Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Chaning protected value in an IL2Cpp Unity game

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
Eighty7
How do I cheat?
Reputation: 0

Joined: 27 Jun 2026
Posts: 1
Location: United States

PostPosted: Sat Jun 27, 2026 1:58 pm    Post subject: Chaning protected value in an IL2Cpp Unity game Reply with quote

I have this function from my game that spawns an enemy, but the value is protected.
This is my original method of changing the enemy size, which worked.


Code:
[ENABLE]

alloc(newmem,1024,GameAssembly.dll+1394EAB) // MasterSpawn
alloc(enemysize,4)
registersymbol(enemysize)

label(return)

enemysize:
   dd (float)1

newmem:
    movss xmm3,[enemysize]
    jmp return

GameAssembly.dll+1394EAB:
    jmp newmem
    nop 3

return:

[DISABLE]

GameAssembly.dll+1394EAB:
    db F3 0F 10 1D B5 F3 61 02

unregistersymbol(enemysize)
dealloc(enemysize)
dealloc(newmem)


Although this worked, I wanted to just use Lua to change the value directly since the function already technically had a valid pointer to the value, but when I went to change it, my screen just starts distorting, and my audio bugs out. This is what I used to do it (I had to use fullAccess for it to even change)

Code:
function valuemodifier(address, writetype, fullAccessbool)
   local value = getAddressSafe(address)
   local input = inputQuery("Value modifier", "New value:", "")
   local inputvalue = tonumber(input)
   
    if fullAccessbool then
        fullAccess(value)
    end
   
   writetype(value, inputvalue)
end

valuemodifier("GameAssembly.dll+39B4268", writeFloat, true)


Here's the original game instruction

Code:
GameAssembly.dll+1394EAB - F3 0F10 1D B5F36102   - movss xmm3,[GameAssembly.dll+39B4268] { (1.00) }
Back to top
View user's profile Send private message
ParkourPenguin
I post too much
Reputation: 155

Joined: 06 Jul 2014
Posts: 4774

PostPosted: Sun Jun 28, 2026 1:45 am    Post subject: Reply with quote

Some other instruction(s) likely read from the same address.

You registered the symbol "enemysize", so write to that address instead.

Code:
writeFloat("enemysize", 2)

_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
Csimbi
I post too much
Reputation: 98

Joined: 14 Jul 2007
Posts: 3399

PostPosted: Sun Jun 28, 2026 4:17 am    Post subject: Reply with quote

What ParkourPenguin said.
There is no "load float 1.0 constant into xmm register" instruction in ASM. (unlike fld1 in FPU)
So, what games do is they store the constant 1.0 in memory once and load it into XMM register for that single memory location.
When you change the constant, any code using that constant will get the wrong constant. Those distortions you see are happening exactly because of this. I learned this the hard way (debugging crashes) when I started out with newer games using XMM registers a long time ago...
Mind you, this is true for any constant so when you see an instruction taking a fixed value from the image itself, you should always try avoiding changing the value. Instead, try to analyze and see how that value is used in a specific context and modify it there.
Good luck!
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites