| View previous topic :: View next topic |
| Author |
Message |
neur0tox1n
How do I cheat?
![]() Reputation: 0
Joined: 16 Oct 2024
Posts: 4
|
 Posted: Wed Oct 16, 2024 3:09 am Post subject: making a healthbar mod, stuck on obtaining data from memory |
 |
|
I'm trying to make a dll that injects into the game Titan Quest to draw health bars over entities. so far I've got imgui working and drawing health bars over my main character in the centre of the screen, but I'm lost on how to read data in C++ from a specific location in memory.
speaking of which, I have a cheat table for the game that has a godmode script. I see some address of esi+1C but I'm not sure how to interpret that into a form used in C++, probably hexadecimal? also not sure what code I would be using to read that data from that location, I'm assuming some kind of pointer stuff but not confident. any help would be greatly appreciated!
|
|
| Back to top |
|
 |
neur0tox1n
How do I cheat?
![]() Reputation: 0
Joined: 16 Oct 2024
Posts: 4
|
| Posted: Thu Oct 17, 2024 12:40 am Post subject: |
|
|
I think what I need is the knowledge of converting this pointerscan result into c++ code.
| Code: | #define BASEPLAYERHP 0x00A567C
#define OFFSET 0x0000BE0
DWORD* BaseAddress = (DWORD*)GetModuleHandle("TQ.exe");
DWORD* address = (DWORD*)((char*)BaseAddress + BASEPLAYERHP);
address = (DWORD*)((char*)*address + OFFSET);
int currentHP = *(int*)address; |
something like this? doesn't work but I'll keep tinkering
| Description: |
|
| Filesize: |
23.28 KB |
| Viewed: |
3162 Time(s) |
|
|
|
| Back to top |
|
|
ParkourPenguin
I post too much
 Reputation: 152
Joined: 06 Jul 2014
Posts: 4695
|
|
| Back to top |
|
|
neur0tox1n
How do I cheat?
![]() Reputation: 0
Joined: 16 Oct 2024
Posts: 4
|
| Posted: Thu Oct 17, 2024 2:53 am Post subject: |
|
|
I believe the application I'm working with is 32bit so I have it in x86 mode in my c++
and forgive me, I'm not the best at pointer mathematics.
| ParkourPenguin wrote: | `[address1 + offset] -> address2` means "the value of the pointer at the address `address1 + offset` is equal to `address2`"
Don't just add a bunch of offsets to each other. You have to dereference addresses as you traverse the pointer path. |
so if I understand the context of the op, they are adding up the different offsets like 238 68 18, just straight up, and that is giving them the wrong address.
so given this address view, does this mean I should now dereference and connect to a final pointer position from ("TQ.exe"+002B1F0C + A90) + C7C? and that will give me the address of the variable in memory?
| Code: | HandleOf("TQ.exe") returns an address; T
then add 0x02B1F0C to that address; T+0x02B1F0C
then add 0x0000A90 to that address; T+0x02B1F0C+0x0000A90
then get the value of memory at that location; dereference(T+0x02B1F0C+0x0000A90)
then add 0x0000C7C to that value of memory which is another address
dereference(T+0x02B1F0C+0x0000A90)+0x0000C7C
final result pointer to desired value
dereference(T+0x02B1F0C+0x0000A90)+0x0000C7C |
something like this?
| Code: | #define BASEPLAYERHP 0x02B1F0C
#define OFFSET1 0x0000A90
#define OFFSET2 0x0000C7C
DWORD* BaseAddress = (DWORD*)GetModuleHandle("TQ.exe");
DWORD* subAddress = (DWORD*)((char*)BaseAddress + BASEPLAYERHP + OFFSET1);
DWORD nextSubAddress = *subAddress;
DWORD* address = (DWORD*)((char*)nextSubAddress + OFFSET2);
int currentHP = *(int*)address; |
this definitely isn't it though because I crash as soon as I inject it
| Description: |
|
| Filesize: |
12.78 KB |
| Viewed: |
3131 Time(s) |
|
|
|
| Back to top |
|
|
Dark Byte
Site Admin
 Reputation: 470
Joined: 09 May 2003
Posts: 25778
Location: The netherlands
|
|
| Back to top |
|
|
ParkourPenguin
I post too much
Reputation: 152
Joined: 06 Jul 2014
Posts: 4695
|
| Posted: Thu Oct 17, 2024 10:11 am Post subject: |
|
|
| neur0tox1n wrote: | | then add 0x0000A90 to that address; T+0x02B1F0C+0x0000A90 |
No
The pointer path is `[[game.exe+2B1F0C]+A90]+C7C`
If the pointer path had been `[game.exe+2B1F0C+A90]+C7C`, then CE would've given the pointer path `[game.exe+2B299C]+C7C` instead
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
neur0tox1n
How do I cheat?
![]() Reputation: 0
Joined: 16 Oct 2024
Posts: 4
|
| Posted: Thu Oct 17, 2024 7:48 pm Post subject: |
|
|
| Code: | #define BASEPLAYER 0x2B1F0C
#define B_OFFSET 0xA90
#define HP_OFFSET 0xC7C
uintptr_t TQ_Addr = (uintptr_t)GetModuleHandle("TQ.exe");
uintptr_t baseAddress = *(uintptr_t*)(TQ_Addr + BASEPLAYER);
uintptr_t localPlayer = *(uintptr_t*)(baseAddress + B_OFFSET);
int currentHP = *((int*)(localPlayer + HP_OFFSET)); |
so I technically got this to work by first checking inside Cheat Engine with a pointerscan, using those values, then rebuilding the code. however the moment I closed the game and relaunched it, the code crashed. so I think I need to find an entity table first, locate the player object pointer inside that table, then use the two offsets.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
