Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


what is pointer? it means?

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials -> Pointer tutorials
View previous topic :: View next topic  
Author Message
Radium93
How do I cheat?
Reputation: 0

Joined: 20 Jan 2010
Posts: 6

PostPosted: Fri Jan 22, 2010 4:50 am    Post subject: Reply with quote

this was originaly a replie I never posted... Since the server went down this morning (or whatever happend).

---------To find a pointer:
Say you got an adress, doesn't matter what, but let's say it's for health. Right click it and select "find out what writes to this pointer". Get hit.
You'll have some code, maybe more pieces... they could be something like this:
Code:
dec [eax+65]
mov [eci+65],300
inc [eax+65]


So, clearly, there is something with the 65. It is the offset. Now, if you double click one of those lines, a window will pop-up. It will tell you the values of eax,eci and all the others. Find the one that you need (for the first it would be eax, the second eci and third eax again). Now, start a new scan, 4 bytes and tick the box HEX. Scan for the value that we just looked up.

Worst case scenario: you get thousends of adresses.
Best: you get one
If you get one adress it's simple... If you got more it gets a bit harder. Anyway, look for green adresses in the search list. They are static (meaning that it doesn't change). If there are no greens, than just continue with a black one.

Click the button "add manualy". Check the box pointer and enter the adress we just found. In offset, enter 65. Done.

Now, if you didn't have a green adress, repeat for the pointer from the beginning. But make sure you find out what writes to the pointer, not the value pointed to.


--------
There is another way... Let's say you found this:
mov [eax+65],300
And you can't seem to find a pointer. Click "show assembler". The top most line is the code we found. Scroll up a bit, and you might find a line writing to eax.. for example, you might see this:
Code:
mov eax,0026F286
mov [eax+65],300

Now you need to know what [] is for. When something is between [], it meens it is treated as a pointer.
so
Code:
mov eax,300 //moves 300 into eax
mov[eax],300 //moves 300 into the adress stored in eax.


Back to the example. eax now holds 0026F286. It might be an adress (and it is in this case)
Now, "mov [eax],300" will write to the adress stored in eax, wich we just saw. So, our pointer has to be 0026F286 with offset 65.

--------------------
it is also possible to treat adresses as pointers, instead of registers. So

mov [0026F286],300

is the same as

mov eax,0026F286
mov [eax],300

The problem with this way is that you can't use an offset.. unles "mov [0026F286]+65,300" is allowed. But I don't know that for sure...
Back to top
View user's profile Send private message
Xenico
Advanced Cheater
Reputation: 0

Joined: 27 Dec 2009
Posts: 94

PostPosted: Fri Jan 22, 2010 8:38 am    Post subject: Reply with quote

The short way:
The position were the data is stored is called the address. You can - in this case - say that the data is synonym for value.
The pointer is just a type of a variable which owns an address and its value is also an adress. The address of the described variable can be given to the pointer and then it's possible to access the value via the pointer.
-> A pointer's job is just the pointing.

_________________
Back to top
View user's profile Send private message
shawnpeter
How do I cheat?
Reputation: 0

Joined: 21 Jan 2010
Posts: 0

PostPosted: Fri Jan 22, 2010 9:29 pm    Post subject: Reply with quote

thanks to all both guys. i understand a little
Back to top
View user's profile Send private message
Penlord
Newbie cheater
Reputation: 0

Joined: 13 Feb 2010
Posts: 15

PostPosted: Sun Feb 14, 2010 9:18 am    Post subject: Reply with quote

I understand the information provided very well. Now I am just wondering how useful pointers are compared to regular code searching and editing.
Back to top
View user's profile Send private message
SimpleSam
How do I cheat?
Reputation: 0

Joined: 25 Jul 2010
Posts: 3

PostPosted: Tue Jul 27, 2010 10:20 pm    Post subject: Reply with quote

I thought in Memory there were only Addresses and values(Addresses hold values). Where does the code come in? I mean do addresses also store code to take actions? I'm probably looking at this at a wrong angle.


Example:
Code:
dec [eax+65]
mov [eci+65],300
inc [eax+65]
Back to top
View user's profile Send private message
XaLeX
Expert Cheater
Reputation: 0

Joined: 19 Aug 2008
Posts: 226

PostPosted: Sat Jul 31, 2010 6:49 pm    Post subject: Reply with quote

Addresses hold values. Values can be data or code.

Let's say you have code
Code:
dec [eax+65]
at address 00400000.
The opcodes are FF 48 65.

If you memory browse address 400000 (as if it were data), it will hold the values FF 48 65.
Back to top
View user's profile Send private message
justa_dude
Grandmaster Cheater
Reputation: 23

Joined: 29 Jun 2010
Posts: 891

PostPosted: Sat Jul 31, 2010 8:10 pm    Post subject: Reply with quote

Haha, but an address /is/ a value, too. I remember reading about a hacker named Mel who wrote code for Royal McBee on machines that used rotating drums for memory. He knew the speed of the drum's rotation relative to the speed of code execution and would pick up pieces of code for static values. God, I sure wouldn't want to have to debug that!!

Cheers,
adude
Back to top
View user's profile Send private message
SimpleSam
How do I cheat?
Reputation: 0

Joined: 25 Jul 2010
Posts: 3

PostPosted: Wed Aug 04, 2010 6:26 pm    Post subject: Reply with quote

XaLeX wrote:
Addresses hold values. Values can be data or code.

Let's say you have code
Code:
dec [eax+65]
at address 00400000.
The opcodes are FF 48 65.

If you memory browse address 400000 (as if it were data), it will hold the values FF 48 65.


Yea except I don't know what "FF 48 65". Aren't they bytes in a hexadecimal format? I don't know what to make of them or how they are used in memory.
Back to top
View user's profile Send private message
kinglitter
How do I cheat?
Reputation: 0

Joined: 04 Apr 2009
Posts: 4

PostPosted: Sat Oct 23, 2010 1:09 am    Post subject: wow Reply with quote

ive been so confused for a long time and its my fault i didnt search around thanks for this i finally understand
Back to top
View user's profile Send private message
BorutO
How do I cheat?
Reputation: 0

Joined: 29 Jun 2016
Posts: 5

PostPosted: Sat Jul 30, 2016 12:39 pm    Post subject: Reply with quote

is somewhere on YouTube very good tutorial how to find this address from step by step for amateur users? I know hacking games only with 2-8bytes and strings ... and changed value, that's all.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials -> Pointer tutorials All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites