 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
h3x1c
Master Cheater
 Reputation: 17
Joined: 27 Apr 2013
Posts: 306
|
 Posted: Sun Jul 24, 2016 11:16 am Post subject: Dynamic analysis tips for dealing with garbage collection? |
 |
|
I'm curious as to what some of the approaches are in regards to dealing with values that jump around through different memory addresses, such as with garbage collection. I've been puzzled by this for many months in a particular game where I'm trying to find a value that, every time it changes, it also changes addresses.
Would scanning physical memory help? Does the value actually stay in one location in physical memory but the virtual memory address is destroyed? That's probably a really stupid question, but I'm still not quite sure how something like garbage collection works where physical memory is concerned.
Anyway, in the event that there aren't any strings or obvious references to go by, is this basically the point where you avoid dynamic analysis and jump to static analysis?
I think I'm getting to a point in my learning where dynamic analysis just isn't the right approach; however, I'm interested in learning all that I can with how you COULD approach scenarios like this with dynamic analysis.
Thanks for any tips! 
_________________
|
|
| Back to top |
|
 |
Zanzer
I post too much
![]() Reputation: 126
Joined: 09 Jun 2013
Posts: 3278
|
| Posted: Sun Jul 24, 2016 12:21 pm Post subject: |
|
|
Probably not a very clean approach, but it can get the job done.
First do a search for the value that your address will become once you perform the action.
For example, say you are holding 100 sticks. You know you'll have 90 after you drop 10, so search for 90.
You can clean up the search some by performing actions that won't cause it to change and continuously rescan for 90.
Once you're ready, execute the following Lua to save all found addresses.
Since your stack does not equal 90 yet, these will be the addresses you remove from the future search.
| Code: | local found = getCurrentMemscan().FoundList
addr_check = {}
for i=0,found.Count-1,1 do
addr_check[found.Address[i]] = true
end |
Now cause your value to update by dropping those 10 sticks.
Perform a new scan to find all addresses containing the updated value, 90.
The following Lua script will go through the new scan and only add entries to your table that did not exist in the first.
| Code: | local addrlist = getAddressList()
local found = getCurrentMemscan().FoundList
for i=0,found.Count-1,1 do
if addr_check[found.Address[i]] == nil then
addrlist.createMemoryRecord().Address = found.Address[i]
end
end |
Hopefully there were only a few added entries.
When there are thousands of results, select the top half and change their value.
If it changed in game, delete the bottom half. Otherwise, delete the top half.
Repeat until you find the address that works.
I know... it's a terrible approach.
|
|
| Back to top |
|
|
h3x1c
Master Cheater
Reputation: 17
Joined: 27 Apr 2013
Posts: 306
|
| Posted: Sun Jul 24, 2016 12:29 pm Post subject: |
|
|
Neat idea; thanks for sharing, Zanzer! As far as it being a "terrible approach," at the very least, it's certainly better than no approach. And since Lua is quite new territory for me, it gives me a lot to consider, so this is great. Thanks!
_________________
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
