|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
neopetpet How do I cheat? Reputation: 0
Joined: 18 May 2020 Posts: 2 Location: Singapore
|
Posted: Mon May 18, 2020 10:41 am Post subject: Floating value multilevel pointer (PPSSPP) |
|
|
Hi all,
I am facing some issue with multilevel pointer for a psp game that i am running on PPSSPP.
I am currently hacking the number of Mana Potions which is stored under float value type. Am using Cheat Engine 6.8.1.
"Find out what writes to this address" gave me
13E144E9 - F3 0F11 98 00000013 - movss [eax+13000000],xmm3
More information suggested that address is probably 08F5C434. Then i did a 4 bytes hex scan of 08F5C434.
There are 7 addresses with values of 08F5C434. So i added all 7 addresses manually:
Type Float
Pointer
offset 13000000
address number
Then i did a "Find out what accesses to this address" for all 7 addresses but nothing came up. The first level pointer wasn't green in color in cheat engine nor was it the final pointer as the pointer becomes invalid after some actions.
What am i doing wrong here? what can i do ?
Also some questions
1.) for pointers pointing to a float value i am still supposed to find the address on 4 bytes hex search right ?
2.) but then do i convert the value type to float or keep them as 4 bytes once i add them to address list ?
P.s. a noob at pointers so any advice or leads are welcome
|
|
Back to top |
|
|
MichaelLee01 Cheater Reputation: 0
Joined: 07 Apr 2020 Posts: 37
|
Posted: Mon May 18, 2020 2:25 pm Post subject: Re: Floating value multilevel pointer (PPSSPP) |
|
|
neopetpet wrote: | Hi all,
I am facing some issue with multilevel pointer for a psp game that i am running on PPSSPP.
I am currently hacking the number of Mana Potions which is stored under float value type. Am using Cheat Engine 6.8.1.
"Find out what writes to this address" gave me
13E144E9 - F3 0F11 98 00000013 - movss [eax+13000000],xmm3
More information suggested that address is probably 08F5C434. Then i did a 4 bytes hex scan of 08F5C434.
There are 7 addresses with values of 08F5C434. So i added all 7 addresses manually:
Type Float
Pointer
offset 13000000
address number
Then i did a "Find out what accesses to this address" for all 7 addresses but nothing came up. The first level pointer wasn't green in color in cheat engine nor was it the final pointer as the pointer becomes invalid after some actions.
What am i doing wrong here? what can i do ?
Also some questions
1.) for pointers pointing to a float value i am still supposed to find the address on 4 bytes hex search right ?
2.) but then do i convert the value type to float or keep them as 4 bytes once i add them to address list ?
P.s. a noob at pointers so any advice or leads are welcome |
Pointers is used only when other methods don't work.
movss [eax+13000000],xmm3 I see you find the op code for float value.try using auto assemble instead of pointer
Again,if you want to use pointer anyway ,try pointer scan instead.
|
|
Back to top |
|
|
panraven Grandmaster Cheater Reputation: 54
Joined: 01 Oct 2008 Posts: 941
|
Posted: Mon May 18, 2020 5:44 pm Post subject: |
|
|
13E144E9 - F3 0F11 98 00000013 - movss [eax+13000000],xmm3
See the address of this instruction of PPSSPP executable is near 13000000?
PPSSPP is a emulator, I will guess that its exe is overriding os's ASLR so that its executable base is always the same (13000000 here). CE also do that so that it alway base at 400000.
Reiterate my guess, 13000000 may be the executable base (address of PPSSPP.exe+0 <green address>).
Look up a few instructions up how eax is obtained, you may find hint on how the emulated psp memory work.
eg. <fake guess only, I have no ppsspp installed >
-- get the <delete>address</delete>(should be OFFSET from 13000000) of emulated psp work memory base, said, put in EBX
-- some register being masked , eg.
AND EDX,1fffff -- now EDX is bewteen 0-200000, a 2M range
EAX = EBX + EDX, eg lea EAX,[EBX+EDX]
If so, try find the pointer for EBX, lets said it is [..+offset_XX]+offset_YY.
then your float value pointer will be
[[..+offset_XX]+offset_YY]+pspMemory
DISCLAIMER: the above is just speculation and guess, it may not help and may cause confusing.
_________________
- Retarded. |
|
Back to top |
|
|
neopetpet How do I cheat? Reputation: 0
Joined: 18 May 2020 Posts: 2 Location: Singapore
|
Posted: Tue May 19, 2020 6:01 am Post subject: Re: Floating value multilevel pointer (PPSSPP) |
|
|
[quote="MichaelLee01"]
Pointers is used only when other methods don't work.
movss [eax+13000000],xmm3 I see you find the op code for float value.try using auto assemble instead of pointer
Again,if you want to use pointer anyway ,try pointer scan instead.[/quote]
Hey, i just did a quick read on auto assemble, am kind of confused, will the auto assemble script work still if i did an action in game that make my first address (08F5C434) invalid ?
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|