| View previous topic :: View next topic |
| Author |
Message |
Takshaka
How do I cheat?
![]() Reputation: 0
Joined: 15 Dec 2009
Posts: 4
|
 Posted: Tue Dec 15, 2009 9:30 am Post subject: Finding Pointer stuck on "mov eax, [eax*4+OFF]" |
 |
|
Ok, so I am at work right now and I cannot remember the exact details, but I do not think it is necessary to get some guidance on this.
I am trying to find the static address and when finding out what accesses the 2nd pointer I get this code:
mov eax, [eax*4+OFF] (OFF=Offset as I dont remember the exact value)
I have tried searching for the address that holds the value of eax. Then I tried adding that address to the pointer chain with and without the given offset and that did not work.
I have tried searching for the address that holds the value of eax*. Then I tried adding that address to the pointer chain with and without with given offset, neither of which worked.
*EDIT: Ok, I really should be working but I cannot stop thinking about this. Adding my new thoughts as an edit instead of new post as there are no posts yet.
If my understanding of ASM is correct(unlikely as I dont know much) then the command:
mov eax, [eax*4+OFF] is copying the memory address [eax*4+OFF] into the register eax as a value, correct? Cheat Engine gives the value of the registers after the code is run so the value that I am getting for eax is not the same as the eax in brackets up top?
If that is the case then to get the value of eax before the code is run I can do it via
neweax = oldeax*4 + OFF
neweax-OFF = oldeax*4
(neweax-off)/4 = oldeax
Then the value that I would search for would be the old eax value? or old eax*4? see.. now I am confused again
|
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 471
Joined: 09 May 2003
Posts: 25862
Location: The netherlands
|
| Posted: Tue Dec 15, 2009 11:50 am Post subject: |
|
|
Please give the full instruction.
I do not believe OFF is an actual offset, because that'd mean you don't need a pointer since you're already on a static address
eax*4+off=addressyouscannedfor
eax*4=addressyouscannedfor-off
eax=(addressyouscannedfor-off / 4)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Takshaka
How do I cheat?
![]() Reputation: 0
Joined: 15 Dec 2009
Posts: 4
|
| Posted: Tue Dec 15, 2009 12:35 pm Post subject: |
|
|
ohh.. this could be. Thanks for the reply. I will check when I get home this evening. I am going to do a massive facepalm if it turns that I my second pointer had already made it to a static address and I just didn't realize it.
Well, regardless ill post the full code when I get home from work.
|
|
| Back to top |
|
|
Takshaka
How do I cheat?
![]() Reputation: 0
Joined: 15 Dec 2009
Posts: 4
|
| Posted: Tue Dec 15, 2009 10:48 pm Post subject: |
|
|
Well, as would be expected it turns out that you are indeed correct.
The code was: mov eax,[eax*4+00900f50]
I am guessing that 00900f50 is not an offset?
The reason why I thought that there may be another pointer after this is that when I restarted the program the address would be different and no longer point to the address that I wanted. However, last night in my tiredness I did not try to other addresses that were also green in my search. It turns out that there are two static addresses that point to the info that I want and now everything is working great. Thanks!
|
|
| Back to top |
|
|
Guy
Expert Cheater
![]() Reputation: 0
Joined: 30 May 2009
Posts: 187
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
