Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Can't find any static address...
Goto page Previous  1, 2, 3, 4  Next
 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
vmv
Cheater
Reputation: 0

Joined: 29 Jun 2013
Posts: 32

PostPosted: Mon Jul 01, 2013 11:58 pm    Post subject: Reply with quote

[quote="TsTg"]
Quote:

MyMemory = VirtualAllocEx (hProc, NULL, 0x1000, 0x1000, 0x40); // here is an error, "a value of type LPVOID cannot be assigned to an entity tipe of int."



Sorry, the syntax of VirtualAllocEx is this:

LPVOID WINAPI VirtualAllocEx(
_In_ HANDLE hProcess, //Process Handle
_In_opt_ LPVOID lpAddress, //Set to NULL
_In_ SIZE_T dwSize, //Allocation size, use 0x1000
_In_ DWORD flAllocationType, //,MEM_COMMIT|MEM_RESERVE
_In_ DWORD flProtect //use 0x40 for PAGE_EXECUTE_READWRITE
);

the return value is the allocation base address, or 0 if failed.

also, set DWORD MyMemory instead of int MyMemory, i guess that should be:
Code:
DWORD MyMemory = 0;
LPVOID MyMemory = VirtualAllocEx (hProc, NULL, 0x1000, ,MEM_COMMIT|MEM_RESERVE, 0x40);

Still get some errors:
1>line(29): error C2040: 'MyMemory' : 'LPVOID' differs in levels of indirection from 'DWORD'
1>line(49): error C2440: '=' : cannot convert from 'DWORD' to 'int'

It's working like this:
Code:
DWORD MyMemory = 0;

    MyMemory = (DWORD)VirtualAllocEx (hProc, NULL, 1024, MEM_COMMIT|MEM_RESERVE, PAGE_EXECUTE_READWRITE);

    newValue = MyMemory + 4;
    WriteProcessMemory (hProc, (void*)MyMemory, &newValue, sizeof(newValue), NULL);

    newValue = 0x04EA80C7;
    WriteProcessMemory (hProc, (void*)(MyMemory +4 ),  &newValue, sizeof(newValue), NULL);

    newValue = 0x03840000;
    WriteProcessMemory (hProc, (void*)(MyMemory +8 ),  &newValue, sizeof(newValue), NULL);

    newValue = 0xE58B0000;
    WriteProcessMemory (hProc, (void*)(MyMemory +12 ), &newValue, sizeof(newValue), NULL);

    newValue = 0x0008C25D;
    WriteProcessMemory (hProc, (void*)(MyMemory +16 ), &newValue, sizeof(newValue), NULL);
 
    newValue = 0x25FF;
    WriteProcessMemory (hProc, (void*)newAddress, &newValue, 2, NULL);

    newValue = MyMemory;
    WriteProcessMemory (hProc, (void*)(newAddress + 2), &newValue, 4, NULL);


Now it is working awesome ...no crash anymore and if map changes i just need to change my weapon to get back to 900/1200 value.
Is there any way to simplify this code for further implementation, how Dark Byte suggested...for other address(value) to be added ?
And to disable it i add this lines to the end ? :
Code:
/*int oldValue = 0xEA908966;
    WriteProcessMemory (hProc, (void*)newAddress, &oldValue, sizeof(oldValue), NULL); 

    oldValue = 0x000004;
    WriteProcessMemory (hProc, (void*)(newAddress + 4), &oldValue, 3, NULL);*/
...now is commented, but i will test all posible variants Smile

Thank you,
Back to top
View user's profile Send private message
TsTg
Master Cheater
Reputation: 5

Joined: 12 Dec 2012
Posts: 340
Location: Somewhere....

PostPosted: Tue Jul 02, 2013 12:41 am    Post subject: Reply with quote

Create an Array containing the Enable code bytes(fill it with the code cave's 16 hex bytes, no reverse order), and another array for the Disable code bytes, then in just one call to WriteProcessMemory (with lpBuffer is the pointer of your array start, and size is the same array's size(16), this should write the full code cave, use another call to make the redirection, and for the disable you can use the code you asked about above, or use one WriteProcessMemory call (with lpBuffer is the pointer to your disable array, and size is 7 bytes).
Back to top
View user's profile Send private message
vmv
Cheater
Reputation: 0

Joined: 29 Jun 2013
Posts: 32

PostPosted: Tue Jul 02, 2013 6:50 am    Post subject: Reply with quote

I can't fix it....my head is a mess Neutral

Code:
   DWORD newAddress     = dllBase + 0x17CC7D;
   
   BYTE newValue[] = { 0x90,0x90,0x90,0x90,0x90,0x90,0x90 };
   WriteProcessMemory (hProc, (void*)newAddress, &newValue, sizeof(newValue), NULL);

    DWORD MyMemory = (DWORD)VirtualAllocEx (hProc, NULL, 0x1000, MEM_COMMIT|MEM_RESERVE, 0x40);

   BYTE StartAddress[] = { 0xC7,0x80,0xEA,0x04,  0x00,0x00,0xB0,0x04,  0x00,0x00,0x8B,0xE5,  0x5D,0xC2,0x08,0x00 };
   WriteProcessMemory (hProc, (void*)newAddress, newValue + 4, sizeof(newValue), NULL);
 
   BYTE Redirect[] = { 0xFF,0x25 };
   WriteProcessMemory (hProc, (void*)newAddress, &newValue, 2, NULL);

   WriteProcessMemory (hProc, (void*)(newAddress + 2), &MyMemory, 4, NULL);


It's crashing often.... "Access Violation in module Unknown at 0023:f067c003."
Still hard for me to understand all of it.
Thank you,
Back to top
View user's profile Send private message
TsTg
Master Cheater
Reputation: 5

Joined: 12 Dec 2012
Posts: 340
Location: Somewhere....

PostPosted: Wed Jul 03, 2013 1:33 am    Post subject: This post has 1 review(s) Reply with quote

You totally messed up with it, this line is not needed:

Code:
BYTE newValue[] = { 0x90,0x90,0x90,0x90,0x90,0x90,0x90 };
   WriteProcessMemory (hProc, (void*)newAddress, &newValue, sizeof(newValue), NULL);



then, this line is what crashes the game, as these bytes are to be written in the ALLOCATED MEMORY and NOT IN newAddress, that line is:

Code:

   WriteProcessMemory (hProc, (void*)newAddress, newValue + 4, sizeof(newValue), NULL);



The following code should work and have all you need:

Code:
DWORD TargetAddress     = dllBase + 0x17CC7D;

DWORD MyMemory = (DWORD)VirtualAllocEx (hProc, NULL, 0x1000, MEM_COMMIT|MEM_RESERVE, 0x40);

BYTE MyCodeBytes[] = { 0xC7,0x80,0xEA,0x04,  0x00,0x00,0xB0,0x04,  0x00,0x00,0x8B,0xE5,  0x5D,0xC2,0x08,0x00 };
   WriteProcessMemory (hProc, (void*) (MyMemory+4), &MyCodeBytes, 16, NULL);

newValue = MyMemory + 4;
    WriteProcessMemory (hProc, (void*)MyMemory, &newValue, sizeof(newValue), NULL);

    newValue = 0x25FF;
    WriteProcessMemory (hProc, (void*)TargetAddress, &newValue, 2, NULL);

    newValue = MyMemory;
    WriteProcessMemory (hProc, (void*)(TargetAddress + 2), &newValue, 4, NULL);



then to disable hack, use this:

Code:
BYTE OriginalCodeBytes[] = { 0x66,0x89,0x90,0xEA,  0x04,0x00,0x00 };
   WriteProcessMemory (hProc, (void*) TargetAddress, &OriginalCodeBytes, 7, NULL);
Back to top
View user's profile Send private message
vmv
Cheater
Reputation: 0

Joined: 29 Jun 2013
Posts: 32

PostPosted: Wed Jul 03, 2013 2:23 am    Post subject: Reply with quote

"newValue = MyMemory + 4;" new value is unidentified if i don't declare the old code :
Code:
int newValue = 0x90909090;
    WriteProcessMemory (hProc, (void*)newAddress, &newValue, sizeof(newValue), NULL);
    WriteProcessMemory (hProc, (void*)(newAddress + 4), &newValue, 3, NULL);


Is this need it anymore ?
Back to top
View user's profile Send private message
TsTg
Master Cheater
Reputation: 5

Joined: 12 Dec 2012
Posts: 340
Location: Somewhere....

PostPosted: Wed Jul 03, 2013 2:27 am    Post subject: Reply with quote

ok then define it, say int newValue = 0;
(put the definition at the code beginning)

and yes those line are not needed
Back to top
View user's profile Send private message
vmv
Cheater
Reputation: 0

Joined: 29 Jun 2013
Posts: 32

PostPosted: Wed Jul 03, 2013 2:33 am    Post subject: Reply with quote

Ok,i will try this way soon enough...thank you Smile

One last question.... how did you came up with this addresses :
// C7 80 EA 04 00 00 B0 04 00 00 8B E5 5D C2 08 00
I'm trying to understand how to calculate them exactly for a new address to make on my own ..

Thank you,
Back to top
View user's profile Send private message
TsTg
Master Cheater
Reputation: 5

Joined: 12 Dec 2012
Posts: 340
Location: Somewhere....

PostPosted: Wed Jul 03, 2013 2:53 am    Post subject: Reply with quote

If you take a look at the code in cheat enigne, you should see the bytes as in the picture.

from there you can notice the bytes of the code are C7 80 EA 04 00 00 B0 04 00 00 8B E5 5D C2 08 00
Back to top
View user's profile Send private message
vmv
Cheater
Reputation: 0

Joined: 29 Jun 2013
Posts: 32

PostPosted: Wed Jul 03, 2013 3:08 am    Post subject: Reply with quote

Yes but this is the injected code...
The original one looks different and then you write this addresses to be used.

First the address looks like my first post, then all of them are NOP's 90, then this one.
This i can't understand.
For example if i take the address above of mine ... the address with [eax+000004E8],cx....
How you calculated to get that C7 80.. ?
Back to top
View user's profile Send private message
TsTg
Master Cheater
Reputation: 5

Joined: 12 Dec 2012
Posts: 340
Location: Somewhere....

PostPosted: Wed Jul 03, 2013 3:13 am    Post subject: Reply with quote

Well, i don't calculate them, i modify them in cheat engine and then get the new patch bytes i need, you can press Enter, on the mov [eax+000004E8],cx line, then enter any new instruction, then press Enter again, the new bytes and instruction will appear in ce's window.
Back to top
View user's profile Send private message
vmv
Cheater
Reputation: 0

Joined: 29 Jun 2013
Posts: 32

PostPosted: Wed Jul 03, 2013 3:26 am    Post subject: Reply with quote

Heh, i did this and changed the ",cx" with 00000001, and CE asked me if i want to change my 10 bytes with 7 bytes and the rest to be filled with NOP's, then game crashed after i pressed Enter...Smile
Back to top
View user's profile Send private message
TsTg
Master Cheater
Reputation: 5

Joined: 12 Dec 2012
Posts: 340
Location: Somewhere....

PostPosted: Wed Jul 03, 2013 3:29 am    Post subject: Reply with quote

you mean you taken 10 bytes of new code, while you have 7, means no space, so cheat engine corrupted also the next instruction's first 3 bytes, that's why game crashed, this is why we said to allocate en empty memory to write the code cave.
Back to top
View user's profile Send private message
vmv
Cheater
Reputation: 0

Joined: 29 Jun 2013
Posts: 32

PostPosted: Wed Jul 03, 2013 3:35 am    Post subject: Reply with quote

Oki, i got that but to write down the new needed values, where cx,dx are, what should i write to keep the game on and to use this new values...?
My new values + ?.... 00 00 00 ?
Back to top
View user's profile Send private message
TsTg
Master Cheater
Reputation: 5

Joined: 12 Dec 2012
Posts: 340
Location: Somewhere....

PostPosted: Wed Jul 03, 2013 3:42 am    Post subject: Reply with quote

I don't understand, do you mean you want to to save the value in cx and dx to somewhere for later use ?
Back to top
View user's profile Send private message
vmv
Cheater
Reputation: 0

Joined: 29 Jun 2013
Posts: 32

PostPosted: Wed Jul 03, 2013 3:52 am    Post subject: Reply with quote

No, you said that you only write on cx,dx place some new values to retrieve the addresses need it for the codecave, but when i do that and add my desire value like 1200(hex) for examle, i told you ...the game is crashing and i can't copy the new values from there ... to use them as you did.

edit: look, this is what is there at first enter: "mov [eax+000004F2],dx".....then i add my new desired value for codecave, "mov [eax+000004F2],00000001"...at this point, if i press enter, the game is crashing.
CE:
"The generated code is 10 bytes long,but the selected opcode is 7 bytes long,! Do you want to replace the rest of opcodes with NOP's ?"
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Goto page Previous  1, 2, 3, 4  Next
Page 2 of 4

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites