| View previous topic :: View next topic |
| Author |
Message |
Dayrion
How do I cheat?
![]() Reputation: 0
Joined: 17 Oct 2020
Posts: 2
|
 Posted: Sat Oct 17, 2020 6:44 pm Post subject: Base game address is wrong |
 |
|
Hello there!
I want to get the base game address programmatically but even if I do the math to get it, it doesn't give me a good result. (I cant post any screenshot so...)
Add address
Pointer GAME.exe+51348C -> 1213A9C8 (automatically resolved by Cheat Engine)
So to get the game base address, we withdraw the offset from the result:
0x1213A9C8 - 0x51348C = 0x11C2753C
But... Cheat Engine doesn't agree with that:
Add address
Pointer GAME.exe -> 00905A4D (automatically resolved by Cheat Engine)
And I aware of you can get the game base address by checking the game module loaded at startup. I did that and the address is totally different:
Memory -> Enumerate DLL's ->
- 00970000 - GAME.exe
--> 00C1C350 - GAME.WinMain
So how do I get the game base address programmatically ?
Why does everything shows a different game base address?
Last edited by Dayrion on Fri Nov 27, 2020 7:02 pm; edited 1 time in total |
|
| Back to top |
|
 |
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Sat Oct 17, 2020 8:26 pm Post subject: |
|
|
| Quote: |
But... Cheat Engine doesn't agree with that:
Add address
Pointer GAME.exe -> 00905A4D (automatically resolved by Cheat Engine)
|
Base addresses are not a pointer, what you are seeing there is the literal value at the GAME.exe's base address, which will be the start of the PE header data.
If you need to get the information programmatically, then you will want to use API such as:
If external: (Toolhelp API)
- CreateToolhelp32Snapshot
- Process32First / Process32Next
- Module32First / Module32Next
If external: (PSAPI)
- EnumProcesses
- EnumProcessModules / EnumProcessModulesEx
If internal, then you can just use GetModuleHandleA/GetModuleHandleW.
There are a ton of other means of getting this information, but those are really only needed if you need to bypass an anti-cheat or find a module that is being hidden by being unlinked from the loader list etc.[/code]
_________________
- Retired. |
|
| Back to top |
|
|
ParkourPenguin
I post too much
 Reputation: 152
Joined: 06 Jul 2014
Posts: 4718
|
| Posted: Sat Oct 17, 2020 11:12 pm Post subject: |
|
|
| Quote: | | GAME.exe+51348C -> 1213A9C8 |
Here, the arrow "->" means the value stored at the address "GAME.exe+51348C" is 1213A9C8.
This does not mean GAME.exe+51348C = 1213A9C8, as you seem to think.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
Dayrion
How do I cheat?
![]() Reputation: 0
Joined: 17 Oct 2020
Posts: 2
|
| Posted: Sun Oct 18, 2020 5:41 am Post subject: |
|
|
| ParkourPenguin wrote: | | Quote: | | GAME.exe+51348C -> 1213A9C8 |
Here, the arrow "->" means the value stored at the address "GAME.exe+51348C" is 1213A9C8.
This does not mean GAME.exe+51348C = 1213A9C8, as you seem to think. |
You right, thanks.
Thanks both for your help.
|
|
| Back to top |
|
|
OldCheatEngineUser
Whateven rank
 Reputation: 20
Joined: 01 Feb 2016
Posts: 1586
|
| Posted: Wed Oct 21, 2020 4:01 pm Post subject: |
|
|
besides that, you can patch PE header to always load GAME.exe at XXXX address; tho dynamically loaded modules are not affected, thus will still load at different address. (unless you go thru all and patch them)
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
| STN wrote: | | i am a sweetheart. |
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
