Cheat Engine

[raidos]

hey guys, i got a question...

if I had say mov [eax-50],edi

on the address that writes to a luck address in my game...I was wondering how do I go about changing the edi to whatever I wanted it to be, say I wanted to add 3e8 (1000 hexa) to the edi to make it add that edi to that address, I tried changing the register in the address's edi to 3e8 but nothing happens at all, could someone tell me or offer some tips?

[Labyrnth]

[raidos]

what do you mean?

[kjmarket]

He just showed you how to do what you wanted according to your example. The first line moves the value 3E8 int EDI, and the second line is your example that you gave which moves the value in EDI to your pointer address. Not sure what you don't get, as you seemed to have some gras of what was going on, or at least I took that much from your first post. You'd need to write an AA script for this, but this pretty basic stuff. Good luck.

[Labyrnth]

[raidos]

hmm when you mean I have to write an AA scripted, does that mean that I have to do code injection?

edit: hmm i tried to make a scripted forma guide and I made this

[enable]
label(back)

004003c0:
mov edi,1388
mov [eax-50],edi
jmp back

0046ef0c:
jmp 004003c0
nop
back:

[disable]
0046ef0c:
mov [eax-50], edi

and when I enabled it in game, nothing happened when I got attacked so I'm guessing it didn't work, but when I tried to equip tings that add to luck, the game gave me an error and closed the game down. Hmm am I on the right track or is this just server sided and cant be modified?

[Labyrnth]

You moved 5000 into edi. Maybe it is too much.
Also if this is a MMO or something i dont think it will work anyways.
Also you need to make sure your cave was large enough to hold your code.
256 should be good

Test the script while your looking at the address in memory view as well.
Where the instruction is you will see a jmp be written, be sure the left over bytes are getting cleaned up. If it is leaving bytes you need to use another nop.
Then follow it to the cave and look whats written there. Make sure it is writing what you wanted, and nothing else is in that cave.

[raidos]

Hmmm, after messing aroudn with the scripted ans using it for a type of HP-locking thing, I got client sided results. Is there a way to make what Iv done to server sided?

[Labyrnth]

Only if the client handles the code it can work. But you said your getting a visual effect, then it is not handled by the client.
So the server handles the real value.

[raidos]

Hmm very strange cause I know that HP-locking is possible in my game cause of other peoples threads, can you give some suggestions on how to maybe obtain another address that might be a the right one? If it might help the game im trying to hacking is trickster.

[Labyrnth]

Maybe try seeing about getting a pointer and see what happens

[raidos]

hmm ok, gonna keep messing around with the script for now. thanks

Also how do you add the mov commands together, im very confused about that, say it had edi+000001bc, edi would equal 017b004c so....

017b004c+000001bc=?

[Labyrnth]

You can make edi = any value you want.
Why would you move two moves together?
Just change edi and it will mov the value to the other instruction.

[raidos]

Hmm, since I can made edi anything I want, I just tick edi in the register and make it anything I wanted?I thought [edi+~~~~~] was a pointer?

[Labyrnth]