 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
BullyWiiPlaza
How do I cheat?
![]() Reputation: 0
Joined: 28 May 2018
Posts: 8
|
 Posted: Wed May 30, 2018 9:50 am Post subject: Cannot find a working pointer at all for a Unity-based game |
 |
|
I'm trying to find a pointer for the amount of gold (= an in-game currency). Searching for the amount with the 4-byte value type is straightforward and I only get 1 result. However, on each restart of the game, the address changes (obviously).
I used "Find out what accesses this address" and got the following results:
| Code: | 08200A14 - 48 89 48 10 - mov [rax+10],rcx
082ACC2F - 48 8B 08 - mov rcx,[rax]
0827077C - 89 70 10 - mov [rax+10],esi
7FFC26F2A2E7 - 41 8B 4D 10 - mov ecx,[r13+10]
082707AD - 89 48 10 - mov [rax+10],ecx
7FFC26F2A2EB - 41 39 4E 10 - cmp [r14+10],ecx |
This suggests that the last offset is 10 because all except for 1 instruction uses the +10 displacement.
The same with "Find out what writes to this address":
| Code: | 7FFC270529E0 - 48 89 11 - mov [rcx],rdx
378274E3 - 89 47 10 - mov [rdi+10],eax
081D870B - 89 48 10 - mov [rax+10],ecx
082707AD - 89 48 10 - mov [rax+10],ecx |
I configure the pointer search to end with offset 10, used a max level of up to 8 and a maximum offset of 8000. However, I never managed to find a working pointer by rescanning when the game has been restarted. I also tried not using "Pointers must end with specific offset" option of course. No dice at all.
What else can I try? Shouldn't it find a pointer? This is a Unity-based game and I found other pointers for it before but I'm struggling with the player inventory related stuff. Maybe this has to do with the fact that the C++ subsystem had pointers but the C# one now does not? I'm trying to make a trainer/bot so doing an AOB (= array of bytes) search is less desired/practical. Injecting assembly for the same reason. Only reading through a valid pointer would be a great solution since I implemented a few of them already. Any further tips? 
|
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 470
Joined: 09 May 2003
Posts: 25796
Location: The netherlands
|
| Posted: Wed May 30, 2018 10:44 am Post subject: |
|
|
unity is very object oriented. that means it may take 8 pointers from the stack/mono dll to even get to the game.
so try a level 10 scan or deeper
alternatively, try code injection
and to make things easier, once you've found the code that accesses the healh activate mono features and it'll show you the name
then next time you can use that name to find the code (first activate mono features)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
BullyWiiPlaza
How do I cheat?
![]() Reputation: 0
Joined: 28 May 2018
Posts: 8
|
| Posted: Wed May 30, 2018 11:42 am Post subject: |
|
|
| Dark Byte wrote: | unity is very object oriented. that means it may take 8 pointers from the stack/mono dll to even get to the game.
so try a level 10 scan or deeper |
I kept trying and traced the address - 10 from the assembly and did a pointer search for the pointer to the gold address and it gave me "semi-working" stage 9 pointers: They worked after restarting the game but not anymore when playing the game for a bit (the address is then reloaded and the pointers break). Finally, depth 10 pointers worked as expected. Thank you, your tip turned out to be correct.
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
