Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Debugger problems
Goto page Previous  1, 2
 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
myrth
Newbie cheater
Reputation: 0

Joined: 14 Jul 2014
Posts: 17

PostPosted: Sun Jul 20, 2014 5:55 am    Post subject: Reply with quote

up Rolling Eyes
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 474

Joined: 09 May 2003
Posts: 25954
Location: The netherlands

PostPosted: Sun Jul 20, 2014 6:29 am    Post subject: Reply with quote

Before wasting too much time on this check if the address of the code is in a module
Easiest is checking the modulename inside the hexview of memoryview

if it's not inside a module but jitted, or in libdvm, then this code belongs to the java vm which requires a different approach, but if it uses it's own native binary (.so) then try learning the thumb instruction set and write a thumb disassembler

_________________
Tools give you results. Knowledge gives you control.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
myrth
Newbie cheater
Reputation: 0

Joined: 14 Jul 2014
Posts: 17

PostPosted: Mon Jul 21, 2014 4:08 pm    Post subject: Reply with quote

Dark Byte wrote:
Before wasting too much time on this check if the address of the code is in a module
Easiest is checking the modulename inside the hexview of memoryview

if it's not inside a module but jitted, or in libdvm, then this code belongs to the java vm which requires a different approach, but if it uses it's own native binary (.so) then try learning the thumb instruction set and write a thumb disassembler

I'm searching in hex viewer for the module but where is it? Cool
I can see Address,bytes ,opcode and comment
sorry for my stupidity
another time thank you
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 474

Joined: 09 May 2003
Posts: 25954
Location: The netherlands

PostPosted: Mon Jul 21, 2014 4:10 pm    Post subject: Reply with quote

Hexview is the bottom part
_________________
Tools give you results. Knowledge gives you control.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
myrth
Newbie cheater
Reputation: 0

Joined: 14 Jul 2014
Posts: 17

PostPosted: Mon Jul 21, 2014 4:47 pm    Post subject: Reply with quote

oh yes sorry but there I can read the address ,execute/read/write ,base address ,size and physical address .
where is the module's name?
please don't hate me , I'm doing my best...
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 474

Joined: 09 May 2003
Posts: 25954
Location: The netherlands

PostPosted: Mon Jul 21, 2014 5:27 pm    Post subject: Reply with quote

If there is no modulename at the address of the code that accesses it (pc register) it's likely jitted code.
This makes things more complex so you may wish to look into recompiling the java classes instead.
You can still find it by doing aobscans or replacing libdvm.so with your own build that is easily debugged, but it's going to be slow and difficult

_________________
Tools give you results. Knowledge gives you control.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
myrth
Newbie cheater
Reputation: 0

Joined: 14 Jul 2014
Posts: 17

PostPosted: Mon Jul 21, 2014 8:12 pm    Post subject: Reply with quote

How can i recompile the java classes?

I noticed that the values ​​"OPCODE" are all the same in all the "ADDRESS", could I use the method of searching for "LEVEL POINTERS"?
As you know, I need any "stable value" to give it to AutoHotkey, any value that does not change over time, so I could tell AutoHotkey to research the "stable value" using Cheatengine every time.

Any way to enable AutoHotkey to understand the value would be fine.
Unfortunately, I also tried with OCR programs but without success.
Any idea is welcome.
Thanks for your patience



clash.jpg
 Description:
 Filesize:  387.62 KB
 Viewed:  10031 Time(s)

clash.jpg


Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 474

Joined: 09 May 2003
Posts: 25954
Location: The netherlands

PostPosted: Tue Jul 22, 2014 2:46 am    Post subject: Reply with quote

No, not that address. The address of the code that accesses (or writes) that address. (The pc register)

The modulename should show after "size="


Anyhow, if the bytes around the address are most of the time the same try an groupscan

_________________
Tools give you results. Knowledge gives you control.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
myrth
Newbie cheater
Reputation: 0

Joined: 14 Jul 2014
Posts: 17

PostPosted: Tue Jul 22, 2014 5:46 am    Post subject: Reply with quote

Mhhh not exactly , they are always the same among themselves but if i restart the game they change.

I try to do it anyway?

what method do you recommend I use to do the scan group?

meanwhile I'm studying everything that I find interesting on the forum...
thank you dark byte
Back to top
View user's profile Send private message
myrth
Newbie cheater
Reputation: 0

Joined: 14 Jul 2014
Posts: 17

PostPosted: Wed Jul 23, 2014 6:47 am    Post subject: Reply with quote

upupup
Back to top
View user's profile Send private message
lampuiho
Expert Cheater
Reputation: 6

Joined: 16 Jan 2010
Posts: 122

PostPosted: Wed Jul 23, 2014 7:52 am    Post subject: Reply with quote

Search Java Disassembler/Decompiler
Back to top
View user's profile Send private message
myrth
Newbie cheater
Reputation: 0

Joined: 14 Jul 2014
Posts: 17

PostPosted: Wed Jul 23, 2014 9:05 pm    Post subject: Reply with quote

lampuiho wrote:
Search Java Disassembler/Decompiler

Ok but are you sure that Ce is useless with this game?

Should I decompile directly the "apk" file with a java decompiler?
and so how can If the correct string?

plase more explain in newbie!
thank you Cool
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 474

Joined: 09 May 2003
Posts: 25954
Location: The netherlands

PostPosted: Thu Jul 24, 2014 3:20 am    Post subject: Reply with quote

First confirm with ce if the code is inside a module belonging to libdvm.so or jitted.(no module) Most games i've seen have the game inside a native library.
Of course, this game even looks like a browsergame so it's possible it's fully dalvik vm

_________________
Tools give you results. Knowledge gives you control.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
myrth
Newbie cheater
Reputation: 0

Joined: 14 Jul 2014
Posts: 17

PostPosted: Sun Jul 27, 2014 4:09 pm    Post subject: Reply with quote

Dark Byte wrote:
First confirm with ce if the code is inside a module belonging to libdvm.so or jitted.(no module) Most games i've seen have the game inside a native library.
Of course, this game even looks like a browsergame so it's possible it's fully dalvik vm

Using hexviewer how can I confir that the code belong to libdvm.so or jitted.?
thank you Rolling Eyes
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Goto page Previous  1, 2
Page 2 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites