Cheat Engine

lagiosman · How do I cheat? Reputation: 0 Joined: 27 Sep 2008 Posts: 1

GUYS I HAVE A BIG PROBLEM WITH OFFSET.
HERE IT IS:
mov eax,[eax+ecx*4]

I DONT KNOW THE WAY TO TRANSLATE THIS SHIT
PLEASE SOMEONE TO TELL ME A WAY AND TRANSLATE THIS FOR ME?
THANKS

EDIT:
THIS IS THE IMAGE:
i43.tinypic.co m/16062aq.jpg (without space between "co" and "m")
sorry for this but i don't post images for now because i have only one post

SpleeN · Posted: Sun Jan 25, 2009 12:22 pm Post subject:

First, tell us what 'ecx' is or send a snapshot.
If you don't want to or just want to know how to do it, then:

It's actually very easy, enter the Windows Calculator application (Start -> Accessories -> Calculator), click on 'view' (top-left corner) (in the calculator application) and change the calculator to 'Scientific Mode' (second button (default is on 'Standard' mode)).
After that, tick 'Hex' (on the left) so it will be enabled.
Now enter whatever ecx was (with the numbers of course :O) and click '*' (times/multiply by) and then '4', the answer given in the white box is your offset.

If you don't have the 'Calculator' application (I have no reason why you shouldn't have) then post it here so that I'll calculate for you.

lagiosman · How do I cheat? Reputation: 0 Joined: 27 Sep 2008 Posts: 1

SpleeN · Posted: Sun Jan 25, 2009 1:22 pm Post subject:

OHHHHH, lol.
This is very easy, look at your 'ecx', see that it's 00000009?
It's basically like very simple mathematics at this point, the 0's that are before the '9' don't really have any "weight" on the value of the total address, because it's like you do 010 + 8 = 18 instead of 10 + 8 = 18 (difference is in the '10'), no matter this way or that way, you'll still get 18, just like in your ecx:
Simply do 9 * 4 (the answer is 36.....) and that's your offset, because 00000009 * 4 is exactly like 9 * 4.

grasmanek94 · Posted: Wed Feb 11, 2009 1:49 am Post subject:

1 of the ECX, EAX of what shit you have there is the same as the scanned adress/ probably scan va;lue so you may not use it because if ex:
adress of search is 00000FFF and eax = 00000FFF
ecx = 00000AAA
then mov eax,[eax+ecx*4]
would be this only:
ecx*4 (MY OWN EXPERIENCE I GAINED WHILE HACKING, THIS HELPED ME ALOT OUT OF SOME SHIT)

Recifense · Posted: Wed Feb 11, 2009 8:20 am Post subject:

Hi,

Analyzing the instruction "mov eax,[eax+ecx*4]", one notices that pointer base address is destroyed, since the result of the memory reading is stored in the EAX. If you want the value of EAX before the instrucation is executed follow the tip given in the Extra Info window (The registers shown are AFTER the instruction has been executed. To show them before the instruction is executed use Access Exceptions instead of Debug Registers"). It can be changed at Settings->Code Finder

Cheers.

grasmanek94 · Posted: Wed Feb 11, 2009 11:26 am Post subject:

as i see the offset should be 32 converted to hex.. or try 32 xD
32 to hex = 24 0x00000009*4 lol xD
http://www.google.nl/search?hl=nl&q=0x00000009*4&btnG=Google+zoeken&meta=
oh 1st try 24 then 32 xD i always do so xDDDDD