|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
kmonging How do I cheat? Reputation: 0
Joined: 02 Feb 2006 Posts: 4
|
Posted: Wed Feb 15, 2006 7:56 am Post subject: Cheat Engine Tutorial step 6 extra |
|
|
Hi, can anyone teach me how to find the base pointer that link to the change pointer button. thanks
|
|
Back to top |
|
|
ExtremePK Expert Cheater Reputation: 0
Joined: 28 Jan 2006 Posts: 114 Location: Hell
|
Posted: Wed Feb 15, 2006 8:05 am Post subject: |
|
|
10) ( step 6 pointers )
a) right start a new scan like you did before, enter the tutorial value (it should be 100 again at the start of step 6 ),hit first scan in cheat engine, hit the change value button in the tutorial, enter the new value into cheat engine and hit the next scan button, I got one address so should you... double click on this address to add it to the address list like we did before,
b) right click on the address " find out what writes to this address"
c) click on the change value button in the tutorial, your line of that changed your address will appaer in the debugger window like it did last time,
d) in the debugger window make sure the line of code is highlighted and hit the MORE INFORMATION button (or just dowble click on the address line to do the same thing )
e) in the EXTRA INFO window you can see your line of code highlighted red, you can see the sentence under Copy Memory....." the value of the pointer needed to find this address is probably ".......... and your pointer address
mine was 008da364.. these are our addresses held in the EAX register.. so EAX holds 008da364, the brackets around EAX mean the CONTENTS of eax are being proccessed,
so [EAX]=[008da364]
and the contents of 008da364 on my search was 813,,,,
get it!! [EAX]=[008da364]=813,
/*also you can see the value held in the EDX register that is being moved into [EAX] is 32D,, that is the HEX eqivalent of 813 decimal..*/
...............................
f) now click the NEW SCAN button in cheat engine to start a fresh search .
g) click on the HEX value box to enable a hex search for your pointer address (addresses usually have hex values in them you see)..
h) clear the value box then enter your address you got from the EXTRA INFO window , you can leave the 2 zero's that were on the front of the address (remember mine was 008da364,,, well you can just use 8da364),
I) now click on the FIRST SCAN button, hopefully you will have one address, double click on the found address to add it to you code list...now in the address list click on the address part to open up the CHANGE ADDRESS dialogue box,
click on the pointer check box and re-enter the same address (8D2754) leave the OFFSET as zero,
the reason you need to re-enter the address as a pointer is so when you freeze the address, cheat engine knows that you want to freeze the contents of the address 8d2754 points to,,, otherwise it will just freeze the address 8d2752 which will not freeze your value,,
J) now click the ok button so it is now a pointer address in our address list,
notice that instead of showing 8DA7AC, it shows the value address 8DA7AC is holding..which is 3D2 in my picture.
which is the HEX equivilent of 813 decimal,, your value will be diffrerent..
k) ok to enable the next button you have to double click on the value part of your pointer address, change the value to 5000,
L) in the tutorial click on the CHANGE POINTER button,
now the next button will be enabled, click on that and you've finished the cheat engine tutorial HURRAAAHHH...
_________________
-.-" |
|
Back to top |
|
|
ExtremePK Expert Cheater Reputation: 0
Joined: 28 Jan 2006 Posts: 114 Location: Hell
|
|
Back to top |
|
|
kmonging How do I cheat? Reputation: 0
Joined: 02 Feb 2006 Posts: 4
|
Posted: Wed Feb 15, 2006 8:38 am Post subject: |
|
|
Ooops, i think i did not explain clearly.
password to tutorial 6: 098712
extra:
In this tutorial the value is actually pointed to by a pointer to a pointer, but to finish this tutorial only 1 pointer will be
needed. To find the pointer to this pointer, just search for what changes the value of the pointer.
however my question is how to find out the base pointer. thanks anyway
|
|
Back to top |
|
|
me Grandmaster Cheater Reputation: 2
Joined: 24 Jun 2004 Posts: 733 Location: location location
|
Posted: Wed Feb 15, 2006 6:34 pm Post subject: |
|
|
well in the tutorial you can see that above the code that holds the pointer eax get loaded with the contents held by the stack register ebp-4
mov eax,[edp-4] .......................then eax gets passed the contents of the address eax is holding plus a offset of 310..
mov eax,[eax+310] .....................
(you don't have to put all the zero's in front of the 310 offset that you see in the disassembler window),
the upshot of it is, that to get to the static base pointer you will most likely have to learn how to step through the code useing the debugger in the memory view window,
you can always try to find the pointer using dark bytes built in function to find the base pointer,,
that will do an alful lot of work for you,
you need to find your first pointer , then right click on it, you will see a new option has been added called TRY TO FIND BAS POINTER, click on that and follow the instructions,,
the second picture here shows you the enabled base pointer finder
Description: |
takes a bit of practice messing about in the debugger |
|
Filesize: |
128.19 KB |
Viewed: |
49552 Time(s) |
|
_________________
|
|
Back to top |
|
|
me Grandmaster Cheater Reputation: 2
Joined: 24 Jun 2004 Posts: 733 Location: location location
|
Posted: Wed Feb 15, 2006 8:59 pm Post subject: |
|
|
tut tut , I do get lazy sometimes,, still was a long tutorial and had enough of it at the time,. but made good at last,
one more hex search and we get down to the nitty gritty , cheat engine has the option to add address with the module name and the offset so you can use this as it is shown,
you can go deeper into it with another hex scan to find ...458ea0 holds 45ac14.. and that is also coloured green to show its static,,
you can add 45ac14 manually to the address list , then when you double click on the this address over 45ac14, you will get the change address box with the module and offset as shown,,
Description: |
|
Filesize: |
86.83 KB |
Viewed: |
49539 Time(s) |
|
Description: |
|
Filesize: |
33.19 KB |
Viewed: |
49537 Time(s) |
|
_________________
|
|
Back to top |
|
|
me Grandmaster Cheater Reputation: 2
Joined: 24 Jun 2004 Posts: 733 Location: location location
|
Posted: Wed Feb 15, 2006 9:46 pm Post subject: |
|
|
sigh takes a while typing this lot up a painting at the same time
Description: |
|
Filesize: |
115.08 KB |
Viewed: |
49535 Time(s) |
|
_________________
|
|
Back to top |
|
|
me Grandmaster Cheater Reputation: 2
Joined: 24 Jun 2004 Posts: 733 Location: location location
|
Posted: Wed Feb 15, 2006 9:50 pm Post subject: |
|
|
anyway you can see why I left it simpler in the original tutorial,
would be a bit heavy for a first timer to go from zero to this level in one go
_________________
|
|
Back to top |
|
|
hrnyshrimp How do I cheat? Reputation: 0
Joined: 18 Feb 2006 Posts: 4
|
Posted: Tue Feb 21, 2006 5:40 pm Post subject: |
|
|
ok i so giver up i will be no good at hacking i just don't understand any of it
there has to be an easier way for people like me lol
|
|
Back to top |
|
|
Dahde Newbie cheater Reputation: 0
Joined: 26 Feb 2008 Posts: 12
|
Posted: Wed Feb 27, 2008 5:48 am Post subject: |
|
|
ExtremePK wrote: |
I) now click on the FIRST SCAN button, hopefully you will have one address, double click on the found address to add it to you code list...now in the address list click on the address part to open up the CHANGE ADDRESS dialogue box,
|
And if it does not appear??
I got my pointer value 00000291
Hex 00000123
And nothing appears when I scan for it...
What should I do?
P.S. I can t post a link to the image, getting blocked...
i31.tinypic [dot] com/296cd4w.gif
|
|
Back to top |
|
|
Labyrnth Moderator Reputation: 9
Joined: 28 Nov 2006 Posts: 6285
|
Posted: Wed Feb 27, 2008 11:54 am Post subject: |
|
|
Read the tut again, You got off track somewheres.
Your offset should match what is in the tutorial.
_________________
|
|
Back to top |
|
|
fade2gray Newbie cheater Reputation: 0
Joined: 01 Oct 2010 Posts: 12
|
Posted: Fri Oct 01, 2010 12:27 pm Post subject: |
|
|
Hey guys,
I've just installed 5.6.1 and attempted to follow the supplied tutorial but got impossibly stuck on step 6.
The tutorial tells you to ... Tutorial wrote: | First find the address of the value. When you've found it use the function to find out what accesses this address. (Instead of "find out what writes to this address.)" |
Otherwise, great stuff.
|
|
Back to top |
|
|
uzumaki19 Newbie cheater Reputation: 0
Joined: 12 May 2011 Posts: 11
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|