Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Floating value multilevel pointer (PPSSPP)

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
neopetpet
How do I cheat?
Reputation: 0

Joined: 18 May 2020
Posts: 2
Location: Singapore

PostPosted: Mon May 18, 2020 10:41 am    Post subject: Floating value multilevel pointer (PPSSPP) Reply with quote

Hi all,

I am facing some issue with multilevel pointer for a psp game that i am running on PPSSPP.
I am currently hacking the number of Mana Potions which is stored under float value type. Am using Cheat Engine 6.8.1.

"Find out what writes to this address" gave me

13E144E9 - F3 0F11 98 00000013 - movss [eax+13000000],xmm3

More information suggested that address is probably 08F5C434. Then i did a 4 bytes hex scan of 08F5C434.
There are 7 addresses with values of 08F5C434. So i added all 7 addresses manually:

Type Float
Pointer
offset 13000000
address number

Then i did a "Find out what accesses to this address" for all 7 addresses but nothing came up. The first level pointer wasn't green in color in cheat engine nor was it the final pointer as the pointer becomes invalid after some actions.

What am i doing wrong here? what can i do ?

Also some questions
1.) for pointers pointing to a float value i am still supposed to find the address on 4 bytes hex search right ?
2.) but then do i convert the value type to float or keep them as 4 bytes once i add them to address list ?

P.s. a noob at pointers so any advice or leads are welcome Smile
Back to top
View user's profile Send private message
MichaelLee01
Cheater
Reputation: 0

Joined: 07 Apr 2020
Posts: 37

PostPosted: Mon May 18, 2020 2:25 pm    Post subject: Re: Floating value multilevel pointer (PPSSPP) Reply with quote

neopetpet wrote:
Hi all,

I am facing some issue with multilevel pointer for a psp game that i am running on PPSSPP.
I am currently hacking the number of Mana Potions which is stored under float value type. Am using Cheat Engine 6.8.1.

"Find out what writes to this address" gave me

13E144E9 - F3 0F11 98 00000013 - movss [eax+13000000],xmm3

More information suggested that address is probably 08F5C434. Then i did a 4 bytes hex scan of 08F5C434.
There are 7 addresses with values of 08F5C434. So i added all 7 addresses manually:

Type Float
Pointer
offset 13000000
address number

Then i did a "Find out what accesses to this address" for all 7 addresses but nothing came up. The first level pointer wasn't green in color in cheat engine nor was it the final pointer as the pointer becomes invalid after some actions.

What am i doing wrong here? what can i do ?

Also some questions
1.) for pointers pointing to a float value i am still supposed to find the address on 4 bytes hex search right ?
2.) but then do i convert the value type to float or keep them as 4 bytes once i add them to address list ?

P.s. a noob at pointers so any advice or leads are welcome Smile



Pointers is used only when other methods don't work.
movss [eax+13000000],xmm3 I see you find the op code for float value.try using auto assemble instead of pointer


Again,if you want to use pointer anyway ,try pointer scan instead.
Back to top
View user's profile Send private message
panraven
Grandmaster Cheater
Reputation: 54

Joined: 01 Oct 2008
Posts: 941

PostPosted: Mon May 18, 2020 5:44 pm    Post subject: Reply with quote

13E144E9 - F3 0F11 98 00000013 - movss [eax+13000000],xmm3

See the address of this instruction of PPSSPP executable is near 13000000?

PPSSPP is a emulator, I will guess that its exe is overriding os's ASLR so that its executable base is always the same (13000000 here). CE also do that so that it alway base at 400000.

Reiterate my guess, 13000000 may be the executable base (address of PPSSPP.exe+0 <green address>).
Look up a few instructions up how eax is obtained, you may find hint on how the emulated psp memory work.
eg. <fake guess only, I have no ppsspp installed >
-- get the <delete>address</delete>(should be OFFSET from 13000000) of emulated psp work memory base, said, put in EBX
-- some register being masked , eg.
AND EDX,1fffff -- now EDX is bewteen 0-200000, a 2M range
EAX = EBX + EDX, eg lea EAX,[EBX+EDX]

If so, try find the pointer for EBX, lets said it is [..+offset_XX]+offset_YY.
then your float value pointer will be
[[..+offset_XX]+offset_YY]+pspMemory

DISCLAIMER: the above is just speculation and guess, it may not help and may cause confusing.

_________________
- Retarded.
Back to top
View user's profile Send private message
neopetpet
How do I cheat?
Reputation: 0

Joined: 18 May 2020
Posts: 2
Location: Singapore

PostPosted: Tue May 19, 2020 6:01 am    Post subject: Re: Floating value multilevel pointer (PPSSPP) Reply with quote

[quote="MichaelLee01"]

Pointers is used only when other methods don't work.
movss [eax+13000000],xmm3 I see you find the op code for float value.try using auto assemble instead of pointer


Again,if you want to use pointer anyway ,try pointer scan instead.[/quote]

Hey, i just did a quick read on auto assemble, am kind of confused, will the auto assemble script work still if i did an action in game that make my first address (08F5C434) invalid ?
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites