 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
jerome64
How do I cheat?
![]() Reputation: 0
Joined: 07 Dec 2023
Posts: 8
|
 Posted: Wed Dec 13, 2023 5:28 pm Post subject: Identifying New Addresses and Offsets After Update |
 |
|
Hey community,
I'm seeking advice on the best way to quickly retrieve new static addresses and offsets after each update without having to go through extensive re-search. Is there an effective technique, such as using AOB (Array of Bytes) or any other trick that allows saving stable elements, ensuring easy retrieval of addresses after an update?
Any shared suggestions or experiences would be greatly appreciated. Thanks in advance for your help!
|
|
| Back to top |
|
 |
ParkourPenguin
I post too much
 Reputation: 152
Joined: 06 Jul 2014
Posts: 4709
|
| Posted: Wed Dec 13, 2023 10:41 pm Post subject: |
|
|
AOB scan for code, not values.
If you want base addresses for pointer paths, scan for instructions that reference each base address. Dissect code can help with that.
As for offsets... I don't know. You could scan for relevant instructions too, but why use pointers then? Just do an injection copy to get the address or some node in a pointer path to the address.
If code updated and the aob pattern stops working, try using wildcards. Lean a bit about how instructions are encoded as machine code (REX prefix, opcodes, ModR/M & SIB bytes, etc.) and you can more effectively use wildcards.
The comment at the end of the AOB injection template is vital for when the game updates. You can see all the instructions around the injection point and use that as a reference when searching for the new injection point.
Learning about how instructions are encoded can also let you know which instructions to avoid when choosing an injection point. Instructions that use RIP-relative addressing will almost certainly break the aobscan pattern on an update (reassemble & readmem if they can't be avoided, or {$lua} if it's really screwed up).
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
jerome64
How do I cheat?
![]() Reputation: 0
Joined: 07 Dec 2023
Posts: 8
|
| Posted: Thu Dec 14, 2023 2:58 pm Post subject: |
|
|
| ParkourPenguin wrote: | AOB scan for code, not values.
If you want base addresses for pointer paths, scan for instructions that reference each base address. Dissect code can help with that.
As for offsets... I don't know. You could scan for relevant instructions too, but why use pointers then? Just do an injection copy to get the address or some node in a pointer path to the address.
If code updated and the aob pattern stops working, try using wildcards. Lean a bit about how instructions are encoded as machine code (REX prefix, opcodes, ModR/M & SIB bytes, etc.) and you can more effectively use wildcards.
The comment at the end of the AOB injection template is vital for when the game updates. You can see all the instructions around the injection point and use that as a reference when searching for the new injection point.
Learning about how instructions are encoded can also let you know which instructions to avoid when choosing an injection point. Instructions that use RIP-relative addressing will almost certainly break the aobscan pattern on an update (reassemble & readmem if they can't be avoided, or {$lua} if it's really screwed up). |
Hello,
I'm a beginner and I'm trying to understand the advice you've shared. Is there a tutorial or resource I could refer to for a better understanding of the concepts you mentioned, such as code searching, pointer paths, and injection copying?
Currently, my main approach involves searching for addresses and pointers through pointer maps, but I feel I could enhance my understanding by following a more detailed guide. Any recommendations would be greatly appreciated.
Additionally, I was wondering if there are automation methods to streamline the address and pointer search processes. Are there tools or techniques that can help find these addresses more efficiently and reliably retrieve them every time?
Thanks in advance for your assistance! If you could also provide links to tutorials or names of techniques, it would greatly help me in conducting further research.
|
|
| Back to top |
|
|
ParkourPenguin
I post too much
Reputation: 152
Joined: 06 Jul 2014
Posts: 4709
|
| Posted: Thu Dec 14, 2023 3:21 pm Post subject: |
|
|
Try completing the CE tutorial if you haven't already.
You don't have to take a college course in software reverse engineering to hack games, but you should at least be able to read x64 assembly.
Search for "injection copy" for details on using a code injection to get an address. I generally prefer that over pointer paths.
Most of the time, I can do whatever I want by changing code- no need for values. e.g. want infinite ammo? NOP the call to the function that subtracts ammo. Finding that function can be annoying, but that comes with experience. You may be able to get away with just nopping the instruction that writes to ammo.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
jerome64
How do I cheat?
![]() Reputation: 0
Joined: 07 Dec 2023
Posts: 8
|
| Posted: Thu Dec 14, 2023 5:26 pm Post subject: |
|
|
It work for exemple:
Game.exe+38DA63F and 7 offset ?
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
