| View previous topic :: View next topic |
| Author |
Message |
AntumDeluge
Cheater
 Reputation: 0
Joined: 20 Dec 2018
Posts: 48
|
 Posted: Sat Apr 20, 2019 12:28 am Post subject: Pointer Offset Value Changes When Program is Restarted |
 |
|
I'm having trouble finding a static pointer for a value in a game. The pointer scan does not find any static pointers as the list is empty after restarting the program & re-scanning the memory. So, I found an instruction that accesses the address in question:
| Code: | 00404529 - DF 2C 01 - fild qword ptr [ecx+eax]
ECX=00000008
EAX=0C8373A0 // this value changes when app is restarted |
Searching for an address for the value of EAX (0C8373A0) returns empty. So, I find a static address for the value of ECX (00000008). In this case, $process+27CDC0. So, I add a pointer table entry with address $process+27CDC0 with an offset of 0C8373A0 (EAX). This accesses the value correctly. But, when the program is restarted, the value of EAX has changed. And I'm not sure what to do at this point.
Edit: This is my first time dealing with an offset being an address.
Last edited by AntumDeluge on Sat Apr 20, 2019 2:52 am; edited 2 times in total |
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 470
Joined: 09 May 2003
Posts: 25793
Location: The netherlands
|
| Posted: Sat Apr 20, 2019 2:19 am Post subject: |
|
|
the did it the wrong order, the static address had the value of 0C8373A0 and the offset is 8
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
AntumDeluge
Cheater
Reputation: 0
Joined: 20 Dec 2018
Posts: 48
|
| Posted: Sat Apr 20, 2019 2:54 am Post subject: |
|
|
I thought the value after the "+" was the offset?
And doing a hex search of the 4 byte value 0C8373A0 doesn't find anything.
Edit: Do I need to find what sets the value of EAX?
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
