Cheat Engine

BanCheese · Cheater Reputation: 0 Joined: 22 Oct 2014 Posts: 49

I'm using the following code to get the address of a singleton object:

Cake-san · Posted: Thu Jul 07, 2016 2:02 am Post subject:

use readmem, instead. eg:

BanCheese · Cheater Reputation: 0 Joined: 22 Oct 2014 Posts: 49

Sorry if I'm misinterpreting what you said here, but I'm not quite sure I follow; I'm not trying to read memory at all -- I just want to save the address of the CPlayer block for other scripts to use.

Zanzer · Posted: Thu Jul 07, 2016 6:37 pm Post subject:

Now anyone can use the found "cplayer" address... if that's what you intended.

BanCheese · Cheater Reputation: 0 Joined: 22 Oct 2014 Posts: 49

That's what I had originally, but I changed it to the code in my post after I started experiencing the bug I described above.

Zanzer · Posted: Thu Jul 07, 2016 6:44 pm Post subject:

Don't use "[cplayer]"
Use "cplayer"
???

BanCheese · Cheater Reputation: 0 Joined: 22 Oct 2014 Posts: 49

(Sorry if I was unclear previously.)

I tried the code in your post again, but cplayer now holds 1B29A1A08 (as [cplayer] and tmp did with the code in my post.)

Zanzer · Posted: Thu Jul 07, 2016 6:49 pm Post subject:

Why don't you explain what that AOB is to you.
Then explain how you're trying to use it within your table.
What address and value are you expecting it to be?
What address and value is it coming out as?

ParkourPenguin · Posted: Thu Jul 07, 2016 6:55 pm Post subject:

Perhaps the value at the address it found is changing, but that shouldn't be the case for a vtable. Are you sure that AoB signature is unique? Scan through all memory (not just writable).

Open the Lua script window and execute this code:

BanCheese · Cheater Reputation: 0 Joined: 22 Oct 2014 Posts: 49

I've used AoB a lot before, so I'm think I'm remembering correctly, but just to be clear:

AoB searches through memory for the bytes in the second parameter, at which point it saves the address at which the bytes were found in the symbol that is the first parameter.

I'm using it to find the CPlayer singleton in memory, which always contains a pointer to its vftable (the bytes I specified in aobscan.) I wish to store this address, either in a symbol directly (as in your code) or at a location that a symbol points to (as in my code.)

In your code, I would expect cplayer to hold 92654C400, which is the sole address returned by doing a manual scan with "Value Type: Array of Byte."

Unfortunately, after running your code, cplayer holds 1B29A1A08. [1B29A1A08] is not C8 9D 45 42 01 00 00 00 (i.e. what I searched for.)

Thanks for the help.

ParkourPenguin, I just saw your post as I previewed mine. After running your code, this is printed:

Zanzer · Posted: Thu Jul 07, 2016 7:05 pm Post subject:

Add a new memory record to your table. Just a normal one, not a pointer.
Set the address equal to "cplayer". Do not use the brackets.
Is this the address you think you should have?

BanCheese · Cheater Reputation: 0 Joined: 22 Oct 2014 Posts: 49

No. "cplayer" resolves to 1B29A1A08. Here's a screenshot of the entry:

Thanks again.

Zanzer · Posted: Thu Jul 07, 2016 7:17 pm Post subject:

Don't use that define statement, plug the AOB in directly.

BanCheese · Cheater Reputation: 0 Joined: 22 Oct 2014 Posts: 49

That fixed it! Thanks!

Was that a bug, or was I doing something wrong?

Zanzer · Posted: Thu Jul 07, 2016 7:25 pm Post subject:

CE resolves the "aobscan" lines before the "define" lines.
So it was converting "cplayer_vftable" into something and managed to find that address instead.