Cheat Engine

[LastExceed]

I know what they do and how to find them, but how do they work?

I am currently thinking that they work like this:
"Cube.exe"+003691C8 (example)
- first of all the process name so it knows where to start in the memory (cube.exe in this case)
- right behind some hex idk what it does (+003691C8 in this case)
- then the offsets which determine how many bits go to ahead from this point to find the specific address

Is this correct or did I understand that wrong?
In case it's correct, what's the purpose of multiple offsets?
In case I'm wrong, how do they work?
also what are those hex numbers behind the process name?

I found tons of threads and tutorials explaining what pointers are and how to find them, but none that explains how they work...

[Zanzer]

"Cube.exe" is the base address of the game, as you said.
003691C8 is a hex value added on to the base game address.
The total gives you another memory address containing some value.
That value happens to be another game address, usually a structure of some sort.
The next offset is added to that value to take you to a corresponding variable within that structure.
That variable could be yet another game address which is added to yet another offset.

[LastExceed]

[Zanzer]

That is correct.

[[Cube.exe+003691C8]+64]+8
Base address of Cube.exe plus 0x003691C8 = Address 1
Value at Address 1 plus 0x64 = Address 2
Value at Address 2 plus 0x8 = Address 3

[LastExceed]

[Zanzer]

You can add any number to the base game address and reach your current address.
However, if that's not an actual game structure, it's not going to find the correct address when you restart the game.

Using my previous numbers as an example:
Cube.exe+003691C8 may point to a game structure for the HUD.
Part of that structure, at offset 64, is the address to the player structure.
Then inside that structure, at offset 8, is the player's current health address.

[Dark Byte]

[gameplayer]

One of the most important problems the game must care about is the memory management. The game will allocate some memory to run and part of it is used for non-gaming purposes. Even the memory which is used for gaming purposes usually can't be allocated consecutively, i.e the game has several separated memory areas physically. So the programmers need to mark all dynamic allocated memory areas by the pointers. The memory is used for may purposes, so it must be divided into many parts. For example, some of them may be used for background settings, game settings, calculations, data storage. In addition, the game commonly has a complex system of units. Each unit may be constructed by one big structure. However, some information of that unit possibly changes during game play. Therefore, the game dynamically allocates the new memory area for each of the units. Since the many memory areas can not be followed the desirable order, many offsets must be used to link many addresses that seem to be unrelated.
P.S: I can't explain more details because of my bad English.

[LastExceed]