| View previous topic :: View next topic |
| Author |
Message |
DaHandy
Newbie cheater
![]() Reputation: 0
Joined: 03 Nov 2007
Posts: 18
|
 Posted: Tue Dec 17, 2013 11:44 pm Post subject: [SOLVED] Can't find a pointer to a float |
 |
|
Hi!
It has been a while since I've used CE last time.
I have found a correct (dynamic) address (10DBE540) that I want to edit but I can't find a pointer to that.
I have tried:
1) To search for the address (10DBE540), no results
2) Find out what writes to the address and see the assembly (thats how I figured out some float calculation OP codes and that it has something to do with the EBX register)
3) To pointer scan the address
However I don't know what should I do next. Could someone guide me forward? An explanation for the following assembly code (in the screenshot) would be sweet!
The game is called Torino 2006 if it matters.
Thanks in advance!
| Description: |
|
| Filesize: |
75.14 KB |
| Viewed: |
6851 Time(s) |
|
Last edited by DaHandy on Wed Dec 18, 2013 3:38 pm; edited 1 time in total |
|
| Back to top |
|
 |
zm0d
Master Cheater
 Reputation: 7
Joined: 06 Nov 2013
Posts: 423
|
| Posted: Wed Dec 18, 2013 3:09 am Post subject: |
|
|
| DaHandy wrote: |
1) To search for the address (10DBE540), no results |
Well, it doesnt make sense to scan for this address. This address is the last one of a pointer chain, so you wont find a pointer holding this address (it gets calculated with EBX+000017D8). You'd need to scan for the address stored in EBX (10DBCD68) as hexadecimal scan. Then you maybe find addresses that hold this address. But always keep in mind, that +17D8 is your first offset. There are tutorials out in the WWW, how to manually scan for pointers with CE.
Edit:
CE pointer scan does a great job, too. You may set a new offset range, since 0x17D8 is already 6104 in decimal! 
|
|
| Back to top |
|
|
Gniarf
Grandmaster Cheater Supreme
![]() Reputation: 43
Joined: 12 Mar 2012
Posts: 1285
|
| Posted: Wed Dec 18, 2013 5:43 am Post subject: |
|
|
| zm0d wrote: | | You may set a new offset range, since 0x17D8 is already 6104 in decimal! |
I used to think that aswell, but according to this (2nd post) you don't need to increase structure size if the last offset is huge, as long as you specify it in "pointers must end with".
_________________
DO NOT PM me if you want help on making/fixing/using a hack. |
|
| Back to top |
|
|
zm0d
Master Cheater
Reputation: 7
Joined: 06 Nov 2013
Posts: 423
|
| Posted: Wed Dec 18, 2013 6:10 am Post subject: |
|
|
| I see Thanks for this very interesting and helpfull thread
|
|
| Back to top |
|
|
DaHandy
Newbie cheater
![]() Reputation: 0
Joined: 03 Nov 2007
Posts: 18
|
| Posted: Wed Dec 18, 2013 10:10 am Post subject: |
|
|
Thanks a lot for your replies!
Here is what I did now:
1) Searched for the EBX value (10DBCD68) and found 4 dynamic addresses.
2) I saved the first dynamic address that was found (04368D9C) and looked what accesses to it.
3) I found that in many places EAX + 1C = 04368D9C so EAX = 04368D80.
4) I searched for 04368D80 and found some dynamic addressed BUT also one static address!
The static address is 0053AEB4 (torino2006.exe+13AEB4).
So, the current situation:
0053AEB4 points to 04368D80.
04368D80 + 1C points to 10DBCD68.
10DBCD68 + 17D8 = 10DBE540 is the address thats value I want to change.
Then I successfully added the pointer of pointer to my cheat list.
Thanks again for your help!
EDIT2: Ok sorry for a new edit but I'm having the same problem again. Now I have another dynamic address (10DBE14C) thats value I want to change and I can't find a pointer for that (yes, again).
Here is what I did:
1) See what writes to the address where my value is stored. Found that there are multiple locations. Seems like it's [EBX+04] and sometimes [EBP+1C].
EBX=10DBE148
EBP=10DBE130
2) Searched for those EBX and EBP values without any results.
Now I'm stuck again and don't know what to do. :/ Here is also a screenshot again.
Maybe I should also see what accesses to the address... Any other suggestions? Thanks once more!
EDIT3: Nevermind! I got it! I decided to use the previously found pointers but with a different offset to find the speedhack address again. Those two values that I want to change are so near each other so it wont be a problem. Everything works just fine now, thanks to you all!
| Description: |
| This is the new problem, no pointers have been found. |
|
| Filesize: |
73.19 KB |
| Viewed: |
6755 Time(s) |
|
| Description: |
| Added the first pointer of pointer to the cheat list like this. |
|
| Filesize: |
8.87 KB |
| Viewed: |
6767 Time(s) |
|
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
