Cheat Engine

[Damein]

So I am trying to actually figure out how this hack is working on Starcraft: Broodwar. So I am loading the game, loading the game, loading C.E. and then changing a value.

Now, I can find the address thats being changed just fine. But, since its a pointer it changes every time the game is loaded. I have passed the pointer tutorial and have even looked through the various pointer tuts here on the site, but to no avail.

If anyone could help, that would be awesome.

i46.tinypic. com/293f32g.jpg

i45.tinypic. com/rcu7gz.jpg

i45.tinypic. com/359mm4l.jpg

i50.tinypic. com/2vuyalx.jpg

i45.tinypic. com/2dtpqwy.jpg

So there are the results of my read/write op codes.

Sorry if the editting of the URL makes someone mad.. just not sure why its there.

To view the image. H ttp :// (Without spaces) and then unspace the . com

[igor]

-Try Code Injection OR
-Right Click on address and select "Pointer scan for this address"

[Damein]

Hmm, I didn't attempt the code injection tut, figured with the pointer one I'd be able to do this. As for the pointer scan, when I do that I get god knows how many addresses. When I scroll using my mouse wheel I can't even see the slider move. Is there a way to narrow it down, like a scan when I change something?

[igor]

[Damein]

Hmm, at first it seemed promising.. but after a bit the number of pointers no longer changed. I am stuck at 1,617,216 lol.

I'll get back with you if I can figure out why before you post again. And thanks thus far

One thing I wasn't sure on was if I used the same address each time I re-scanned the pointers. IE: First pointer scan was for address 0000001, second one was 0000002. Do I use 0000001 or 0000002 for the second scan?

[Dark Byte]

You scan for the address that is currently the correct address.


Also, 1617216 isn't that bad, it's less than a billion. And if they work after a reboot then they are at least suitable for basic cheats

Try them on other systems (rescan on other systems)

[igor]

you have to restart your game each time and also search for new working address again each time and scan for that new address. and your pointerscan result will be decreased.

as Dark Byte said 1617216 isn't bad. double click one of these address and it will be added to your table. check that if the pointer is changing after restarting game or rebooting your system.

[Damein]

Alright, I narrowed it down so far to 764,304

So the next step is to double click each one, restart the game, check the table and if the pointer ='s the same value as it was before, and not a ?? it should be the correct one, right?

Edit::

After a bit the pointer scan started coming up with 0 pointers


Edit 2::

So after some trial and error of trying to find different techniques I found that the last four digits of the pointer is always the same. IE: 9B1C and the first two digits: 0B are always the same. So only the middle two digits are different. IE: 0Bxx9B1C. I dunno if this helps anyone help me or not, but I found it interesting enough to note. Oh, and the offset is always 4.

[igor]

Why you need pointer you can use code injection as well. Complete the tutorial for code injection its easy.

Personally i always use code injection. I never used pointer.

[Damein]

Hmm, never used it. Is that for creating hacks? Because I'm not attempting to do that, I'm trying to reverse-engineer a hack and figure out exactly which address its editing so I can stop it with another program.

[igor]

Suppose if you have this instruction that decrease your health
004386AD sub [eax+3AC],ebx

you can inject your code at 004386AD this address mov [eax+3AC],(int)100 so that your health is always 100 (god mode). That is code injection.

You can use other program like ollydbg to save your changes.