted: Thu Jul 07, 2016 9:15 pm Post subject: |
|
|
I found the pointer! I added the offsets wrong. (<<<LOL NOOB)
Still, wonder what caused the instructions to change from what they were using CE 6.4?
Anyways, thanks. Time for step 9...
|
|
Back to top |
|
|
lisaK How do I cheat? Reputation: 0
Joined: 03 Oct 2016 Posts: 1
|
Posted: Mon Oct 03, 2016 6:20 am Post subject: |
|
|
Hi CE comunity,
I encounter the same problem but can't get it working!
I'm using CE 6.5.1.
1. I'm looking for the memory address which holds the value. 019B11B0.
2. Find out what writes to this address -> Change value.
00425B5C - 89 46 18 - mov [esi+18],eax
ESI=019B1198
3. I do hex search for 019B1198 and pick the closest address to 019B1198 which in my case is 019B1128.
4. I click 'Add address manually', check pointer and enter 019B1128 + Offset 18 which gets my P->019B11B0 and the correct value.
5. Find out what accesses this address -> Find out what accesses this pointer brings up the window 'the following opcodes accessed 019B1128' and the following opcodes:
00425B1A - 83 3E 00 - cmp dword ptr [esi],00
ESI=019B1128
and
00425B1F - 8B 36 - mov esi,[esi]
ESI=019B1198
In all the tutorials to CE 6.4 the get a mov eax, [esi] instruction when looking for what accesses the pointer and can go on from there.
Can somebody explain to me what I do wrong and how i can solve Step 8 under CE 6.5.1.
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25295 Location: The netherlands
|
Posted: Mon Oct 03, 2016 7:19 am Post subject: |
|
|
pick the first one and apply as offset 0
but to explain, notice the text that says register states are shown after execution
that means the register states are shown after mov esi, [esi] has been executed
esi was originally 019B1128, but after execution it got the value 019B1198
anyhow, don't look too much as the register, the offset is the important part. you know the address it accesses is 019b1128, you just did the debugging so you'd know the offset
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|