 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
ogpayne
Cheater
 Reputation: 0
Joined: 08 Dec 2014
Posts: 45
|
 Posted: Wed Aug 19, 2015 3:19 pm Post subject: How to find points that are adding to overall score |
 |
|
| Hey guys I'm coming to you today with a simple question, I need help with how to find the points that are being added to my score in Solitaire. I'm using cheat engine to do this but I feel like I should be using olly or some reversing tool because the methods I'm using in cheat engine only point me to the SCORE and not the points that are being added. I've never tried to find an address like this I've only tried to find addresses before like overall score, health, ammo, player position etc etc so I'm not sure how I should go about finding this address and I just need a little help. I'm wanting to make just a practice write process memory hack. So what I'm wanting to do is instead of it giving me 50 points when I score, I want to change it to give me 9999 or something like that. I know I could simply change the overall score but I'm doing this for education purposes hoping it could be translated to other things.
|
|
| Back to top |
|
 |
deama1234
Master Cheater
![]() Reputation: 3
Joined: 20 Dec 2014
Posts: 328
|
| Posted: Wed Aug 19, 2015 3:25 pm Post subject: |
|
|
Find overal score; then see what writes to it.
It'll either be something like "mov [eax+4],ecx" or "add [eax+4],ecx"; hopefully at least lol.
The next step is to just change the opcodes a bit. Like:
| Code: | | mov [eax+4],FFFF //or whatever you want |
or
|
|
| Back to top |
|
|
ogpayne
Cheater
Reputation: 0
Joined: 08 Dec 2014
Posts: 45
|
| Posted: Wed Aug 19, 2015 3:49 pm Post subject: |
|
|
| deama1234 wrote: | Find overal score; then see what writes to it.
It'll either be something like "mov [eax+4],ecx" or "add [eax+4],ecx"; hopefully at least lol.
The next step is to just change the opcodes a bit. Like:
| Code: | | mov [eax+4],FFFF //or whatever you want |
or
|
Okay so what I have done, found base address for score, done "Find out what writes the address pointed at by this pointer", found my address its; "mov [rcx+000000B0], edi" open it in the disassembler and then do "Assemble" then I change the code to "mov [rcx+000000B0, FFF] but this crashes the game, i feel like I'm off track but close to what I should be doing.
|
|
| Back to top |
|
|
Rydian
Grandmaster Cheater Supreme
 Reputation: 31
Joined: 17 Sep 2012
Posts: 1358
|
| Posted: Wed Aug 19, 2015 4:05 pm Post subject: |
|
|
The [] isn't to enclose arguments for a function (it's to change the state from "this value" to "the value at this location"), you should leave those around the rcx+whatever.
mov [rcx+000000B0], FFF
Will set your score to FFF each time instead of adding FFF to it, 'cause you're telling it to, instead of moving the result (which is in EDI at that time) into your score, to move the static value.
If you want to change the addition, scroll up a line or two and find the add and change that.
_________________
|
|
| Back to top |
|
|
ogpayne
Cheater
Reputation: 0
Joined: 08 Dec 2014
Posts: 45
|
| Posted: Wed Aug 19, 2015 4:14 pm Post subject: |
|
|
| Rydian wrote: | The [] isn't to enclose arguments for a function (it's to change the state from "this value" to "the value at this location"), you should leave those around the rcx+whatever.
mov [rcx+000000B0], FFF
Will set your score to FFF each time instead of adding FFF to it, 'cause you're telling it to, instead of moving the result (which is in EDI at that time) into your score, to move the static value.
If you want to change the addition, scroll up a line or two and find the add and change that. |
Hmm, there doesn't seem to be an add for about 40 lines so I'm assuming that has nothing to do with it and when I changed it, nothing happened. There is a sub about lines about though but this is adding not subbing so im not sure what that could be... is there any other way I could find out how this is adding to the score? Sorry I'm kind of a noob in all of this reversing/debugging stuff. thanks!!
|
|
| Back to top |
|
|
deama1234
Master Cheater
![]() Reputation: 3
Joined: 20 Dec 2014
Posts: 328
|
| Posted: Wed Aug 19, 2015 4:47 pm Post subject: |
|
|
| ogpayne wrote: | | "Find out what writes the address pointed at by this pointer" |
You sure you got the right address?
|
|
| Back to top |
|
|
Rydian
Grandmaster Cheater Supreme
Reputation: 31
Joined: 17 Sep 2012
Posts: 1358
|
| Posted: Wed Aug 19, 2015 4:52 pm Post subject: |
|
|
Yeah always make sure it's the right address by changing it and making sure the ACTUAL value changes in-game because finding the display value instead is a common mistake.
Then find what writes to it, and see what appears (or gets an increased count) when the score increases.
_________________
|
|
| Back to top |
|
|
deama1234
Master Cheater
![]() Reputation: 3
Joined: 20 Dec 2014
Posts: 328
|
| Posted: Wed Aug 19, 2015 5:02 pm Post subject: |
|
|
| Well, I just played around with it; seems like it does it in a weird way. I'd say just go on the cheat engine tutorial and play with that instead, or maybe that pinball game; solitaire is weird.
|
|
| Back to top |
|
|
ogpayne
Cheater
Reputation: 0
Joined: 08 Dec 2014
Posts: 45
|
| Posted: Wed Aug 19, 2015 6:39 pm Post subject: |
|
|
| Rydian wrote: | Yeah always make sure it's the right address by changing it and making sure the ACTUAL value changes in-game because finding the display value instead is a common mistake.
Then find what writes to it, and see what appears (or gets an increased count) when the score increases. |
Wow such a rookie mistake!! The address I had was the image not the actual score, but now that I've found the real address on the 2nd pointer there is 329 results; all with the same value.. What should I do to narrow these down? This program seems to actually be very complex..
| deama1234 wrote: | | Well, I just played around with it; seems like it does it in a weird way. I'd say just go on the cheat engine tutorial and play with that instead, or maybe that pinball game; solitaire is weird. |
Yeah like I said solitaire seems a bit complex, I am on the W10 version though.. But I've already beaten the CE tutorial, except for the final part, don't know assembly that well yet for that one.. I'm trying to branch out into the debugging and reversing scene now that I finally know C++ so I can make my own hacks, but this is troubling me a little more than learning C++ but mainly because I don't have anyone to straightforwardly teach me reversing games like I did for learning C++.
|
|
| Back to top |
|
|
deama1234
Master Cheater
![]() Reputation: 3
Joined: 20 Dec 2014
Posts: 328
|
| Posted: Wed Aug 19, 2015 7:56 pm Post subject: |
|
|
| ogpayne wrote: | | Rydian wrote: | Yeah always make sure it's the right address by changing it and making sure the ACTUAL value changes in-game because finding the display value instead is a common mistake.
Then find what writes to it, and see what appears (or gets an increased count) when the score increases. |
Wow such a rookie mistake!! The address I had was the image not the actual score, but now that I've found the real address on the 2nd pointer there is 329 results; all with the same value.. What should I do to narrow these down? This program seems to actually be very complex..
| deama1234 wrote: | | Well, I just played around with it; seems like it does it in a weird way. I'd say just go on the cheat engine tutorial and play with that instead, or maybe that pinball game; solitaire is weird. |
Yeah like I said solitaire seems a bit complex, I am on the W10 version though.. But I've already beaten the CE tutorial, except for the final part, don't know assembly that well yet for that one.. I'm trying to branch out into the debugging and reversing scene now that I finally know C++ so I can make my own hacks, but this is troubling me a little more than learning C++ but mainly because I don't have anyone to straightforwardly teach me reversing games like I did for learning C++. |
Pointers? All you do is find the address and see what assembly insctructions modify it; your not supposed to trace it down to the pointer and then see what writes to it.
You don't really need to know any C++; I barely know any and I've done some complex hacks (imo).
I think at this point you need to watch videos and read tutorials.
Here's an in-depth tutorial, don't expect to understand it all in one read through though. http://forum.cheatengine.org/viewtopic.php?t=95363
Here's a video Rydian made, though you should read the tutorial up above first to explain to you what the heck is going on. https://www.youtube.com/watch?v=tHG3Fp-wKss
|
|
| Back to top |
|
|
ogpayne
Cheater
Reputation: 0
Joined: 08 Dec 2014
Posts: 45
|
| Posted: Wed Aug 19, 2015 8:34 pm Post subject: |
|
|
| deama1234 wrote: | | ogpayne wrote: | | Rydian wrote: | Yeah always make sure it's the right address by changing it and making sure the ACTUAL value changes in-game because finding the display value instead is a common mistake.
Then find what writes to it, and see what appears (or gets an increased count) when the score increases. |
Wow such a rookie mistake!! The address I had was the image not the actual score, but now that I've found the real address on the 2nd pointer there is 329 results; all with the same value.. What should I do to narrow these down? This program seems to actually be very complex..
| deama1234 wrote: | | Well, I just played around with it; seems like it does it in a weird way. I'd say just go on the cheat engine tutorial and play with that instead, or maybe that pinball game; solitaire is weird. |
Yeah like I said solitaire seems a bit complex, I am on the W10 version though.. But I've already beaten the CE tutorial, except for the final part, don't know assembly that well yet for that one.. I'm trying to branch out into the debugging and reversing scene now that I finally know C++ so I can make my own hacks, but this is troubling me a little more than learning C++ but mainly because I don't have anyone to straightforwardly teach me reversing games like I did for learning C++. |
Pointers? All you do is find the address and see what assembly insctructions modify it; your not supposed to trace it down to the pointer and then see what writes to it.
You don't really need to know any C++; I barely know any and I've done some complex hacks (imo).
I think at this point you need to watch videos and read tutorials.
Here's an in-depth tutorial, don't expect to understand it all in one read through though.
Here's a video Rydian made, though you should read the tutorial up above first to explain to you what the heck is going on. |
I think you misunderstood or maybe I'm misunderstanding.. I do know how to find pointers but it seems solitaire is being difficult.. I'll try to explain what I mean. I've followed the cheat engine tutorial and found many base addresses before so I have a grasp on how to find pointers. But I've made it to the second level of pointers in solitaire and when I search for what's pointing to those addresses I find about 300+ addresses, the thing is with all of these addresses when I do "add address manually" they all point to the score so I believe they are pointing the right way, BUT when I try to find out what accesses those of the 300+ addresses, nothing comes up in the debugger but sometimes random garbage that isn't needed.. I've only tried about 20+ addresses so I can't so this about all of them but I really don't see myself going through 300+ addresses. I feel like there's an easier way or I'm doing something wrong... I hope you understand my issue. Thank you very much!
|
|
| Back to top |
|
|
Rydian
Grandmaster Cheater Supreme
Reputation: 31
Joined: 17 Sep 2012
Posts: 1358
|
| Posted: Wed Aug 19, 2015 10:22 pm Post subject: |
|
|
No no no don't look for pointers, that's not it.
Go back to the first game and find the real address.
Then, still completely ignoring pointers, right-click it, find what writes, etc.
_________________
|
|
| Back to top |
|
|
deama1234
Master Cheater
![]() Reputation: 3
Joined: 20 Dec 2014
Posts: 328
|
| Posted: Thu Aug 20, 2015 7:57 am Post subject: |
|
|
| ogpayne wrote: |
I think you misunderstood or maybe I'm misunderstanding.. I do know how to find pointers but it seems solitaire is being difficult.. I'll try to explain what I mean. I've followed the cheat engine tutorial and found many base addresses before so I have a grasp on how to find pointers. But I've made it to the second level of pointers in solitaire and when I search for what's pointing to those addresses I find about 300+ addresses, the thing is with all of these addresses when I do "add address manually" they all point to the score so I believe they are pointing the right way, BUT when I try to find out what accesses those of the 300+ addresses, nothing comes up in the debugger but sometimes random garbage that isn't needed.. I've only tried about 20+ addresses so I can't so this about all of them but I really don't see myself going through 300+ addresses. I feel like there's an easier way or I'm doing something wrong... I hope you understand my issue. Thank you very much! |
Pointers are outdated; scripts are the new iPhones now.
|
|
| Back to top |
|
|
ogpayne
Cheater
Reputation: 0
Joined: 08 Dec 2014
Posts: 45
|
| Posted: Thu Aug 20, 2015 8:40 am Post subject: |
|
|
| Rydian wrote: | No no no don't look for pointers, that's not it.
Go back to the first game and find the real address.
Then, still completely ignoring pointers, right-click it, find what writes, etc. |
| deama1234 wrote: | | Pointers are outdated; scripts are the new iPhones now. |
Ah okay this makes much more sense now, you're very helpful Rydian and deama1234. I was originally trying to find the base address then write something in visual basic to make my score multiply by double or triple what it originally should be when I score. But it looks like it actually would be easier to just write a script for that in cheat engine, but I do have one question. I'm used to making a .dll or something to modify memory which works undetected usually in online games, scripting in cheat engine would not be undetected would it? What could I do in that situation?
And also if you don't mind, this asm is confusing me a bit, I'll attach a picture and see if you can help explain it to me a bit. I found out what was writing to the "correct" score, and when I NOP this code my score doesn't increase, so I'm getting close!!  I've just been trying to understand this asm. Thanks you guys you've been more help than I've ever gotten on any forum!!
The highlighted code is the one that is related to the score.
( I would've just posted in [img] format but I can't post URLs yet. )
| Description: |
|
| Filesize: |
53.4 KB |
| Viewed: |
6350 Time(s) |
|
|
|
| Back to top |
|
|
deama1234
Master Cheater
![]() Reputation: 3
Joined: 20 Dec 2014
Posts: 328
|
| Posted: Thu Aug 20, 2015 9:20 am Post subject: |
|
|
So you just wanna multiply it by 2 or 3?
Let's see, since it's a "mov" and not an "add" that makes it more annoying; and you can't find an "add" anywhere nearby it seems; so I guess you can just make a fomular.
| Code: | push eax
mov eax,r15d
sub eax,[rbx+00F8]
add r15d,eax
pop eax
mov [rbx+00F8],r15d
|
This will multiply the result by 2.
Uhh, you know how to create a script template right?
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
