Cheat Engine

Vanashi · How do I cheat? Reputation: 0 Joined: 30 Jun 2016 Posts: 7

Hey everyone!

I try to scan a quiz and read out the variable, which contains the value for the right answer of the given question.

But i don't know the definition of that variable.

I mean, it could be everything. A number from 1-4 for the 4 answers or just a bunch of numbers or just another value.

How can i find the needed address?

cooleko · Posted: Thu Jun 30, 2016 3:09 pm Post subject:

adds are it isnt known in advance

find the address that holds your answer (select A, initialize scan, Select B, changed, Select C, changed, Select D, changed, Select A, same as initial)

Find out what accesses when you finalize your answer, look for the compare, what it compares to is the right answer, then you can force it to always answer correctly

Vanashi · How do I cheat? Reputation: 0 Joined: 30 Jun 2016 Posts: 7

Hello, thank you for the response!

How can i scan it compared to the initial value?

cooleko · Posted: Fri Jul 01, 2016 1:21 am Post subject:

in the drop down box it says something like compare to original, and then you select unchanged

Vanashi · How do I cheat? Reputation: 0 Joined: 30 Jun 2016 Posts: 7

I just can't find it... i tried multiple times, but there are so many Values.

Even with your method.

I tried to search for Values A,B... and 1-4 and no results, so it must be a different value.

I once found some addresses which were called everytime i gave an answer and got a new question. I replaced the script with one that does nothing and then i could'nt give an answer anymore.

Maybe that was it? But the values of these adresses weren't quite what i was looking for.

cooleko · Posted: Fri Jul 01, 2016 4:50 am Post subject:

Your answer is stored in memory, if you cant find it then you are searching the wrong places.

Turn off fast scan, scan bytes since it can only be 1 of 4 values it could be there, try floats, doubles, etc.

Once you find it, continue with my previous suggestion to find the correct answer.

Vanashi · How do I cheat? Reputation: 0 Joined: 30 Jun 2016 Posts: 7

Okay, i think i got the address. Atleast, it changes to a specific number for each answer. like 184 for A and so on... how do i get the value which is compared to it?

This is what i got till now:

Answ. | Byte | 4 Bytes | Float
A 160 75414688 2.994416886E-36
B 184 75414712 2.994421191E-36
C 208 75414736 2.994425496E-36
D 232 75414760 2.994429801E-36

And these are the accesses:
50B7382B - 8B 03 - mov eax,[ebx]
50AC0421 - 8B 06 - mov eax,[esi]
50AC04A7 - 89 0E - mov [esi],ecx
0579E698 - 8B 90 94000000 - mov edx,[eax+00000094]

cooleko · Posted: Fri Jul 01, 2016 2:11 pm Post subject:

Select an answer, then find out what accesses this address, then in game answer the question and see which adress touch the answer. Hopefully it is just one, if it is the image above, then you need to check out each instruction, one at a time. Simply disassemble each instruction and either break and trace (first two checkboxes enabled) and answer another question, the scan the trace for the compare, or simply scroll down the instructions in the disassembler looking for a compare. The break and trace is easier because it will show you what values are loaded into registers and what vales are accessed in memory. Since you know that

A = 160 or 75414688
B = 184 or 75414712
C = 208 or 75414736
D = 232 or 75414760

Simply look for the cmp byte, or cmp where the register or dereferenced address value match the values you entered and the correct answer.

Vanashi · How do I cheat? Reputation: 0 Joined: 30 Jun 2016 Posts: 7

That would mean, i could just scan for the Byte that matches the answer, but this isn't the case... i think the answer is either encrypted, with scaling some bytes up and down or it will be read just when i answer the question...

Btw do i need to scan every cmp after the command that accessed it?

PS.: I meant, that these values are just one address... it's not like that there is a single address for each answer and this address is accessed by the commands above

PSS.: I can't find the variable for the answer. Even if i scan everytime the answer for a question changes and when it is the same, as when i scanned for the first time. The value for each variable changes btw now the value is A for 76790944 and so on... And if the address was accessed directly by a - cmp, then it would show me this in the access table, or am i wrong?

cooleko · Posted: Sat Jul 02, 2016 5:06 pm Post subject:

Once you found the memory address that houses your answer, the rest should have fallen in your lap already.

Find out what accesses your memory address when you press w/e button finalizes your answer and tells you whether you are correct or not.

One of the instructions that accesses your address will be followed by a compare.

When you find it, you will have your answer (literally the answer to the question, and the answer to where the answer is stored)

for example:

Vanashi · How do I cheat? Reputation: 0 Joined: 30 Jun 2016 Posts: 7

Either i am to stupid or this is very complicated to find... may you help me via teamviewer or try it yourself? Sad

cooleko · Posted: Sun Jul 03, 2016 5:58 am Post subject:

I don't know what game you are playing.

Vanashi · How do I cheat? Reputation: 0 Joined: 30 Jun 2016 Posts: 7

Can you pm me? I can't pm nor post urls yet. I can send it to you then.