| View previous topic :: View next topic |
| Author |
Message |
Arealgreatsir
Newbie cheater
![]() Reputation: 0
Joined: 21 Feb 2025
Posts: 10
|
 Posted: Sat May 30, 2026 6:15 am Post subject: Age of Empires 2 Age of Kings and tutorial help |
 |
|
I have gone through the tutorial and decided to make a cheat table/script for Age of Empires 2 Age of Kings( original,not the DE edition) to make all my troops invincible. I have several questions however. I got 2 of my units attacked, and 2 for the enemy. I then try to find out what accesses the address for each. What instruction should I go for? All have +30. IMAGES: - Sx.png + Find out what accesses this address.png
I clicked one randomly and opened dissassembler. IMAGE - Show dissassembler after Find Out.png
I then tried to find a way to differentiate between my troops and those of the enemy.
I used data dissect with the addresses and put them in 2 groups. In the tutorial it says to put -4 to all of them. Did that and the different part is the one highlighted with a giant value.
IMAGE: -AoE2 dissection.png
Need to make a table/script that gives invulnerability/invincibility to my units only(tried making one earlier but it affects enemies too).
What to do?
| Description: |
|
| Filesize: |
134.92 KB |
| Viewed: |
1247 Time(s) |
|
| Description: |
|
| Filesize: |
71.36 KB |
| Viewed: |
1247 Time(s) |
|
| Description: |
|
| Filesize: |
39.06 KB |
| Viewed: |
1247 Time(s) |
|
|
|
| Back to top |
|
 |
ParkourPenguin
I post too much
 Reputation: 155
Joined: 06 Jul 2014
Posts: 4770
|
| Posted: Sat May 30, 2026 12:44 pm Post subject: |
|
|
| Arealgreatsir wrote: | | What instruction should I go for? |
I'd start at whichever instruction writes to the address and look between that and the previous read from the address.
The `fst` instruction writes to the address. The previous read was oddly far away- likely one called the other. Analyzing the code between them seems annoying in this case, so I'd skip that.
I'd try replacing the `fst` instruction with `nop`s and see what happens. `fst` itself doesn't modify the x87 stack, so there's no risk of causing a stack imbalance by doing that (if it were `fstp`, replace it with `fstp st(0)` + padding nops instead of just nops). If that makes it so that all units are now invincible, that's the injection point I'd use.
You didn't show all the instructions that access the address, so I might be missing something. Next time, resize the window so that all the instructions are in view. You can also copy / paste them.
| Arealgreatsir wrote: | | In the tutorial it says to put -4 to all of them. |
This is probably the tutorial's fault, but why do you think -4 is important?
It's because the instruction accessing the value was accessing it with an offset of 4: e.g. `mov eax,[esi+4]`. Also, the tutorial was using the address of the value you used in "Find out what instructions access this address". Subtracting 4 from that value would give you the value of esi.
In this case, you already used the value of esi, so there's no need for you to subtract anything.
esi+30 (+34 in AoE2 dissection.png) is obviously the value you found- CE just guessed wrong, as the value type should be float.
esi+4 (+8 in image) probably isn't a pointer, but some integer value (maybe some kind of unique object ID in the map).
The next pointer at esi+8 (+C) is strange. One from each group is the same, but the other of each group differ. Maybe it's a unit type- e.g. villager.
The pointer after that at esi+C (+10) is also a little strange. Maybe it's a unit kind, e.g. infantry / civilian.
The field you have highlighted at esi+1C (+20) is likely a pointer- CE just guessed wrong again. Change the type of that field to "pointer", expand it, and look around to find some value you can use as a comparison.
The comparison in the AA script would look something like this:
| Code: | newmem:
...
push eax
mov eax,[esi+1C]
cmp [eax+14],2135
pop eax
je notPlayer
// player code
...
jmp exit
notPlayer:
// enemy code
...
exit:
...
jmp return |
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
Arealgreatsir
Newbie cheater
![]() Reputation: 0
Joined: 21 Feb 2025
Posts: 10
|
| Posted: Sat May 30, 2026 2:05 pm Post subject: |
|
|
Thanks for the quick response.I am still a newbie in cheat engine and i knew something was off by substracting 4 from the values. First things first, i restarted the game and got the addresses of the units again. I gave all 4 units giant values of 9999hp so they don't die. This is what i found that accesses and writes to the address. I do remember one of the instructions nopped caused everything on the map to be destroyed.
| Description: |
|
| Filesize: |
48 KB |
| Viewed: |
1162 Time(s) |
|
| Description: |
|
| Filesize: |
14.09 KB |
| Viewed: |
1162 Time(s) |
|
|
|
| Back to top |
|
|
Arealgreatsir
Newbie cheater
![]() Reputation: 0
Joined: 21 Feb 2025
Posts: 10
|
| Posted: Mon Jun 01, 2026 1:29 pm Post subject: |
|
|
Alright this is what i found for now. Nopping the fst resulted in attack damage being dealt of 1 for all units. 45-44-43-42-41 etc. Nopping the fstp resulted in no damage being dealt by anyone. As for the structures, well i changed 1c to pointer but haven't found a value to help distinguish friend from foe.
| Description: |
|
| Filesize: |
147.49 KB |
| Viewed: |
370 Time(s) |
|
| Description: |
|
| Filesize: |
46.92 KB |
| Viewed: |
370 Time(s) |
|
| Description: |
|
| Filesize: |
15.83 KB |
| Viewed: |
370 Time(s) |
|
|
|
| Back to top |
|
|
ParkourPenguin
I post too much
Reputation: 155
Joined: 06 Jul 2014
Posts: 4770
|
| Posted: Mon Jun 01, 2026 9:44 pm Post subject: |
|
|
Structure.png - the addresses at the top should be the value of esi, not the address you found (i.e. esi+30). If you want to use the address you found, subtract 30 from it. e.g. 17321D88-30
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
Arealgreatsir
Newbie cheater
![]() Reputation: 0
Joined: 21 Feb 2025
Posts: 10
|
| Posted: Wed Jun 03, 2026 3:39 am Post subject: |
|
|
Still a problem with teams.
| Description: |
|
| Filesize: |
98.63 KB |
| Viewed: |
300 Time(s) |
|
| Description: |
|
| Filesize: |
97.47 KB |
| Viewed: |
300 Time(s) |
|
| Description: |
|
| Filesize: |
108.17 KB |
| Viewed: |
300 Time(s) |
|
|
|
| Back to top |
|
|
ParkourPenguin
I post too much
Reputation: 155
Joined: 06 Jul 2014
Posts: 4770
|
| Posted: Wed Jun 03, 2026 11:54 am Post subject: |
|
|
Assuming group 0 is your units and group 1 is the enemies' units, offset 4 in that pointed-to structure seems fine.
The assembly in the code injection would look like this:
| Code: | newmem:
push eax
mov eax,[esi+C]
cmp [eax+4],0
pop eax
je exit
// not player, deal damage
// put original code here
exit:
jmp return |
Step 9 of the CE tutorial goes over this. There are plenty of video guides online if you need help.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
Arealgreatsir
Newbie cheater
![]() Reputation: 0
Joined: 21 Feb 2025
Posts: 10
|
| Posted: Thu Jun 04, 2026 7:33 am Post subject: |
|
|
| Alright so, i made the script with the selected instruction (fst) in Viewer 1 with your assembly code and it made my units only take 1 damage. I then nopped the instruction in Viewer 2 in the dissassembly and it made my units take no damage while the enemy took damage normally. Not sure this is the most efficient way but it worked. Thanks a lot! I think the tutorial needs a bit better explanation for the instructions and to distinguish friend from foe (steps 6 and 9).
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
