Max89 How do I cheat? Reputation: 0
Joined: 22 Oct 2014 Posts: 9
|
Posted: Thu Oct 23, 2014 10:29 pm Post subject: Re: Making a table |
|
|
Hi!
ievi wrote: | I just started trying to use cheat engine today |
I just started a few days ago, too. So I know it can be confusing at first. But the more you try and learn, the easier it gets.
Make sure to try and solve the Cheat Engine Tutorial! (CE Main Menu -> Help -> Tutorial) -> I think it is important to understand each step in it.
I have spent the last few hours trying to figure out something for a game inventory.
Took me quite a while and without help and searching for tutorials it would have been impossible, I guess.
Just remember that there are several different ways to solve a problem with CE.
ievi wrote: | i'm interested in making a table so I do not have to keep looking for the new address each session. |
Depending on the data/values you are looking for, you will need (static) Pointers or an Array of Byte Skript (aobscan).
(there may also be other possible ways, I don't know yet...)
You may already know, that each time you restart your game (and sometimes after loading savegames) the addresses of your values will change. (unless they are static)
That's why you need to find a static pointer, which will always point to your value.
AoB Scan for the assembler code you want to change can work, too.
ievi wrote: | (url's are disabled?) |
I think it is disabled for new users and I think you can unlock it, after you got more posts.
ievi wrote: | the weapon ammo only works for the one currently equipped if i pick up the exact same weapon it does not work. i would need to do it again even though they are the same weapons. |
Just from what I have learned today:
1.) search the current address of your value and add it to your address list
2.) right click -> find out what accesses this address
3.) it will ask you to attach the debugger, click yes
4.) make sure to use some ammo ingame now (just change the value once)
5.) you should see some addresses and assembler codes (instructions) in the open CE window now
6.) click on one of the instructions and then "show disassembler" (which will open the memory viewer at that address)
7.) now look for the point where your value gets decreased or changed - could be something like this:
-> dec eax
-> sub eax,1
-> mov eax[esi+08] (or any other reigster + offset within [] ...)
8.) If you think you found it, you can use Ctrl + A (Auto Assemble) to do something with it
9.) In the new window click Template -> Cheat Table Framework Code
10.) Click Template again and then Code Injection (needs to be in this order)
-> One easy way to test if it works would be to use "//" in front of the oriignal code and see if that works
-> "// is used for comments, so if you put it in front of the instructions after 'originalcode:' you will disable them
11.) When you are finished editing the AutoAssembler Script, don't press Execute but instead: File -> Assign to current cheat table
-> You can close the window and will have a new line in your address list
-> doubleclick on <script> will reopen the window so you can edit the script again
-> click on the checkbox in front of it to enable/disable it (can take a while depending on the script)
If you tried it and it works, you can add an Array of Bytes Scan to your script and replace the address with an aobscan.
As the name suggest, the aobscan will search the application memory for an array of bytes.
You just have to look at the end of your current script and look for the line: "// Alt: db <bytes>"
There you have the bytes which you will have to add to your aobscan and the result will be the address, where the instruction gets executed.
-> This means that each time you activate the script it will search the application memory for the defined array of bytes and will add the address for you.
Here is a basic example what your AutoAssembler Script could look like with AoB Scan:
Code: | [ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,512) // 512 bytes
// label to jump to
label(returnhere)
label(originalcode)
label(exit)
// array of bytes
label(aob)
registersymbol(aob)
// the actual scan for the AoB - make sure to add your own bytes here
// look at the last line of your own script: "// Alt: db <Bytes>" and add the Bytes (without the db!)
aobscan(aob1,8B 87 94 01 00 00 50 DB 04 24)
newmem: //this is allocated memory, you have read,write,execute access
// place any new code here, if you want to change the value yourself
// just remove the '//' infront and use the correct register + offset
// mov [edi+00000194],#100
// this is the original code, which gets executed by the game each time your ammo changes
originalcode:
// make sure to change this line (or lines) to the code(s) which get(s) executed in your game
// (the Auto Assembler Script will add this for you, when you create the Template!)
// If you want to deactivate this instruction, just use "//" and test if it works
mov eax,[edi+00000194]
exit:
jmp returnhere
// 'aob1' will hold the address where the instruction is executed (aobscan will scan for the Array of Bytes and return the address)
aob1:
aob:
// this line will hold the jump to your allocated memory (newmem holds to address to the CodeCave)
jmp newmem
// nop = no operation <- this is not always needed (or could be needed several times)
// (just use the Template and don't change this if you don't know how and when to use it)
nop
// program will get back to the address where the instruction was executed here
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
// memory will be free again
dealloc(newmem)
// 'aob' holds the address to put the original code again
aob:
// Bytes of the Originalcode - make sure these are the same as in the Memory Viewer
// (see last line: "// Alt: db <Bytes>" for exact values
db 8B 87 94 01 00 00
unregistersymbol(aob) |
ievi wrote: | i was trying to use point scanner from a tutorial I saw on here but my temp folder went to 71GB |
Well, I did try the pointer scanner myself with lvl3, lvl5, lvl6 and lvl7 pointers.
Great amount of data and no success for me and the game I was trying.
So at the moment I prefer Array of Byte Scans.
Hope that helps, feel free to ask more questions.
I just learned these things the last few days and I am happy to share this new knowledge.
P.S.: I also hope that I explained everything correctly. Someone with more experience could leave a comment, if something is wrong. ^^
|
|