 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
joranger
How do I cheat?
![]() Reputation: 0
Joined: 27 Jan 2014
Posts: 3
|
 Posted: Mon Jan 27, 2014 8:43 am Post subject: Finding pointer for constant value |
 |
|
I've learn about pointer and want to make one because the addresses keep changing every time time i restart the game
but the one I want to make is constant value that I can't change it (ex. selling price of weapon)
So my understand is "I can't use find out what access/write to this address"
Is that right?
So I search through the internet and try to use 'pointer scan for this address'
But I still have like 300k+ result after 10th+ attempt
Did I do something wrong?
|
|
| Back to top |
|
 |
Hatschi
Master Cheater
![]() Reputation: 2
Joined: 28 Jan 2010
Posts: 327
|
| Posted: Mon Jan 27, 2014 9:17 am Post subject: |
|
|
I'm not sure if I got it. By constant values you're talking about restricted memroy areas or values that automatically resets upon change?
Perhaps you got either the wrong address (mostly likely visuals) or something is constantly writing to the address and you may need to find out what and more important why. Pointers won't help you at this stage.
And why can't you use the debugger?
|
|
| Back to top |
|
|
joranger
How do I cheat?
![]() Reputation: 0
Joined: 27 Jan 2014
Posts: 3
|
| Posted: Mon Jan 27, 2014 10:03 am Post subject: |
|
|
Don't know if my answer make sense im just start to learn this
let me further explain this (tell me if im wrong or explain something dumb)
the game is Labyrinth of Touhou 1 and I try to change the character stat growth per level
I can make pointer for character's MAX HP because I can reduce the HP by got hit by some mob, and the code like 0091fd77 mov [ecx+14] will pop up, then proceed to the next step.
So about HP GROWTH per level (I've search the game wiki for the value and already try it, it worked), try the earlier method, but it doesn't work due to the value being constant so the code like 0091fd77 mov [ecx+14] doesn't pop up for me.
so I move to pointer scan.
I keep scan, reset the game, scan the game for 10+ times but still got like 300k+ result
does that make sense? and Thanks for the reply 
|
|
| Back to top |
|
|
Gniarf
Grandmaster Cheater Supreme
![]() Reputation: 43
Joined: 12 Mar 2012
Posts: 1285
|
| Posted: Mon Jan 27, 2014 6:38 pm Post subject: |
|
|
| joranger wrote: | | So about HP GROWTH per level (I've search the game wiki for the value and already try it, it worked), try the earlier method, but it doesn't work due to the value being constant so the code like 0091fd77 mov [ecx+14] doesn't pop up for me. |
If you use "find out what accesses..." you should get a result. If not, you probably haven't found the correct address, or CE's debugger is not working correctly.
| joranger wrote: | so I move to pointer scan.
I keep scan, reset the game, scan the game for 10+ times but still got like 300k+ result |
1-When looking for pointers, do not use the method described in the tutorial until you're a competent hacker, as in: don't need my help anymore. Instead use the pointerscanner. Having a lot of results is not a problem, just pick any one that works and use it.
2-The "easiest" method I know to hack constant is to find a related variable affected by this constant (like money for weapon cost), find out what accesses/writes that variable and understand the game's code until you can pinpoint where the variation (money expense) comes from. Usually this is NOT easy, but since touhou no meikyuu is a doujin game the coding is not as complex as in western AAA games [insert usual rant at japanese coding]. Here is the analysis for max HP calculation in TnM trial (read comments from bottom to top): | Code: | //load CharacterSheet+4(level), affects ALL stats) into ecx
thLabyrinth.exe+2E1B26 - 8B 48 04 - mov ecx,[eax+04]
//add 6 to level
thLabyrinth.exe+2E1B29 - 83 C1 06 - add ecx,06
thLabyrinth.exe+2E1B2C - 8B 55 F8 - mov edx,[ebp-08]
//multiply ecx=BaseMaxHp by CharacterSheet+5C (hp growth per character level)
thLabyrinth.exe+2E1B2F - 0FAF 4A 5C - imul ecx,[edx+5C]
//make a temporary copy of BaseMaxHp
thLabyrinth.exe+2E1B33 - 89 8D 30FFFFFF - mov [ebp-000000D0],ecx
//loads BaseMaxHp into st0
thLabyrinth.exe+2E1B39 - DB 85 30FFFFFF - fild dword ptr [ebp-000000D0]
//adds thLabyrinth.exe+806238 = 12.0 to st0
thLabyrinth.exe+2E1B3F - DC 05 3862AF01 - fadd qword ptr [thLabyrinth.exe+806238]
//stores st0 at ebp-000000D4
thLabyrinth.exe+2E1B45 - D9 9D 2CFFFFFF - fstp dword ptr [ebp-000000D4]
//take what we just stored (above) and put it back into st0 (stupid compiler...)
thLabyrinth.exe+2E1B4B - D9 85 2CFFFFFF - fld dword ptr [ebp-000000D4]
//loads into eax the address of your character sheet (same thing as at thLabyrinth.exe+2E1B64)
thLabyrinth.exe+2E1B51 - 8B 45 F8 - mov eax,[ebp-08]
//moves st0 into st1 and loads a 4byte integer (MaxHpUpgradeFactor) into st0
thLabyrinth.exe+2E1B54 - DB 40 7C - fild dword ptr [eax+7C]
//divides st0 by thLabyrinth.exe+805DA0 = 100.0
thLabyrinth.exe+2E1B57 - DC 35 A05DAF01 - fdiv qword ptr [thLabyrinth.exe+805DA0]
//multiplies the float in st1 by the one in st0 and stores the result in st0. Actually it's MaxHp=BaseMaxHp*MaxHpUpgradeFactor
thLabyrinth.exe+2E1B5D - DEC9 - fmulp st(1),st(0)
//call *** is a function call, so likely this is the last modification of eax. When you analyze this function it simply copies st0 into eax.
thLabyrinth.exe+2E1B5F - E8 80C0FCFF - call thLabyrinth.exe+2ADBE4
thLabyrinth.exe+2E1B64 - 8B 4D F8 - mov ecx,[ebp-08]
//writes max HP. When functions return a value, it is stored in eax
thLabyrinth.exe+2E1B67 - 89 41 14 - mov [ecx+14],eax
|
Hmm strange formula: max hp=[cs+14]=(([cs+4]+6)*[cs+5C]+12.0)*[cs+7C] (cs means CharacterSheet)
or max hp=(level+6)*HPgrowth*MaxHpUpgradeFactor + 12*MaxHpUpgradeFactor
If you want to change hp increase per skill upgrade (and not per character level), then you can do it via the 12 or via MaxHpUpgradeFactor=100+skill_level*4. Otherwise just change HPGrowth.
For the 12 approach paste this in cheat engine, but know that it affects all characters:
| Code: | <?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>10</ID>
<Description>"Locate HP growth"</Description>
<LastState Activated="0"/>
<Color>80000008</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[enable]
aobscan(HpGrowth_aob,0F AF 4A 5C 89 8D 30 FF FF FF DB 85 30 FF FF FF)
label(HpGrowthPtrBase)
registersymbol(HpGrowthPtrBase)
HpGrowth_aob+12:
HpGrowthPtrBase:
[disable]
unregistersymbol(HpGrowthPtrBase)
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>11</ID>
<Description>"Hp growth"</Description>
<LastState Value="??" Activated="0" RealAddress="00000000"/>
<Color>80000008</Color>
<VariableType>Double</VariableType>
<Address>[HpGrowthPtrBase]</Address>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
</CheatTable> |
For fellow hackers wondering why I use an aobscan to locate a static thLabyrinth.exe+806238, it because it's NOT static; reboot the game and that will be at another Rva.
If you want alter MaxHpUpgradeFactor, find what writes on it and change the add eax,4 four lines above (this will also affect all characters). Then make yourself a patch with aobscan.
...As for the other stats, it's exactly the same story...
Bonus: some info I gathered on the character sheet:
| Code: | character sheet offsets+description
0
4 level
8 xp
C ?
10 SP regen
14 Max HP
18 HP
1C Max SP
20 SP
24 Max TP
28 TP
2C ATK
30 DEF
34 MAG
38 MENT
3C SPD
40 DDG
44 ATK growth
48 DEF growth
4c MAG growth
50 MENT growth
54 SPD growth
58 DDG growth
5C HP growth
60 SP growth
64 ATK level factor
68 DEF level factor
6C MAG level factor
70 MENT level factor
74 SPD level factor
78 DDG level factor
7C HP level factor
80 MP level factor
84 fire resist
88 cold resist
8C wind resist
90 ??? resist
94 dark resist
98 ghost resist
9C poison resist
A0 paralysis resist
A4 silence resist
A8 insta death resist
AC weakening resist |
So if you want to edit/look at hp growth, take your max hp pointer and change the +14 into a +5C.
_________________
DO NOT PM me if you want help on making/fixing/using a hack. |
|
| Back to top |
|
|
joranger
How do I cheat?
![]() Reputation: 0
Joined: 27 Jan 2014
Posts: 3
|
| Posted: Tue Jan 28, 2014 6:16 am Post subject: |
|
|
look like I need to learn a lot
thanks anyway 
|
|
| Back to top |
|
|
Gniarf
Grandmaster Cheater Supreme
![]() Reputation: 43
Joined: 12 Mar 2012
Posts: 1285
|
| Posted: Tue Jan 28, 2014 2:30 pm Post subject: |
|
|
If you have questions go on and ask (well, after googling). I'll keep the trial for a week or so incase I need to refer to it.
_________________
DO NOT PM me if you want help on making/fixing/using a hack. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
