| View previous topic :: View next topic |
| Author |
Message |
BinaryAbuse
Newbie cheater
![]() Reputation: 0
Joined: 04 Aug 2010
Posts: 19
|
 Posted: Tue Feb 15, 2011 4:47 pm Post subject: How to find addresses of collision calculation |
 |
|
I want to know how to find the memory addresses of the collision calculation in a game.
Example:
- you throw something into any other thing and these objects collide
- you drive in a racing game and two cars collide
How to find these addresses? |
|
| Back to top |
|
 |
Geri
Moderator
![]() Reputation: 111
Joined: 05 Feb 2010
Posts: 5627
|
| Posted: Tue Feb 15, 2011 6:49 pm Post subject: |
|
|
One method:
You need to find a code which is executed when the 2 cars will collide. For example a health decreasing code (if there is damage in the game). Then You have to backtrace the whole process to see what happened.
_________________
|
|
| Back to top |
|
|
BinaryAbuse
Newbie cheater
![]() Reputation: 0
Joined: 04 Aug 2010
Posts: 19
|
| Posted: Wed Feb 16, 2011 2:42 am Post subject: |
|
|
| Geri wrote: | | [...] You need to find a code which is executed when the 2 cars will collide. [...] |
Ok, but how do i scan for this code with Cheat Engine?
I mean, i would have to set Cheat Engine to watch the process,
while my car collides with other things to find it, right?
But how? |
|
| Back to top |
|
|
Geri
Moderator
![]() Reputation: 111
Joined: 05 Feb 2010
Posts: 5627
|
| Posted: Wed Feb 16, 2011 4:18 am Post subject: |
|
|
No, if You trace the process, it will slow down so You will not be able to play.
You need to be creative and think about something that is related to the car collision and You can find manually.
Like damage of the car for example. If You know what is changing the health, You can backtrace the process like this:
taking x damage -> calculating the damage -> what was damaging Your car -> how is the collision calculated
etc.
You need to know how to use the debugger and how to backtrace in the codes for this.
_________________
|
|
| Back to top |
|
|
BinaryAbuse
Newbie cheater
![]() Reputation: 0
Joined: 04 Aug 2010
Posts: 19
|
| Posted: Wed Feb 16, 2011 5:17 am Post subject: |
|
|
| Geri wrote: | [...] Like damage of the car for example. If You know what is changing the health, You can backtrace the process like this:
taking x damage -> calculating the damage -> what was damaging Your car -> how is the collision calculated [...] |
Ok, i understand that part. Thank you.
But how can i find collision in games that have no damage values?
For example:
- you crash your car into some taffic signs, and they will slow down your car
Would it be possible to crash the traffic signs, but car gets not affected by it?
(no slow down effect) |
|
| Back to top |
|
|
Geri
Moderator
![]() Reputation: 111
Joined: 05 Feb 2010
Posts: 5627
|
| Posted: Wed Feb 16, 2011 6:07 am Post subject: |
|
|
What You want to do is reverse-engineering the physics engine of the game. This means You need to work with mostly shared codes, with values that are accessed by tons of codes mostly thousands of times in a second.
You will have to be creative and You will also need some experience in debugging to mess with the physics of a game or an object. Not to mention that simulators obviously have a very complex physics engine as the whole game is about simulating real life physics.
First You need to figure out how is the engine working (at least approximately) and if You see the big picture and have at least a slight guess of what factors are affecting Your car speed/direction etc, then You can try to find how is the collision affecting the system.
This is certainly not the same as making an "unlimited health" cheat but much more complex. Changing the speed/weight/co-ordinates etc of the car or similar is not so difficult, but to change the game physics and simply turn off collision is far more complicated.
Many interesting stuff can be done with modifying Your car's data but You need to figure out how is the game working by Yourself.
For example if Your car's weight is like 80 tons, traffic lights will surely not slow it down but this will also mean that Your car will be slow or not start at all with its default engine as it wasn't designed for tanks.
The easiest solution would be if there is "invulnerability" in the game, where You have a few seconds when Your car is a "ghost" only. Most racing games have this effect when Your car is crashed and You are placed back on the road. Then all You need to do is find the timer which counts how much time do You have until Your invincibility will turn off.
_________________
|
|
| Back to top |
|
|
BinaryAbuse
Newbie cheater
![]() Reputation: 0
Joined: 04 Aug 2010
Posts: 19
|
| Posted: Thu Feb 17, 2011 12:57 pm Post subject: |
|
|
wow, thank you for that very detailed information.
I think it will help me to find the things Iam looking for!
I already found car handling and movement indicators.
So i am already able to move the car without keyboard input.
(move, rotate, tilt, changing coordinates and height over ground)
Do you think it is possible to find the 'call' of physics engine
if i look what writes to the "movement" of the car?
I found values that show the movent speed of the car in direction north to south and east to west. These values changing every few milliseconds and
i can freeze them to any value to set an continuously moving in any direction. |
|
| Back to top |
|
|
Geri
Moderator
![]() Reputation: 111
Joined: 05 Feb 2010
Posts: 5627
|
| Posted: Thu Feb 17, 2011 1:09 pm Post subject: |
|
|
| Quote: | I found values that show the movent speed of the car in direction north to south and east to west. These values changing every few milliseconds and
i can freeze them to any value to set an continuously moving in any direction. |
Yes, usually the objects have co-ordinates and vectors (just like a real-life object). It is stored where is the object at the moment, where it is heading etc. It is easy to find these info for the objects and mess with them.
| Quote: | Do you think it is possible to find the 'call' of physics engine
if i look what writes to the "movement" of the car? |
If it is a simulator, than almost the whole game is a huge physics engine, with many functions and sub-functions. Of course You can find tons of functions if You check what is accessing to the co-ordinates and vectors but be prepared to find tons of codes even for one address. If the vectors are accessed by 50 codes or more, it is totally usual. As I have mentioned, these engines are complex. You need to check the codes and see what they do. Probably You will find many interesting stuff to mess with.
Also, be prepared to some major slowdown when You will start debugging an important address as many codes will access it very rapidly. Best method is to run the game in window and on low resolution to not eat up Your whole computer. Also be aware that this heavy usage may crash the debugger and the program.
_________________
|
|
| Back to top |
|
|
BinaryAbuse
Newbie cheater
![]() Reputation: 0
Joined: 04 Aug 2010
Posts: 19
|
| Posted: Thu Feb 17, 2011 1:24 pm Post subject: |
|
|
Thank you for your quick and detailed answer!
I just tried put what i was thinking about, and i found a Instruction,
which gets called, when i hit objects. I will now look into it and hope
to find a way to stop that instruction without crashing the game.
I don't think my PC gets slowed down, because i have good system here.
- Intel Core i7 (quad with 2 threads for each core) @ 4,0 GHz
- 6 GB of RAM
But thank you for your information and warnings!
I just have some more questions:
- Does Cheat Engine have a debugger function like Olly Debug?
- So if i stop the game (pause) can i go through the code Step by Step?
- Can i 'step over' and 'step into' a call? |
|
| Back to top |
|
|
Geri
Moderator
![]() Reputation: 111
Joined: 05 Feb 2010
Posts: 5627
|
| Posted: Thu Feb 17, 2011 1:31 pm Post subject: |
 |
|
| BinaryAbuse wrote: | Thank you for your quick and detailed answer!
I just tried put what i was thinking about, and i found a Instruction,
which gets called, when i hit objects. I will now look into it and hope
to find a way to stop that instruction without crashing the game.
I don't think my PC gets slowed down, because i have good system here.
- Intel Core i7 (quad with 2 threads for each core) @ 4,0 GHz
- 6 GB of RAM
But thank you for your information and warnings!
I just have some more questions:
- Does Cheat Engine have a debugger function like Olly Debug?
- So if i stop the game (pause) can i go through the code Step by Step?
- Can i 'step over' and 'step into' a call? |
Regardless of Your computer speed, You will experience some slow-down when You use the debugger for sure.
Of course CE has those functions too. Open the memory browser, go to the code in the disassembler view and You can set breakpoint on it ( F5 ). After the process has breaked, You can use Step and Step over too ( F7 and F8 ). Check the "Debug" menu in the memory browser. It also has tracing, conditional breakpoints etc.
Some info about the CE debugger can be found here:
http://www.szemelyesintegracio.hu/cheats/41-game-hacking-articles/225-basic-encryptions-debugging-backtracing-and-some-info-on-the-stack
http://www.szemelyesintegracio.hu/cheats/41-game-hacking-articles/216-cheat-engine-6-features
_________________
|
|
| Back to top |
|
|
BinaryAbuse
Newbie cheater
![]() Reputation: 0
Joined: 04 Aug 2010
Posts: 19
|
| Posted: Thu Feb 17, 2011 1:37 pm Post subject: |
|
|
Ok very nice information. That will help me very much.
Thank you for your good help!
I will search for the things now and Iam sure to find them, because you
gave me very usefull hints.  |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
