Cheat Engine

Kerhuz · How do I cheat? Reputation: 0 Joined: 12 Jun 2010 Posts: 4

Ok, so i got this timer i want to hack.
It's on a football game, single player (so it'a all client side) and i want the match to end with the press of a button.

I already have the time adresses. They are 5 and are all static.
The time is in seconds, so if the match is at minute 54:45, the value of the address will show 54*60+45=3285.

The thing is, i can't change the values on the adresses. And if i freeeze them, the timer keeps on going inside the game like there's nothing affecting it.
I've searched on the disassembler what the instructions were:

1st address:
mov [cdapfn0506_referee_findrestartposition+1606a8],esi

2nd address:
mov [esi*4+cdapfn0506_referee_findrestartposition+4f8450],ecx

3rd address:
mov [esi*4+cdapfn0506_referee_findrestartposition+4f8450],ecx

4th address:
mov [edx],eax

5th address:
mov [esi+24],eax

Any ideas?

Kerhuz · How do I cheat? Reputation: 0 Joined: 12 Jun 2010 Posts: 4

No one?

kantoboy69 · Posted: Sun Jun 13, 2010 2:18 am Post subject:

* Timer is usually triggered by a start and stop function
* Timer usually compares the remaining time to zero

Kerhuz · How do I cheat? Reputation: 0 Joined: 12 Jun 2010 Posts: 4

Thanks for your hint:

I found a lot of cmp between that refereestartposition and other stuff.

example:

cmp [cdapfn0506_referee_findrestartposition+524444],ecx

there are a lot of this things on the code. Maybe 300+.
Whenever i change just the slightest thing on the code, i just get the game to crash on me...
What is generally the procedure you guys do to make this work?

Geri · Moderator Reputation: 111 Joined: 05 Feb 2010 Posts: 5627

I don't think You are searching on the right place. Most of the games do not use static addresses for timers and as You said, even if You freeze these addresses, nothing will happen. Most likely You have found the value which is storing the displayed time but You did not found the timer yet.

1. Find the address for the real timer, which is really changing the remaining time.
2. Find out what writes to that address.
3. Write a script which is changing the timer to Your liking, or if You can not do that, try to find a pointer.

Kerhuz · How do I cheat? Reputation: 0 Joined: 12 Jun 2010 Posts: 4

How can i do that?

I've searched for the time in minutes and got the time adresses.
Searched for the time in seconds (with value between, because the game doesn't display seconds) and got nothing...
Ex:
If it's in minute 5 i know the game time is seconds is something between 5*60 seconds and 6*60 seconds.

How do you suppose i could find it?

Geri · Moderator Reputation: 111 Joined: 05 Feb 2010 Posts: 5627

In most cases, You will not find it by searching for seconds or minutes. You can find it if You search for unknown values. It can be a decreasing or an increasing value too. In some programs, it is a counter which starts from zero and increasing until a value and in other programs its the opposite. It is different in almost every game. Try search for Float and 4 bytes values.

If You have some address which is related to the timer, You can check out the assembly code to see how it is getting the time that is displayed. You may find a code in the vicinity which is accessing to the time's address.