Cheat Engine

SpookyGhost · How do I cheat? Reputation: 0 Joined: 09 Jun 2015 Posts: 6

Hi, I'm new here.
I'm trying to test myself by hacking MineSweeper [Win 7 x64]. currently the timer's variable (which is a float in this case) is in a random location, and when I try to find the pointer by doing the following:

1) find the timer variable's address.
2) adding the address to the table(? -- the white space on the bottom of cheat engine)
3) hitting F6, and attaching the debugger to minesweeper.exe
4) clicking the line and hitting more info.
5) getting the address of "The value of the pointer needed to find this address is probably XXXXXXXX"
6) hitting new scan, and setting the value type to 4 bytes
7) clicking the hex check box
8) putting in the XXXXXXXX value and searching for the exact value.

Here I get 2 addresses, and none of them are green (meaning they're static pointers) so I'm not sure what I'm doing wrong.

Can anyone give me some advice?

Thank you for taking the time to read this.

vng21092 · Posted: Tue Jun 09, 2015 2:29 pm Post subject:

lets start by saying you did absolutely nothing wrong Wink

. It is important to remember that there exists "Multi-Level Pointers". so the only reason why you have no green is because you didn't search deep enough, here, I'll walk you through what I did

So I'm sure you got to this point, you searched what writes to it, and searched for the base, now keep in mind the offset 20. The three addresses are black because they aren't static so... something must be pointing to them right? Add them to the address list as pointers with offset 20. Now, find what "accesses" these pointers, in the next picture I picked one, I tested them all but only one came back with something accessing it (you can try it yourself).

now you've got a pointer pointing to the address, now find out what accesses that pointer and search for the address in the "More Info" window and you'll see this

...whats this? A green address? Isn't that what you wanted? Well were not done yet. Now keep in mind offset 18. Add the green to you address list and double click it, you'll see the address in the red box. Copy it. Add an address manually as a pointer, paste that into the base, and add the offsets 20, and 18 because that's the order you found them in.

I'm sorry, I suck at explaining things but I hope the pictures help you out

SpookyGhost · How do I cheat? Reputation: 0 Joined: 09 Jun 2015 Posts: 6

Hello, vng21092, and thank you very much for your reply. It's good to know I'm on the right track so far.

Your images help describe what you're saying perfectly, but I seem to have a strange bug blocking my path to progress, thought it could very well be behaving how it's intended to I guess.

I can add the address I get from searching the "The value of the pointer needed to find this address is probably XXXXXXXX" just fine, but when I try to turn the added address into a pointer by clicking the pointer check box the address goes away, and the address field becomes disabled.

[Apparently I can't post images yet, so I'll need to type this part out]

[Change Address]
[this part becomes empty on clicking the pointer checkbox]=???
Description
[No Description]
Type
[4 Bytes V]
[x] pointer <-- get all the ???s when I click this
[<][ 0 ][>] ???????? + 0 = ????????
[ ] -> ????????
[add offset] [remove offset]
[okay] [cancel]

Is this a bug? and is there a way to fix it?

Edit: note, this also happens on Add Address Manually.

vng21092 · Posted: Tue Jun 09, 2015 3:31 pm Post subject:

nope, not a bug at all, you need to enter your address at the very very last box, the one right above "Add Offset", think of this box as your umm... base address

SpookyGhost · How do I cheat? Reputation: 0 Joined: 09 Jun 2015 Posts: 6

Alright, thanks. I'm going to have to come back to this later. thank you for your help so far though. I think I almost got it, lol.

SpookyGhost · How do I cheat? Reputation: 0 Joined: 09 Jun 2015 Posts: 6

Hello, again.

I've made more progress, I think...

I managed to get the pointer to the time working properly at:

vng21092 · Posted: Wed Jun 10, 2015 6:58 pm Post subject:

...did you pull this code out of your butt? Shocked

The register eax isn't even in the original code so I'm not sure why you felt the need to mess with that. Your disable section is screwed because you don't change the code back to what its suppose to be, I know you wrote that it was the original opcode but... no, it wasn't. To clarify, its suppose to be movss [rax+20],xmm0, see first picture for reference. Oh, and, [minesweeper.exe+AAA38+20+18] is not how you put multi-level pointers in a script, look at the code below to see how its suppose to be.This was all you needed to make the timer stick at zero.

SpookyGhost · How do I cheat? Reputation: 0 Joined: 09 Jun 2015 Posts: 6

Ha, ha. Oh wow, I didn't catch the opcode thing, but yeah. That's really strange.

From your script I managed to make mine work, even though yours is light-years better I was being a little stubborn, lol.

If anyone is interested this is what I've come up with so far. Once again I did not create this script, I just modified it.

vng21092 · Posted: Wed Jun 10, 2015 8:11 pm Post subject:

don't be stubborn... Mad

learn . Look at all the unnecessary stuff you're doing. ChiliDog, it's a value that doesn't change, it's just stuck at 0, no need to make a symbol for that. pushing eax, just to move ChiliDog into it, then moving eax into the static pointer, and then popping eax, for what? Why not just mov [staticpointer],0? In your script you basically have 10 lines of unnecessary code. Just a tip, you don't have to allocate your symbol, you could just define it as a label and register it, that way in the end you don't have to deallocate your symbol (see? one line of nonsense). As for the trainer questions, I suggest you start a new thread, good luck Very Happy