| View previous topic :: View next topic |
| Author |
Message |
ChrisLearnsCE
How do I cheat?
![]() Reputation: 0
Joined: 13 Jun 2021
Posts: 9
|
 Posted: Sun Jun 13, 2021 11:35 pm Post subject: mov value not same as in register |
 |
|
I'm new to CE and this kinda thing in general, and I'm trying to find the source of what modifies a value.
currently what I have found is this single instruction that accesses my variable:
The value of the Address is 83, but EDX shows 53 in the debugger. How does this work? I'm kinda confused.
EDIT: added a screenshot of what I got.
| Description: |
| Address value is 83, but EDX is 53. |
|
| Filesize: |
22.71 KB |
| Viewed: |
990 Time(s) |
|
|
|
| Back to top |
|
 |
ParkourPenguin
I post too much
 Reputation: 140
Joined: 06 Jul 2014
Posts: 4300
|
| Posted: Sun Jun 13, 2021 11:52 pm Post subject: |
|
|
Decimal vs hexadecimal. 83 == 0x53
Right click the memory record and set "show as hex" if you want.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
ChrisLearnsCE
How do I cheat?
![]() Reputation: 0
Joined: 13 Jun 2021
Posts: 9
|
| Posted: Mon Jun 14, 2021 12:19 am Post subject: |
|
|
oh geez, I'm an idiot. How did I not realize that?
The issue now is I don't know how to disrupt the code and change the value, since I can't seem to find where EDX gets set. I've checked the code in the memory viewer but the only other time I saw it the values don't make sense.
Locking the value doesn't help, it doesn't change in-game. I can't trace the source of where the value comes from, so what do I do?
|
|
| Back to top |
|
|
ParkourPenguin
I post too much
Reputation: 140
Joined: 06 Jul 2014
Posts: 4300
|
| Posted: Mon Jun 14, 2021 12:41 am Post subject: |
|
|
edx can be a parameter under some x86 fastcall calling conventions, maybe you didn't scroll up far enough, instructions like imul (opcode F7) exist, etc.
If changing the value doesn't work, changing the code writing a new value probably won't work either.
It might be computed from other values. e.g. floor/ceil/round of a float/double, conglomerate result of constituent parts, etc. Try unknown initial value and changed/unchanged scans.
If you need an internet connection to play the game, you should give up: the value you want to change probably isn't stored on your computer.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
ChrisLearnsCE
How do I cheat?
![]() Reputation: 0
Joined: 13 Jun 2021
Posts: 9
|
| Posted: Mon Jun 14, 2021 2:04 am Post subject: |
|
|
| Quote: | | If you need an internet connection to play the game, you should give up: the value you want to change probably isn't stored on your computer. |
I know about this one, don't worry. The game is actually just quite good at disguising it's variables from what I've heard.
| Quote: | | It might be computed from other values. e.g. floor/ceil/round of a float/double, conglomerate result of constituent parts, etc. Try unknown initial value and changed/unchanged scans. |
Already tried many different scan types, no dice.
| Quote: | | edx can be a parameter under some x86 fastcall calling conventions, maybe you didn't scroll up far enough, instructions like imul (opcode F7) exist, etc. |
I found one time where EDX gets set, but the value that gets written is
| Description: |
| or maybe I'm just missing something... |
|
| Filesize: |
46.38 KB |
| Viewed: |
961 Time(s) |
|
|
|
| Back to top |
|
|
ParkourPenguin
I post too much
Reputation: 140
Joined: 06 Jul 2014
Posts: 4300
|
| Posted: Mon Jun 14, 2021 1:50 pm Post subject: |
|
|
Increase the column size a bit- you can't fully see some instructions.
edx comes from "lea edx,[eax+01]".
eax gets set to 0 with "xor eax,eax" then gets incremented in a loop every time esi is greater than or equal to each element in an array of integers.
Look into that array as well as where esi comes from. At first glance the 3 instructions at the top (starting at "mov eax,CCCCCCCD...") look like an optimized integer division operation using fixed point arithmetic.
You can set a breakpoint and step over code to see what it does.
| Quote: | | Already tried many different scan types, no dice. |
Nothing else? You should've found the integer before the one you're checking (DR2_us.exe+3862B4). It looks like it's always one less than the value you have now.
Just because a value isn't exactly equal to the one you're trying to find doesn't mean it isn't useful. Unknown initial value and changed/unchanged scans can be used to find such values.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
ChrisLearnsCE
How do I cheat?
![]() Reputation: 0
Joined: 13 Jun 2021
Posts: 9
|
| Posted: Tue Jun 15, 2021 6:55 am Post subject: |
|
|
| Quote: | Nothing else? You should've found the integer before the one you're checking (DR2_us.exe+3862B4). It looks like it's always one less than the value you have now.
Just because a value isn't exactly equal to the one you're trying to find doesn't mean it isn't useful. Unknown initial value and changed/unchanged scans can be used to find such values. |
I did find 2 values, yes, the one that you mention here. But it's not one value less, it's the exact same as the other one. When analysing what accesses that variable, I only get one completely unrelated access somehow. I got a feeling I'm doing something very wrong and jumping into a deep end without knowing what I'm doing...
Thanks for putting up with my idiocy so far btw.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
