Cheat Engine

Rexkh · Newbie cheater Reputation: 0 Joined: 04 Feb 2020 Posts: 18

Hi

readInteger(0x0019EE18)==0x3F800000 It work.
readInteger(ESP+18)==0x3F800000 It doesn't work (ESP+18=0x0019EE18)

It seem that +Offset is not recognized
Do you know the correct syntax?

ParkourPenguin · Posted: Sun Feb 09, 2020 10:12 am Post subject:

Did you mean to write ESP+0x18?

Rexkh · Newbie cheater Reputation: 0 Joined: 04 Feb 2020 Posts: 18

Yes. It's equal to

cmp [esp+18],0019EE18

in script

And I come across another problem. If I write the script as following

cmp ebp,01000001 (01000001 is value, not address) and activate it, 01000001 turn to StateOfDecay.exe+C00001. why?

81 FD 01000001 cmp ebp,StateOfDecay.exe+C00001

Dark Byte · Posted: Sun Feb 09, 2020 10:56 am Post subject:

so you tried this?

Rexkh · Newbie cheater Reputation: 0 Joined: 04 Feb 2020 Posts: 18

How can I tell the compiler that 01000001 is hex number, not an address?

Dark Byte · Posted: Sun Feb 09, 2020 11:13 am Post subject:

there is no difference between a hex number and an address

just click view->show module addresses until the checkbox disappears and it shows all values as hexadecimal

Rexkh · Newbie cheater Reputation: 0 Joined: 04 Feb 2020 Posts: 18

It's so tricky. I have to 0x before 18 to make it works. Dark Byte. You know everything.

By the way, uncheck Show module address is just toggle between Real Address and Base Address plus offset.

The problem is, If address 01000001 = 00005555, it would compare ebp with 00005555 instead of 01000001.

Dark Byte · Posted: Sun Feb 09, 2020 12:13 pm Post subject:

Rexkh · Newbie cheater Reputation: 0 Joined: 04 Feb 2020 Posts: 18

Oh my bad, you are right.

By the way, do you know if it is possible to search for specific opcode.

Ex. add eax,???. search for add of eax register and any register. Plus how many of them in total in the entire code.

Dark Byte · Posted: Sun Feb 09, 2020 12:29 pm Post subject:

search->find assembly code
and then search for