|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
Arkas How do I cheat? Reputation: 0
Joined: 21 Jun 2007 Posts: 5
|
Posted: Fri Jun 22, 2007 4:51 pm Post subject: Need some serious help searching memory - What to try next? |
|
|
Ok first I'll give all relevant info about the game, etc... and what I am attempting. Then I'll list what I have tried.
Game- Pax Imperia : Eminent Domain
Publisher- Heliotrope Studios
CheatEngine- Stock 5.3
Custom Species design Screen:
Allows you to customize attributes of your species with a set # of points.
Points appears to be 10.
Two Values keep track of your points on the screen, "Points Spent" and "Points Remaining". One Increments, the other of course Decrements.
Starting values are determined by whatever species you have selected when you enter the customization screen. But for searching purposes, I unspend all points, so I have 0 points spent and 10 remaining.
When you have a valid number of points remaining/points spent, the "Accept" button is available, otherwise it is greyed out.
I want to double the amount of points I have to spend to customize my species. And I cannot find the value used.
What have I tried?
I have tried manipulating both values using the following Cheat Engine tactics:
Byte
2Byte
4Byte
float
Double
Text
Exact Value - Start at 0, ALWAYS comes up empty on both numbers and all data types.
Increased by Value
Increased
Decreased by Value
Decreased
Using Exact Value and Unknown value for starting
- All Dec/Inc methods Either eventually come up empty, or come up with too many values to determine correct one.
There are other things on the screen, percentage bonuses in research, finance, construction, etc... I could try searching for those, I'm just not sure how that would help me accomplish gaining double points.
Also, I could tackle the "Accept" button, but I'm not sure exactly how to go about trying that method.
Questions:
1. Could this be some kind of Anti-debugger crap I've heard about?
2. DMA would access different memory every time I startup the game, not during the middle of the game right?
3. Any suggestions on what I should try next?
4. If I should go after the accept button, can someone point me towards a tutorial? I've read about a dozen and they all seem to be basically the same tutorial.
|
|
Back to top |
|
|
Labyrnth Moderator Reputation: 9
Joined: 28 Nov 2006 Posts: 6285
|
Posted: Fri Jun 22, 2007 5:10 pm Post subject: |
|
|
Commenting on this:
Quote: | Using Exact Value and Unknown value for starting
- All Dec/Inc methods Either eventually come up empty, or come up with too many values to determine correct one. |
If this is a Mac you are using then, dont bother reading my post.
-------------------------------------------------------------------------------------
If it comes up empty you could be messing up in your steps doing has changed scans, inc and dec. If you mess up once. It will lead to 0 finds.
You have to pay close attention to what scan you done so you know the next one is dec * If you made the points dec.
-----------------------------------------------------------------------------------------
Start with 10.
Now, since you find no values doing exact scans, You have to do unknown scans. Try has changed scans a few times while chnging the points , Then make it 10 again then and do "same as first scan" Also, dont be so quick to scan. Give t a second between scans, The code could be slow and not change the value real quick like you would think.
Also try 16 bit as well.
This is just some theory to try. Post again after you gave it a try.
Damn: I even looked for a demo of this game. I cant believe it isnt a free game.
_________________
|
|
Back to top |
|
|
Arkas How do I cheat? Reputation: 0
Joined: 21 Jun 2007 Posts: 5
|
Posted: Fri Jun 22, 2007 5:53 pm Post subject: |
|
|
PC. - WinXP
Quote: |
If it comes up empty you could be messing up in your steps doing has changed scans, inc and dec. If you mess up once. It will lead to 0 finds.
You have to pay close attention to what scan you done so you know the next one is dec * If you made the points dec.
|
I went through the tutorials with out a single mistake. And I was able to hack any value I wanted in Jagged Alliance 2 without a problem. Then again, I have the source code for JA2 so I don't have to hack it I can just change it. But I needed something to use for a test, and that seemed like the best thing.
Also, not sure if this is relevant, but when you create a custom species, it saves that data into a file. I spent about 12 hours creating a custom species and hexing the binary until I was 99.9% sure I had all the right values I wanted, I knew where the data seperators were, which values changed when I selected different abilities, what the ranges of the values were, etc...
Then I edited the file, and while I was able to successfully change the name of the species, and modify a 100 character description into a 150 character description (changing the size of the file), everything worked fine.
But if I tried to modify the abilities and characteristics of my species, the ones at the end of the file did not work (even without changing the size of the file, I just changed the bytes that contained the data, mostly consisted of changing 00's to 01's and changing 01's to 05's. Making sure to leave everything in the same positions).
I tried creating a species with good values at the end, and the first attributes turned off, and vice versa. Then editing to give me all options as high as they go. In either case, the first half or so worked, and the second half did not.
Quote: |
Damn: I even looked for a demo of this game. I cant believe it isnt a free game.
|
I'm fond of older games, they didn't concentrate so much on graphics, so there is usually 10x more gameplay than most of today's games. Not saying I don't buy into some eye candy, but I'm happier playing UO or AC over WoW or DAOC. Plus it's fun making them work in XP, reminds me of trying to get my 386 games to work on my 286.
I'll try 16bit and let you know. I thought I had both checked though. If that doesn't work, I'll jump further in the game and see if I can get any value like Money, etc... to work.
EDIT: You can probably find it at Abandonia. It's old enough to be there and I beleive the developer is long since out of business. Sad really, it was a very good 4x. Not as good as MOO, but still very good.
EDIT2: 16Bit - No accessible memory in that address range
|
|
Back to top |
|
|
spedchyyz Master Cheater Reputation: 0
Joined: 16 Jun 2007 Posts: 268 Location: what ?
|
Posted: Sat Jun 23, 2007 12:59 am Post subject: can it be? |
|
|
cant this also be like one of those things like wat flash it is like for 7 u gotta do double scan of ur points and if u have flash 8 or 9 u gotta do 4 byte scan of 8 x ur points??
_________________
|
|
Back to top |
|
|
Arkas How do I cheat? Reputation: 0
Joined: 21 Jun 2007 Posts: 5
|
Posted: Sat Jun 23, 2007 7:59 am Post subject: |
|
|
Ok, well... It looks like this is going to be one of those situations where brute force trial and error will have to occurr.
Any tips that could save me a few thousand memory edits, lockups and crashes? I'd appreciate them. I'll post the trainer when I'm done
|
|
Back to top |
|
|
Kasp90 How do I cheat? Reputation: 0
Joined: 12 Oct 2017 Posts: 1
|
Posted: Fri Oct 13, 2017 12:01 pm Post subject: |
|
|
So did anybody succeeded with this points?
|
|
Back to top |
|
|
Cake-san Grandmaster Cheater Reputation: 8
Joined: 18 Dec 2014 Posts: 541 Location: Semenanjung
|
Posted: Fri Oct 13, 2017 3:47 pm Post subject: |
|
|
Wow, the game is older than me...
Code: |
[ENABLE]
aobscanmodule(research,Pax Imperia.exe,8B 44 24 04 8A 44 01 10 C2 04 00)
aobscanmodule(point,Pax Imperia.exe,89 4E 6C 8B CF E8 * * * * 8B 56 6C)
alloc(newmem,2048)
label(newmem2)
label(returnhere)
label(returnhere2)
point:
jmp newmem2
returnhere2:
newmem:
mov eax,[esp+04]
mov byte ptr [ecx+eax+10],#99
mov byte ptr [ecx+eax+15],#99
mov al,[ecx+eax+10]
jmp returnhere
newmem2:
mov ecx,#-999
mov [esi+6C],ecx
mov ecx,edi
jmp returnhere2
research:
jmp newmem
nop
nop
nop
returnhere:
registersymbol(research)
registersymbol(point)
[DISABLE]
dealloc(newmem)
research:
db 8B 44 24 04 8A 44 01 10
//mov eax,[esp+04]
//mov al,[ecx+eax+10]
point:
mov [esi+6C],ecx
mov ecx,edi
//Alt: db 89 4E 6C 8B CF
unregistersymbol(research)
unregistersymbol(point)
|
This will break the game.
_________________
... |
|
Back to top |
|
|
OldCheatEngineUser Whateven rank Reputation: 20
Joined: 01 Feb 2016 Posts: 1587
|
Posted: Fri Oct 13, 2017 4:49 pm Post subject: |
|
|
wtf!
bringing 10 years old thread from hell to life.
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
STN wrote: | i am a sweetheart. |
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|