Cheat Engine

isbowhten · How do I cheat? Reputation: 0 Joined: 28 Nov 2010 Posts: 2

i need to find out at which adress "esp+20" is set to a certain value, because i am trying to look for a certain piece of code which checks if some action is possible or not.

another adress then gets a certain value vor visual displaying the possibility of the action i want to take.

i found out this value gets the value of esp+20 and i also know the adress standing behind esp, so i manually added it to the adress-list and clicked
"find out what accesses(also tried "writes") this".
the list of results fills up quickly with about 15 adresses but the game crashes.

i wrote down the adresses it found so far and checked those who seemed to be the ones i was looking for most but could not proceed so far.

btw: i am a very very beginner.
i just do some programming for fun and do hardly have any
knowledge about assembler or hacking.
(but at least i succeeded in hacking minesweeper-time or cheating ammunition in shooters)

why can "find out what accesses this" crash the game?
is there any chance all adresses accessing it have been found when the game crashes?

whoops: i forgot:
i use cheat engine 5.5

Geri · Moderator Reputation: 111 Joined: 05 Feb 2010 Posts: 5636

The problem is that esp+20 is an address in the stack. It is not a simple memory address like those where usual game informations are stored.
The stack is kinda a temporary storage for many things so one address in the stack is used to store many different things, not just one. This also means that many code is accessing to it which are working with all kinds of values and yes, if You are just trying to use the "find out what ..." feature on a stack address, You can expect a crash soon enough.

If You want to find the code which is putting the value in the stack, You should probably use manual debugging and this will be a pain in the ass for a beginner. You certainly need to read more about ASM and about the stack's function in order to solve this task and learn how to debug manually.

You may also try to use a "trace" and check stack values there but CE 5.5 does not support that kind of trace and it is also difficult enough without proper knowledge. You also need to know about calls, push, pop and ret instructions etc.

So it is difficult enough.

isbowhten · How do I cheat? Reputation: 0 Joined: 28 Nov 2010 Posts: 2

thanks for reply.

is there a way to find out what happens when i click the left mouse button?
i will tell you what i want to do.

you know trackmania the racing game? i am sure you do.
some of the racing-maps are build "wrong". pieces are overlapping which is impossible to build in trackmania.
there does exist a "challenge editor" to manipulate a mapfile, but this means reloading and saving the whole time to see what you did change after manipulating in trackmania editor and you also cant fill in other tracks in this challenge editor, so you always need both of them.

i want to build maps with as less restrictions as possible, so i want to make it possible to build a piece which is not allowed to be build with a hacked trackmania editor instead of using that nasty challenge editor.

i know this is a biiiiig task for a beginner. (but i dont see any point in hacking easy things without any use for anybody) .
all i got is to make the frame around the pieces (red when building is impossible) always green, but i never found the memory adresses who decide if this action is possible or not, just the visual effect depending on those unknown adresses could be detected and manipulated by myself.

as far as i got i did manual debugging. (breakpoints, trace instructions)
i do not complain about a pain in the ass when i debug(rather in my eyes), maybe because i just cant debug cause of lacking knowledge.

i theoretically know what push pop and ret and call and jmp(and the other jumps like je jne etc...) and stack means, aswell mov fld and fstp and the meaning of theses brackets [], but when it turns into real doing (not just theory) i just dont get the meaning of everything in the context of the opcode and often doubt if i knew the correct theory behind it.

as a hobby-programmer i think i should be fast in learning those things, i basically know how cheating works and i do not lack of intelligence, but experience. (it is not my first time to see assembler, i used assembler in turbo pascal, but just easy things(mouse etc...))

so my new question:
is this task (hacking trackmania editor) just "difficult" or "way too difficult" for me?

Geri · Moderator Reputation: 111 Joined: 05 Feb 2010 Posts: 5636

I never cared about the map editor in Trackmania but I have UnitedForever and checked the thing.

So I think You want to find the code which is checking if You can place the tile or not, when You are rotating it with the left mouse button. I have also found some values that are changing according to green/red. There are more of them, don't know which one did You find or which is the code where You have seen esp+20, guess I have found others so far. And yes, the bad news is that these values are usually related to the stack and the codes are changing thousands of things in functions that are called from many places, but it is not impossible of course, You can do much with manual debugging or setting conditional breakpoints.

However I will go to sleep now and maybe I won't have time to look at this in the next few days. If You post what You have found so far, I will check it out.