View previous topic :: View next topic |
Author |
Message |
cloudzero How do I cheat? Reputation: 0
Joined: 05 Dec 2010 Posts: 9 Location: US
|
Posted: Mon May 22, 2017 11:26 pm Post subject: Treat specific addresses as static, combine paths |
|
|
I found a pointer path: 0 1 2 3 4 5 6 7 8 9 10 11 12 13, with 0 being a static base address
The next pointer path I want to find appears to be to 25 offsets deep,
but I know for sure it's base static address and its first 12 offsets are exactly the same as the first path I found.
Is there a way to treat the address found at offset 12 as a static address?
That way my pointer scan would result as: 13 14 15 16 17 18 19 20 21 22 23 24 25.
Then I can connect the two results manually to get a path 0 to 25.
I can do two 13 level scans, because to get a path from 0 to 25 from a normal scan would take months and maybe a fried ssd.
Suggestions? Is this a feature request? |
|
Back to top |
|
|
FreeER Grandmaster Cheater Supreme Reputation: 53
Joined: 09 Aug 2013 Posts: 1091
|
Posted: Tue May 23, 2017 6:46 am Post subject: |
|
|
You could probably use the fact that nesting a value with an "address" of +480 will use the address of the parent +480, or with nested pointers leaving the base address empty and simply adding the offsets
While it doesn't look like it will work when you click ok you can see that it does
example CT code on tutorial step 2 (copy and click on CE address list and press ctrl+v)
Code: | <?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>2</ID>
<Description>"No description"</Description>
<LastState Value="018FF7D8" RealAddress="005FC5D0"/>
<ShowAsHex>1</ShowAsHex>
<VariableType>4 Bytes</VariableType>
<Address>"Tutorial-i386.exe"+1FC5D0</Address>
<CheatEntries>
<CheatEntry>
<ID>1</ID>
<Description>"No description"</Description>
<LastState Value="97" RealAddress="018FFC58"/>
<VariableType>4 Bytes</VariableType>
<Address/>
<Offsets>
<Offset>+480</Offset>
</Offsets>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatTable> |
|
|
Back to top |
|
|
cloudzero How do I cheat? Reputation: 0
Joined: 05 Dec 2010 Posts: 9 Location: US
|
Posted: Tue May 23, 2017 4:48 pm Post subject: |
|
|
FreeER wrote: | You could probably use the fact that nesting a value with an "address" of +480 will use the address of the parent +480, or with nested pointers leaving the base address empty and simply adding the offsets
While it doesn't look like it will work when you click ok you can see that it does
example CT code on tutorial step 2 (copy and click on CE address list and press ctrl+v)
Code: | <?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>2</ID>
<Description>"No description"</Description>
<LastState Value="018FF7D8" RealAddress="005FC5D0"/>
<ShowAsHex>1</ShowAsHex>
<VariableType>4 Bytes</VariableType>
<Address>"Tutorial-i386.exe"+1FC5D0</Address>
<CheatEntries>
<CheatEntry>
<ID>1</ID>
<Description>"No description"</Description>
<LastState Value="97" RealAddress="018FFC58"/>
<VariableType>4 Bytes</VariableType>
<Address/>
<Offsets>
<Offset>+480</Offset>
</Offsets>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatTable> |
|
I don't understand how this would help in scanning for a pointer path 25 offsets long.
If anything, there should be a "Pointers must START with specific offsets" option |
|
Back to top |
|
|
FreeER Grandmaster Cheater Supreme Reputation: 53
Joined: 09 Aug 2013 Posts: 1091
|
Posted: Tue May 23, 2017 5:02 pm Post subject: |
|
|
Ah, sorry I misunderstood. It wouldn't help in scanning, aka finding the offsets, but it would if you already knew them and didn't want to repeat the first 12 offsets.
I imagine you could simply use the "Base address must be in a specific range" and limit it to the address you want to use as your static address and uncheck the advanced option "Only find paths with a static address" option. Not something I've ever tried however since it's much easier to use scripts in the majority of cases or find the offsets manually by looking at how the code accesses the value. |
|
Back to top |
|
|
cloudzero How do I cheat? Reputation: 0
Joined: 05 Dec 2010 Posts: 9 Location: US
|
Posted: Tue May 23, 2017 10:25 pm Post subject: |
|
|
FreeER wrote: | find the offsets manually by looking at how the code accesses the value. |
Is there a tutorial for this?
And by the way, "only find paths with static address" is forced to be checked and unchecked with "base address must be in specific range". they can't be different |
|
Back to top |
|
|
|