Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Cheat Engine Tutorial step 6 extra

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
kmonging
How do I cheat?
Reputation: 0

Joined: 02 Feb 2006
Posts: 4

PostPosted: Wed Feb 15, 2006 7:56 am    Post subject: Cheat Engine Tutorial step 6 extra Reply with quote

Hi, can anyone teach me how to find the base pointer that link to the change pointer button. thanks
Back to top
View user's profile Send private message
ExtremePK
Expert Cheater
Reputation: 0

Joined: 28 Jan 2006
Posts: 114
Location: Hell

PostPosted: Wed Feb 15, 2006 8:05 am    Post subject: Reply with quote

10) ( step 6 pointers )

a) right start a new scan like you did before, enter the tutorial value (it should be 100 again at the start of step 6 ),hit first scan in cheat engine, hit the change value button in the tutorial, enter the new value into cheat engine and hit the next scan button, I got one address so should you... double click on this address to add it to the address list like we did before,

b) right click on the address " find out what writes to this address"

c) click on the change value button in the tutorial, your line of that changed your address will appaer in the debugger window like it did last time,

d) in the debugger window make sure the line of code is highlighted and hit the MORE INFORMATION button (or just dowble click on the address line to do the same thing )

e) in the EXTRA INFO window you can see your line of code highlighted red, you can see the sentence under Copy Memory....." the value of the pointer needed to find this address is probably ".......... and your pointer address

mine was 008da364.. these are our addresses held in the EAX register.. so EAX holds 008da364, the brackets around EAX mean the CONTENTS of eax are being proccessed,

so [EAX]=[008da364]
and the contents of 008da364 on my search was 813,,,,

get it!! [EAX]=[008da364]=813,

/*also you can see the value held in the EDX register that is being moved into [EAX] is 32D,, that is the HEX eqivalent of 813 decimal..*/
...............................

f) now click the NEW SCAN button in cheat engine to start a fresh search .

g) click on the HEX value box to enable a hex search for your pointer address (addresses usually have hex values in them you see)..

h) clear the value box then enter your address you got from the EXTRA INFO window , you can leave the 2 zero's that were on the front of the address (remember mine was 008da364,,, well you can just use 8da364),

I) now click on the FIRST SCAN button, hopefully you will have one address, double click on the found address to add it to you code list...now in the address list click on the address part to open up the CHANGE ADDRESS dialogue box,

click on the pointer check box and re-enter the same address (8D2754) leave the OFFSET as zero,

the reason you need to re-enter the address as a pointer is so when you freeze the address, cheat engine knows that you want to freeze the contents of the address 8d2754 points to,,, otherwise it will just freeze the address 8d2752 which will not freeze your value,,

J) now click the ok button so it is now a pointer address in our address list,

notice that instead of showing 8DA7AC, it shows the value address 8DA7AC is holding..which is 3D2 in my picture.
which is the HEX equivilent of 813 decimal,, your value will be diffrerent..


k) ok to enable the next button you have to double click on the value part of your pointer address, change the value to 5000,


L) in the tutorial click on the CHANGE POINTER button,

now the next button will be enabled, click on that and you've finished the cheat engine tutorial HURRAAAHHH...

_________________
-.-"
Back to top
View user's profile Send private message Visit poster's website
ExtremePK
Expert Cheater
Reputation: 0

Joined: 28 Jan 2006
Posts: 114
Location: Hell

PostPosted: Wed Feb 15, 2006 8:07 am    Post subject: Reply with quote

Wink
_________________
-.-"
Back to top
View user's profile Send private message Visit poster's website
kmonging
How do I cheat?
Reputation: 0

Joined: 02 Feb 2006
Posts: 4

PostPosted: Wed Feb 15, 2006 8:38 am    Post subject: Reply with quote

Ooops, i think i did not explain clearly.

password to tutorial 6: 098712
extra:
In this tutorial the value is actually pointed to by a pointer to a pointer, but to finish this tutorial only 1 pointer will be
needed. To find the pointer to this pointer, just search for what changes the value of the pointer.

however my question is how to find out the base pointer. thanks anyway
Back to top
View user's profile Send private message
me
Grandmaster Cheater
Reputation: 2

Joined: 24 Jun 2004
Posts: 733
Location: location location

PostPosted: Wed Feb 15, 2006 6:34 pm    Post subject: Reply with quote

well in the tutorial you can see that above the code that holds the pointer eax get loaded with the contents held by the stack register ebp-4

mov eax,[edp-4] .......................then eax gets passed the contents of the address eax is holding plus a offset of 310..

mov eax,[eax+310] .....................

(you don't have to put all the zero's in front of the 310 offset that you see in the disassembler window),

the upshot of it is, that to get to the static base pointer you will most likely have to learn how to step through the code useing the debugger in the memory view window,

you can always try to find the pointer using dark bytes built in function to find the base pointer,,
that will do an alful lot of work for you,

you need to find your first pointer , then right click on it, you will see a new option has been added called TRY TO FIND BAS POINTER, click on that and follow the instructions,,
the second picture here shows you the enabled base pointer finder



more pointer stuff.JPG
 Description:
takes a bit of practice messing about in the debugger
 Filesize:  128.19 KB
 Viewed:  49552 Time(s)

more pointer stuff.JPG



_________________
Back to top
View user's profile Send private message
me
Grandmaster Cheater
Reputation: 2

Joined: 24 Jun 2004
Posts: 733
Location: location location

PostPosted: Wed Feb 15, 2006 8:59 pm    Post subject: Reply with quote

tut tut , I do get lazy sometimes,, still was a long tutorial and had enough of it at the time,. but made good at last,
one more hex search and we get down to the nitty gritty , cheat engine has the option to add address with the module name and the offset so you can use this as it is shown,

you can go deeper into it with another hex scan to find ...458ea0 holds 45ac14.. and that is also coloured green to show its static,,

you can add 45ac14 manually to the address list , then when you double click on the this address over 45ac14, you will get the change address box with the module and offset as shown,,



static address.JPG
 Description:
 Filesize:  86.83 KB
 Viewed:  49539 Time(s)

static address.JPG



static base.JPG
 Description:
 Filesize:  33.19 KB
 Viewed:  49537 Time(s)

static base.JPG



_________________
Back to top
View user's profile Send private message
me
Grandmaster Cheater
Reputation: 2

Joined: 24 Jun 2004
Posts: 733
Location: location location

PostPosted: Wed Feb 15, 2006 9:46 pm    Post subject: Reply with quote

sigh takes a while typing this lot up a painting at the same time


got our code address.JPG
 Description:
 Filesize:  115.08 KB
 Viewed:  49535 Time(s)

got our code address.JPG



_________________
Back to top
View user's profile Send private message
me
Grandmaster Cheater
Reputation: 2

Joined: 24 Jun 2004
Posts: 733
Location: location location

PostPosted: Wed Feb 15, 2006 9:50 pm    Post subject: Reply with quote

anyway you can see why I left it simpler in the original tutorial,
would be a bit heavy for a first timer to go from zero to this level in one go

_________________
Back to top
View user's profile Send private message
hrnyshrimp
How do I cheat?
Reputation: 0

Joined: 18 Feb 2006
Posts: 4

PostPosted: Tue Feb 21, 2006 5:40 pm    Post subject: Reply with quote

ok i so giver up i will be no good at hacking i just don't understand any of it Sad
there has to be an easier way for people like me lol
Back to top
View user's profile Send private message
Dahde
Newbie cheater
Reputation: 0

Joined: 26 Feb 2008
Posts: 12

PostPosted: Wed Feb 27, 2008 5:48 am    Post subject: Reply with quote

ExtremePK wrote:


I) now click on the FIRST SCAN button, hopefully you will have one address, double click on the found address to add it to you code list...now in the address list click on the address part to open up the CHANGE ADDRESS dialogue box,



And if it does not appear??

I got my pointer value 00000291
Hex 00000123

And nothing appears when I scan for it...

What should I do?

P.S. I can t post a link to the image, getting blocked...
i31.tinypic [dot] com/296cd4w.gif
Back to top
View user's profile Send private message
Labyrnth
Moderator
Reputation: 9

Joined: 28 Nov 2006
Posts: 6285

PostPosted: Wed Feb 27, 2008 11:54 am    Post subject: Reply with quote

Read the tut again, You got off track somewheres.
Your offset should match what is in the tutorial.

_________________

Back to top
View user's profile Send private message
fade2gray
Newbie cheater
Reputation: 0

Joined: 01 Oct 2010
Posts: 12

PostPosted: Fri Oct 01, 2010 12:27 pm    Post subject: Reply with quote

Hey guys,

I've just installed 5.6.1 and attempted to follow the supplied tutorial but got impossibly stuck on step 6.

The tutorial tells you to ...
Tutorial wrote:
First find the address of the value. When you've found it use the function to find out what accesses this address. (Instead of "find out what writes to this address.)"


Otherwise, great stuff.
Back to top
View user's profile Send private message
uzumaki19
Newbie cheater
Reputation: 0

Joined: 12 May 2011
Posts: 11

PostPosted: Sun May 29, 2011 7:39 am    Post subject: Reply with quote

fade2gray wrote:
Hey guys,

I've just installed 5.6.1 and attempted to follow the supplied tutorial but got impossibly stuck on step 6.

The tutorial tells you to ...
Tutorial wrote:
First find the address of the value. When you've found it use the function to find out what accesses this address. (Instead of "find out what writes to this address.)"


Otherwise, great stuff.



me 2 and i dont understand this
If the assembler instruction doesn't have anything between a '[' and ']' then use another item in the list.
Very Happy

_________________
backyard cheater
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites