Cheat Engine

KoSMoS · How do I cheat? Reputation: 0 Joined: 28 Mar 2012 Posts: 1

Hello
im trying to find the base pointer and im stuck with this problem
that the offset is based on register value (i think)
mov eax,[esi+ebp*8+10]

ebp is part of the offset?
how to deal with this stuff?

Dark Byte · Posted: Wed Mar 28, 2012 3:46 pm Post subject:

I have my doubt it's really a dynamic offset
Does it happen that ebp is ever anything else than 0?

if not, then the offset is 0*8+10 (that's 10)

In this case though, I think you can better give up trying to find a pointer and go for code injection instead and inspect the pointers data for variable names etc...

flash is an emulator, which means that the actual executed code you see is not the game's code but the emulator's code that handles everything. And from seeing the relative 2 byte jump inside a "FlashPlayer" code segment, this means that the code you're seeing isn't even JIT'ed code (automatically compiled based on the flash code) but emulated step by step

Fresco · Posted: Wed Mar 28, 2012 4:53 pm Post subject:

right... code injection is the solution
mov eax,[esi+ebp*8+10]
as you can see esi+ebp*8+10 is the value of the address;

so auto assemble, registersymbol addressx, add to the table addressx
in the auto assemble: