Cheat Engine

nemesis9 · How do I cheat? Reputation: 0 Joined: 23 Sep 2022 Posts: 9

How to extract the address that accessing the opcode using auto assemble?
I have the opcode that are accessed by playerAltitude address that I want to extract to cheat table.

The opcode goes like :
mov [ebx+0000011C],eax

The aob for that opcode is :
89 83 1C 01 00 00

The address that I want to extract is :
2455E7BC (as in the attached pic)

I already tried the code :

ParkourPenguin · Posted: Thu Aug 24, 2023 10:07 am Post subject:

That code is accessing two different addresses, which is very unfortunate. See step 9 of the CE tutorial. If you can find a different injection point that doesn't access multiple addresses, use that.

You should use an AA template for your code injection. Don't modify parts of the AA template that you don't understand.
In that script you posted, the amount of `nop`s at the injection point is wrong.
I think you're using the first `readmem` to execute the original code. Don't do that- just keep what the template wrote. If you're in some situation where that's impossible, use `reassemble(address)` instead of `readmem(address, count)`.
The second `readmem` is evaluated when the script is assembled and not when the code is run. Use basic instructions like `mov` to move data at runtime.

nemesis9 · How do I cheat? Reputation: 0 Joined: 23 Sep 2022 Posts: 9

Thank you for the response and reference.

I managed to get the ebx assigned as pAltitude, the pAltitude address is close to what I wanted.
The Pointer pAltitude in cheat table is pointing to npc altitude address instead of my player altitude in Address I wanted.

Since it's shared opcode, how do I find the offset of which one is my player address.
And how do I insert the offset in (Change Address) if I found the offset.