Cheat Engine

lordbeyblade · How do I cheat? Reputation: 0 Joined: 26 Mar 2023 Posts: 4

imgurcom/FEkokkZ

i'm confused,
if i understand correctly this enable section replaces the original code with a jmp and a(?) nop? (how does nop 4 have a parameter)

then how does the debugger still track the addresses incremented by my new instruction at newmem:? (the 4096 on the irght are generated by the mov [rax], 1000

or is the debugger just that smart?

ParkourPenguin · Posted: Sun Mar 26, 2023 7:37 pm Post subject:

`nop N` is a pseudoinstruction that replaces N bytes with nop. (there exist multibyte nop instructions)

It appears that CE disassembles and analyzes the instruction only once when the breakpoint gets set. If it changes (i.e. to a jmp), the "Accessed addresses by XXXX" window won't notice.

lordbeyblade · How do I cheat? Reputation: 0 Joined: 26 Mar 2023 Posts: 4

ParkourPenguin · Posted: Mon Mar 27, 2023 10:14 am Post subject:

CE simply disassembles the instruction at the address you clicked at and checks if it's accessing an address. If CE thinks it is accessing an address, it uses the same expression as the original instruction for address calculation. e.g. looking at what addresses `mov [rax],whatever` accesses entails setting a breakpoint at the address of that instruction and logging the value of rax every time it gets triggered. If the instruction happens to change during that time, CE won't notice- it will still log the value of rax every time the breakpoint triggers regardless.

None of this has anything to do with any of your code in your code injection. CE would've behaved the same if you had replaced the `mov` with `nop`s.
The "value" column simply reads the current value at an address. This is similar to the main CE window.

lordbeyblade · How do I cheat? Reputation: 0 Joined: 26 Mar 2023 Posts: 4

oh i understand what you mean now, thanks