Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Pointer scan confusion

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials -> Pointer tutorials
View previous topic :: View next topic  
Author Message
NuraIzuto
How do I cheat?
Reputation: 0

Joined: 28 Oct 2018
Posts: 3

PostPosted: Mon Oct 29, 2018 12:52 am    Post subject: Pointer scan confusion Reply with quote

This is my first time trying out a multi level pointer scan on a game before.
Anyway this is what came up

260D83E1 - 8B 7D CC - mov edi,[ebp-34]
260D83E4 - 8B 4C B8 0F - mov ecx,[eax+edi*4+0F]
260D83E8 - 8B 44 B8 0B - mov eax,[eax+edi*4+0B] <<
260D83EC - D1 F9 - sar ecx,1
260D83EE - F6 C1 01 - test cl,01

EAX=53F8ADB5
EBX=5EF524D9
ECX=00002D80
EDX=0000004A
ESI=5EF524D9
EDI=0000004A
ESP=0019E78C
EBP=0019E7CC
EIP=260D83EC

I'm not too sure what to do from here,
The offset is probably 133, maybe? Not sure if I'm on the right track.
And I don't know what to point it to considering the EAX is the same address the previous pointer pointed to. (Or I'm using that address as a pointer, I still don't get that part that much).

Anyway it's the same address I used in the previous level of the pointer I've gotten. I can't explain it very well, I can't post images yet.
Back to top
View user's profile Send private message
OldCheatEngineUser
Whateven rank
Reputation: 18

Joined: 01 Feb 2016
Posts: 1547

PostPosted: Mon Oct 29, 2018 2:18 am    Post subject: Reply with quote

search for eax+b which is 53F8ADB5+B = 53F8ADC0, then add 128 as an offset.
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
STN wrote:
i am a sweetheart.
Back to top
View user's profile Send private message Visit poster's website
Dark Byte
Site Admin
Reputation: 383

Joined: 09 May 2003
Posts: 22908
Location: The netherlands

PostPosted: Mon Oct 29, 2018 2:54 am    Post subject: Reply with quote

remember that the register state is shown AFTER thebinstruction has been executed, so eax can not be used

but you know that eax+edi*4+0B=x (the address you used find what accesses on)

so eax=x-edi*4+0b

also, edi is quite high so this may not be a very useful path to go (anything above 10 is high) so see if you can find a different path.

also, is this a webbrowser game? because pointers won't work in those

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
NuraIzuto
How do I cheat?
Reputation: 0

Joined: 28 Oct 2018
Posts: 3

PostPosted: Mon Oct 29, 2018 3:05 am    Post subject: Reply with quote

Dark Byte wrote:
also, is this a webbrowser game? because pointers won't work in those


Oh no it's not a browser game, I'll just assume that if the pointers don't work at all in this game, then I wouldn't be able to get to level 2 pointer.
Back to top
View user's profile Send private message
OldCheatEngineUser
Whateven rank
Reputation: 18

Joined: 01 Feb 2016
Posts: 1547

PostPosted: Mon Oct 29, 2018 4:23 am    Post subject: Reply with quote

thanks db for the note, so he must place a break point on previous instruction.
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
STN wrote:
i am a sweetheart.
Back to top
View user's profile Send private message Visit poster's website
Dark Byte
Site Admin
Reputation: 383

Joined: 09 May 2003
Posts: 22908
Location: The netherlands

PostPosted: Mon Oct 29, 2018 8:18 am    Post subject: Reply with quote

OldCheatEngineUser wrote:
thanks db for the note, so he must place a break point on previous instruction.

Or just use basic math

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
NuraIzuto
How do I cheat?
Reputation: 0

Joined: 28 Oct 2018
Posts: 3

PostPosted: Mon Oct 29, 2018 8:39 am    Post subject: Reply with quote

I'm still lost on this one. while I did found an address, using the equation provided by DarkByte

eax=x-edi*4+0b

It's not by using the 'find out what accesses this address' address, since that didn't work, it's by using the address of the 2nd level pointer I had. And also I have no idea what I am doing, I just searched the eax results from the calculation and just happened to find one address.

I also don't know what offset to use, which is a problem considering I can't confirm the address I got is the one I want or not.
I have used

EDI*4
+0B
EDI*4+0B

Dark Byte wrote:
also, edi is quite high so this may not be a very useful path to go (anything above 10 is high) so see if you can find a different path.


I think it's the only thing that works considering that the ones I've been working on are the only ones that have an offset. The others have either just [edi] [eax] or something like that with no offset.
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 383

Joined: 09 May 2003
Posts: 22908
Location: The netherlands

PostPosted: Mon Oct 29, 2018 8:46 am    Post subject: Reply with quote

An offset of 0 might be better than a variable offset inside an dynamic allocated array which can change depending on hickups on different cpu threads and harddisk speed

Also, an offset of 0 is no different than an offset of 220

Do keep in mind that the VALUE is not the same as an ADDRESS, so if you have ADDRESS 53F8ADB5 and offset 0, then the VALUE to get to that address is 53F8ADB5-0=53F8ADB5

So then you do a scan for the VALUE 53F8ADB5

Though 53F8ADB5 is a weird address and unaligned, so i'd go for 53F8ADB0 or 53F8AD00 and adjust the offset manually (first case offset 5, second case offset b5)

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials -> Pointer tutorials All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites