Cheat Engine

athlonaces · Newbie cheater Reputation: 0 Joined: 18 Feb 2008 Posts: 21

Hi, I am trying to learn how to use a cheat engine and am trying it out with GTA V. (I understand that there are trainers out there but I am more interested in learning how to use it)

I managed to find the address that modifies the wanted level (dynamic) and I want to locate the base address for it.

I took the following step.

1) Right click address that modifies wanted level, click "Find out what writes to this address".

2) Found a single code in the debugger, debugger provided a pointer address.

3) Searched in new scan (hex mode) of the pointer address.

4) Found a single address, manually added a new pointer address with the offset included in the previous instruction. This new address successfully identifies the current wanted level value.

5) Right click this pointer address, click "Find out what access this address".

This is where a multitude of issues occur. Its either I get 0 results in finding what access this address, or I get multiple results all pointing to a single address which cannot be found in a new hex scan.

I have been using a 4 byte scan (tried using all values but the 4 byte result is the only one that modifies the wanted level).

Can anyone point out whats wrong here? Do I have to use pointer scanner in this situation? I am kinda hesitant and will want to learn how to find multi level pointers without a pointer scanner.

PS I have completed the cheat engine tutorial that teaches multi level pointer. The steps doesnt work in this case.

Will appreciate any help. Thanks in advance.

Cheers.

Zanzer · Posted: Wed Apr 22, 2015 9:10 pm Post subject:

You should use Find out what accesses this address (not writes to).

Also, most times you won't find anything that accesses the base address. The debugger only triggers when something directly access the value at that address, not when one of the registers equals that value. For instance, if the following instruction retrieved the base address you found into register RCX, the debugger would not notify you.
mov rcx,[eax+10].

It can be tedious, but you would need to trace the instructions backwards to find each offset along the way until you finally get to a static address. So if your address was as [eax+10], go back through the code and find out what set the value of EAX. etc.

The automated pointer scanner finds value by looking for any address that contains the value within a range around the base address you just found. It continues to do this until it reaches a static address.

So to manually find your pointer using the memory scan, you shouldn't search for what addresses contain the exact base address. You should search for a value between your address and minus 256 (or some other made up number). The automated scanner is easier. Smile

athlonaces · Newbie cheater Reputation: 0 Joined: 18 Feb 2008 Posts: 21

Zanzer · Posted: Thu Apr 23, 2015 12:28 pm Post subject:

You mentioned you weren't finding any results, so you should then use "access" instead of "writes".

If the address you found is "F7944AA5F8", the default pointer scanner would then do an 8-byte scan for all addresses between "F7944A9DF8" (-2048) and "F7944A9DF8" (+2048). Of those results found, it would then do another +/- 2048 search between each of those addresses. It would do that to a max level of 5 or until it found a static game pointer. That would be the same manual process you need to do if you're going to use the memory scan method.