Cheat Engine

[Corazon]

Hi everyone, I'm having a problem, but this is only in a game and it's very strange, I'll make it clear before that, I learned the method of dissecting structures, and this allowed me to do things that I never imagined doing before in various games , I used the CMP command to compare the offset and differentiate my value from the opponents, and I succeeded in all the games where I did it, but it seems like I'm having trouble in one, it just does not work, its name is Sewerrun, it It is .EXE, I have simply tried several Registors with offsets and try to differentiate values in dissecting structures, but this simply does not work, it activates the Script but it does not work, it only works only if I delete the CMP command, but this ends up affecting the other opponents, please help me, I do not know what else to do, I'll leave Images to make it clearer :// Obs: follow the orders of the images by letters in alphabetical order

Another important point is that I was facing the same thing in another game, the speed instruction was Fmul Dword ptr (RocketRacer.exe + A4FH52), and when I clicked on it to know which addresses accessed that instruction, only one appeared, changes that I made were affecting everyone, so I did exactly what I'm doing in that game Sewerrun, I found in the other game, the instruction of rocket positions
(first, second) the address of my opponents were accessing this instruction too, and then I told the structures of this instruction, which has nothing to do with the speed instruction, I could differentiate the values ​​with that same CMP script, and worked perfectly, the speed only affected me, but in this game I am facing this problem ....

[TheyCallMeTim13]

In the dissect data form it shows as a byte value, but in your script your compairing a 4 byte value.

Try

[Corazon]

Thank you for the answer, I've tried this and Dword too, but it still does not work

[OldCheatEngineUser]

first, im a lil bit confused, is it float or int?

second, for your information dissect data isnt always accurate which means it may show 4byte value as float. (or anything)

third, it seems what i said above is true see offset 4 is byte offset 5 is byte as well and offset 6 is 2byte.
total is 4 byte, and it worth noting float is 4byte long too.

i can say its not byte 44 (i mean cmp byte ... 44), also i would say if the value is float and you are pretty much sure its in st0 - st7 fpu registers then you can compare these registers using fpu instructions.
one more thing, you can compare the stack too .. or even the contents of registers.

[Corazon]

I'm sorry, but ask if Float or Int is the Fmul instruction of the speed value that all Opponents access, or the Fdiv Instruction that is the instruction that changes the Speed? I did not quite understand what I meant by byte 2 byte or 4 byte ://

[TheyCallMeTim13]

Ha! I missed it too. But I bet the dissect data form is showing it as decimal (it's default), but the Auto Assembler sees it as hex (it's default).
And, 44 == 0x2C, So try this.

[Corazon]

Thanks for the answer mate (, but lol, that also did not work, Script active but in the game has no effect, this is very strange because in the other Games I did not go through all this problem, and exactly what I did in others I'm doing this, this is strange ...

[TheyCallMeTim13]

Set a breakpoint I bet the value isn't what you think it is, it may be changing faster than you can see; or just try to find another way to id the player, I also start with registers then look to the stack then if I still have nothing that works that's when I look at the data structures.

[Corazon]

Thanks for replying, it's really weird, I've tried several and several Instructions that other players access besides me, already tried several addresses and offsets that do not change, and still does not work, but could explain me better about the point of breakers registers and stack? :// I do not understand much of this part

[TheyCallMeTim13]

So let's start with a breakpoint, Basically a breakpoint is just way to halt execution. This allows you to "step" through the instruction one at a time. So When you activate the script, if you view the instruction in the memory view form, then you will see the jump to your injected code.

Follow this (right click and select "follow" or press the spacebar) then when you see the instructions from your script, look for the "cmp" then select that instruction line and set a breakpoint (right click and select "set breakpoint" or press F5).

Then you can select the "view" menu on the memory view form and select "breakpoint list" or press Ctrl+B then select the breakpoint you set and right click and select "set/change condition" then select the "easy" radio button and input "EDI == 0x??" and input the value of EDI for the player after "0x" where the "??" is.

Then just do whatever makes the code execute. Then when the game hits the breakpoint, it will stop execution; then you can go back to CE and see what the value of that address is at that exact moment of execution. You can add an memory record or just right click in the bottom section of the memory view form and select "Go to address" and input the address that EDI holds; you will see the value of all registers on the upper right of the memory view form.

Then you should be able to see the value of that address that is "EDI+5" as a byte value. When you are ready to step select the "debug" menu then "step" or press F7; this will also allow you to see if it jumps or not.

Then to run the game again you can select "run" in the debug menu, or press F9. It will run until it hits the breakpoint, when you are ready to remove the breakpoint you can select "remove all breakpoints" in the debug menu, or select the instruction that the breakpoint was set and select "remove breakpoint" or press F5 again.

----
And for checking the registers you can do the same but don't set a condition for the breakpoint and check to see if you see a register is always the same value for the player and different value for the other actors.

So if EAX is alway equal to 1 for the player you can use that instead of the "[EDI+5]" so "cmp eax,1"; just try not to use addresses that will change unless you have a way to get that address reliably.

Or you can check the registers in the debugger from "see what accesses this address" or "see what writes to this address".

https://wiki.cheatengine.org/index.php?title=Assembler#Registers
https://www.youtube.com/watch?v=afCoTLBq6dI&list=PLszEh0IDMrCmPK-0wpe-cyu08Kj7MGYyo&index=55

----
As for the stack, that one is relatively simple but you will need to understand what the stack is a bit better. there are YT videos and lots of posts. But in the end it works a lot like the first compare you tried but with the stack so you would compare say "cmp [esp+8],1" or "cmp [ebp+8],1".
https://wiki.cheatengine.org/index.php?title=Tutorial:Stack
https://www.youtube.com/watch?v=AaYgSEQvAww&list=PLszEh0IDMrCmPK-0wpe-cyu08Kj7MGYyo&index=64

----
Here are 2 great YT channels.
https://www.youtube.com/user/seowhistleblower
https://www.youtube.com/channel/UCxuUEVD4bQqT3twlaeW9usQ

[Corazon]

LOL WTF, I activated the Script as it said, and opened the Memory view, it was written Jump 034D0800, I clicked on "go to this address" when clicking I was flung to this region, but LOL I have never seen this before, instead of add was supposed to be CMP ******, is this normal?

[OldCheatEngineUser]

yes its normal with disassemblers, its incorrect disassembly.

[Corazon]

ahh, Thanks a lot, it was my mistake, now that's right, I'm going to do what fellow TheyCallMeTim13 told me to do now and post here the results

[ParkourPenguin]

The start of the disassembly was misaligned. Press the left/right arrow keys until it's correct.

The real code looks like this:

[Corazon]

Thanks for the Warning ParkourPenguin , u can tell me if it is ok now?