| View previous topic :: View next topic |
| Author |
Message |
H4x0rBattie
Advanced Cheater
 Reputation: 0
Joined: 10 Nov 2016
Posts: 58
|
 Posted: Thu Nov 10, 2016 1:01 pm Post subject: Are pointer scanner dynamic pointer paths offsets wrong? |
 |
|
Hi.
When you untick the "Only find paths with a static address" it's bugged. Offsets are always wrong for a dynamic paths regardless of a level.
It's probably an easy fix. Thanks
PS. It's been broken since 2014 or it has always been broken. Now I bothered to report it 
Because of that I even ended up writing a .NET equivalent tool. A private one.
_________________
Last edited by H4x0rBattie on Fri Nov 11, 2016 10:14 pm; edited 2 times in total |
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 474
Joined: 09 May 2003
Posts: 25930
Location: The netherlands
|
| Posted: Thu Nov 10, 2016 2:29 pm Post subject: |
|
|
define what you think is wrong.
When I test it, the results are valid. (of course most entries are useless on restart, but that's what you get for non static addresses)
_________________
Tools give you results. Knowledge gives you control.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
H4x0rBattie
Advanced Cheater
Reputation: 0
Joined: 10 Nov 2016
Posts: 58
|
| Posted: Fri Nov 11, 2016 6:35 pm Post subject: |
|
|
| Dark Byte wrote: | define what you think is wrong.
When I test it, the results are valid. (of course most entries are useless on restart, but that's what you get for non static addresses) |
Check attachment. Actually addresses and the offsets are wrong for dynamic paths rendering that feature currently useless. I've verified the issue with many games, never worked for me with dynamic paths.
If you want feedback, here it comes. Please make those addresses and the offsets copy/pasteable in pointer scanner results or at least an option to save the results on file in plain text. It's really annoying manually type them every time.
Other than that, CE is a great tool. Thanks.
Not copy/pasteable addresses/offsets is the main reason I ended up coding my own pointer scanner, also did it for a learning purpose.
PS. Did you figured that pointer scanning feature on your own? I mean mean when I did a little googling, I did not found any equivalent tool so I assume you was the first to write one?
| Description: |
|
| Filesize: |
208.96 KB |
| Viewed: |
7386 Time(s) |
|
_________________
|
|
| Back to top |
|
|
ParkourPenguin
I post too much
 Reputation: 155
Joined: 06 Jul 2014
Posts: 4763
|
| Posted: Fri Nov 11, 2016 6:46 pm Post subject: |
|
|
CE isn't wrong; you're just misinterpreting when to add the offset and when to dereference the address. You read the value at the base address first, add the first offset, read the value at that address, add the next offset, etc. You're adding the offset before reading the value at the base address, which doesn't make any sense. Adding any value to the base address would just make it a different base address.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
H4x0rBattie
Advanced Cheater
Reputation: 0
Joined: 10 Nov 2016
Posts: 58
|
| Posted: Fri Nov 11, 2016 7:05 pm Post subject: |
|
|
| ParkourPenguin wrote: | | CE isn't wrong; you're just misinterpreting when to add the offset and when to dereference the address. You read the value at the base address first, add the first offset, read the value at that address, add the next offset, etc. You're adding the offset before reading the value at the base address, which doesn't make any sense. Adding any value to the base address would just make it a different base address. |
24CF448 + 0xD8 = 0x24CF520 and when I dereferenced it (exactly as shown in that attachment) a window below CE, it's not a valid pointer as you can easily read.
If I dereference 24CF448 and then add 0xD8, it's not pointing where CE claims so I don't understand what you're talking about.
_________________
|
|
| Back to top |
|
|
mgr.inz.Player
I post too much
 Reputation: 222
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Fri Nov 11, 2016 7:54 pm Post subject: |
|
|
Yep, you misinterpreting.
This:
with this:
_________________
Last edited by mgr.inz.Player on Fri Nov 11, 2016 8:25 pm; edited 1 time in total |
|
| Back to top |
|
|
ParkourPenguin
I post too much
Reputation: 155
Joined: 06 Jul 2014
Posts: 4763
|
| Posted: Fri Nov 11, 2016 8:03 pm Post subject: |
|
|
- Read the value at the base address 24CF448. Based on the screenshot, the value is 024CF4B0.
- Take the value 024CF4B0 and add D8 to it. This results in the value 024CF588.
- Read the value at that address. Based on the CE window, it should be C262CA40.
- Take that address and add the next offset to it. Because the next offset is 0, it results in the same address.
- That was the last offset, so you're at the final address of C262CA40, whose value (based on the CE window) is 1118061768.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
mgr.inz.Player
I post too much
Reputation: 222
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Fri Nov 11, 2016 8:09 pm Post subject: |
|
|
Typical multilevel pointer with static base(e.g. level 3):
| Code: | | [ [ [ module+moduleoffset ] + pointeroffset0 ] + pointeroffset1 ] + pointeroffset2 |
Typical multilevel pointer with nonstatic base(e.g. level 3):
| Code: | | [ [ [ address ] + pointeroffset0 ] + pointeroffset1 ] + pointeroffset2 |
_________________
|
|
| Back to top |
|
|
H4x0rBattie
Advanced Cheater
Reputation: 0
Joined: 10 Nov 2016
Posts: 58
|
| Posted: Fri Nov 11, 2016 9:37 pm Post subject: |
|
|
| mgr.inz.Player wrote: | Typical multilevel pointer with static base(e.g. level 3):
| Code: | | [ [ [ module+moduleoffset ] + pointeroffset0 ] + pointeroffset1 ] + pointeroffset2 |
Typical multilevel pointer with nonstatic base(e.g. level 3):
| Code: | | [ [ [ address ] + pointeroffset0 ] + pointeroffset1 ] + pointeroffset2 |
|
I am an idiot. That explains it. Thanks to everyone who clarified the issue.
_________________
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
