View previous topic :: View next topic |
Author |
Message |
navarone Advanced Cheater Reputation: 2
Joined: 29 May 2010 Posts: 72
|
Posted: Tue Jun 22, 2010 11:37 pm Post subject: Can't find a pointer |
|
|
For some weird reason, they keep the reload time Client Sided.
I am trying to find a pointer for reload address but I can't, and I don't understand anything from CE pointer scan. I found this by looking at asm and "Find out what accesses this address" etc...
So far I have come up with this.
051F12B0+0c
Points to
21F977B0 then you add +3C to point you to
058EFDB8 then you add +150 to point you to the reload address
All of these addresses are dynamic, the offsets doesn't change though.
Should I just keep going and find what points to 051F12B0? It's getting confusing remembering what points to what.
I amn't sure what CE pointer scan means my Offest 1, Offeset 2 and Offeset 3. I tried pointers I found with P scan and they all end up pointing to ????????
And why do non game related DLLs appear in P scan? (Like AVG anti virus DLLs)?
|
|
Back to top |
|
|
zile Advanced Cheater Reputation: 0
Joined: 11 Jul 2009 Posts: 75
|
Posted: Wed Jun 23, 2010 1:20 am Post subject: |
|
|
first of all, you should use "Find out what writes this address" , not accesses,
and when your finding pointer, you should keep finding address' and offsets until u reach a static one
when u use pointerscanner, try scanning for alot at first, then make the address change (relog?) then find the new reload time address, then choose rescan - remove pointers not pointing to the right address and fill in ur new address, if there are no results, try deepening the pointerscanner
non-games dll is in the pointerscanner because those are injected into every process, i think you should remove them because they wont work
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25295 Location: The netherlands
|
Posted: Wed Jun 23, 2010 5:06 am Post subject: |
|
|
Quote: | first of all, you should use "Find out what writes this address" , not accesses, |
When looking for pointers/offsets, ALWAYS use find what accesses
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
zile Advanced Cheater Reputation: 0
Joined: 11 Jul 2009 Posts: 75
|
Posted: Wed Jun 23, 2010 6:15 am Post subject: |
|
|
Dark Byte wrote: | Quote: | first of all, you should use "Find out what writes this address" , not accesses, |
When looking for pointers/offsets, ALWAYS use find what accesses |
oh ok, cuz ive seen tuts using what writes
such as http://forum.cheatengine.org/viewtopic.php?t=26451
and it also works for me
|
|
Back to top |
|
|
navarone Advanced Cheater Reputation: 2
Joined: 29 May 2010 Posts: 72
|
Posted: Wed Jun 23, 2010 12:36 pm Post subject: |
|
|
I am guessing it doesn't make a difference if used "What accesses" or "What writes"?
You will have to reference to pointer somehow to access/write anyway.
But that's just my opinion.
EDIT
Just tried Pointer Scan while setting max pointer level to 9.
Nope, didn't work.
1. Addresses returned by CE don't point out to anything (????????)
2. Offset 9 isn't = 0, I think I should scan for lvl20 pointers lol.
|
|
Back to top |
|
|
Pingo Grandmaster Cheater Reputation: 8
Joined: 12 Jul 2007 Posts: 571
|
Posted: Wed Jun 23, 2010 1:17 pm Post subject: |
|
|
Or save some time and just inject to the first instruction. You're spending all this time looking for a pointer just to edit the reload timer. The injection would take 10sec and you can move on to another client side hack.
_________________
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25295 Location: The netherlands
|
Posted: Wed Jun 23, 2010 2:31 pm Post subject: |
|
|
with p-scan, disable the option to stop traversing a path until a static has been found
and try a bigger structsize instead of more levels
oh yes, make sure this game does NOT run inside your browser, if it does, you can forget using pointers
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
navarone Advanced Cheater Reputation: 2
Joined: 29 May 2010 Posts: 72
|
Posted: Thu Jun 24, 2010 9:14 am Post subject: |
|
|
^
Just did a P scan with these options. It actually worked and returned functional pointers that point to something. But
-Max level was 14 and it seems it isn't enough.
-When adding addresses manually, some offsets end up pointing to ??????? again.
btw, no it isn't a browser game.
I really want to use pointers because I want to give the user the option to control their reload time.
Noping address that resets everything to 0 will make guns shoot uncontrollably fast and almost got me banned.
EDIT:
29 offsets lol
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25295 Location: The netherlands
|
Posted: Thu Jun 24, 2010 9:25 am Post subject: |
|
|
what kind of small game is this that for level 14 (or 29) it only find 18535004
Even the tutorial that comes with ce would find more than that (so much that it wouldn't be able to store the result son a 1TB disk)
You're NOT pressing stop right? (pressing stop is the same as just throwing away all the results, since you're missing the important pointer path)
I've updated http://wiki.cheatengine.org/index.php?title=Pointers to explain
and try a structsize of 4092 or even 8192
remember, that you HAVE to do a rescan to filter out addresses that go bad after a while and after a restart, you can not just use the results of the pointerscan just like that
also, instead of nopping, try learning some basic assembler and do a code injection. Perhaps you can store the used addresses somewhere to make a level1 pointer possible
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
navarone Advanced Cheater Reputation: 2
Joined: 29 May 2010 Posts: 72
|
Posted: Thu Jun 24, 2010 2:47 pm Post subject: |
|
|
Quote: | instead of nopping, try learning some basic assembler and do a code injection. |
That was solely for testing purpose.
Editing command like mov [ECX+98],00000000 to something like mov [ECX+98],00000512 gave me more control over my reload, as it resets to 200 instead of 0, therefore taking less time to reload without shooting mindlessly everywhere. Again, I was just testing.
I am no auto assembler/C++ expert. I just know some casual C# .Net to write ASP pages. So no code injection for me. (yet)
Btw, I finally found my pointers, turns out I wasn't doing re scans. lulz
|
|
Back to top |
|
|
|