View previous topic :: View next topic |
Author |
Message |
Boomshakalaka How do I cheat? Reputation: 0
Joined: 16 Jan 2017 Posts: 1
|
Posted: Mon Jan 16, 2017 6:40 pm Post subject: I've been playing around with CEMU and XCX |
|
|
So I downloaded the Big Endian values and searched for HP,XP, money, etc using 4 byte Big Endian and was able to edit those easily. I found the time and managed to freeze it so that it would stay night. There's a lot of bloom issues during the day with AMD cards.
I've watched a lot of tutorials, but I can't seem to find pointers for any of these values. I've used the pointer search. I've looked at what it writes to and accesses. I'm kind of stumped. I don't mind re-searching the values each time, but I would just like to know what I'm doing wrong. I have MEM_MAPPED checked. I have used the search for unknown values of every type and narrowed it down to 4 each time.
Maybe it's harder because it's an emulator. If anyone has any tips, please hit me up.
|
|
Back to top |
|
|
reinzhart Advanced Cheater Reputation: 0
Joined: 30 Nov 2010 Posts: 58
|
Posted: Thu Jan 19, 2017 11:35 pm Post subject: |
|
|
yeah it's really hard to find pointer hope someone found a way or maybe integrated cheat option inside cemu in future would be nice to have.
btw did you ever find how to change material or item number?
i need for mineral in early game it's really hard and too long to wait.
|
|
Back to top |
|
|
Banned How do I cheat? Reputation: 0
Joined: 23 Jun 2015 Posts: 3
|
Posted: Fri Apr 07, 2017 11:30 am Post subject: |
|
|
Same thing as OP here, need someone with more skill than us to figure this out I guess...lol
|
|
Back to top |
|
|
maxdice How do I cheat? Reputation: 0
Joined: 24 Apr 2017 Posts: 7
|
Posted: Mon Apr 24, 2017 7:44 pm Post subject: CEMU pionters |
|
|
Hey everyone,
So i was playing around with CE and Cemu and found a way to locate POINTERS so your values would stay. I only did this on BOTW not sure if it will work for other games. Also i noticed that using the CEMU HOOK actually helps in locating POINTERS. Also saved trainers will only work on the cemu version it was created on ( i tested different versions of cemu and some values where located by the pointers some wasn't when playing on a different version).
Having knowledge of how to calculate hex values also helps. but you can just puch the address in windows calculator and use its hex calculator.
Step 1. locate the value you wanna modify. ( eg. Stamina. @ address 1825BA584)
Step 2. click on "what access/writes to this address" either one should work
Step 3. I found that its doesn't really matter in the case of cemu what process you click on the values all add back to the address were looking for. , However edit your value and select any of the new processes that come up in the debugger.
Step 4. Now select a process and then on the side hit MORE INFO.
ATTENTION THIS IS THE TRICK WITH CEMU ADDRESSES.
NOW CE will recommend an ADDRESS for your pointer. HOWEVER DO NOT USE THAT ONE.
LOOK at whats highlighted in RED should say something like move [r13 + rsi + 68].
NOW these are the values thats important for you. Because when you add them together you get your address of the value your modding
Step 5. In the list below you'll see a bunch of Address, but u only care about the addresses at : R13 and RSI also note the any values after the + . SO in my example its R13 = 140370000, RSI = 4278A51C and + 68.
NOTE: if you use your HEX calculator and ADD thise values they should add back to your value your modding address (example 1825BA584).
Step 6. Now go back to Scan new and do a 4 byte HEX value search for the first address in the red line>> move [ blah + blew] in my case its the R13 address.
Now your gonna get a bunch of results ( couple hundreds and even thousands) , HOWEVER scroll to the very bottom of the results and you should see some values in GREEN.
ATTENTION:
I my case i normally see 1 to 5 different green values . THESE ARE STATIC ADDRESS and point to the actual emulator memory.
You can try any of these values and they should work for you. BUT to make sure they pointer to CEMU.
Step 7. Go ahead and double click one and add it to the bottom .
Now double click on the address again . IT should say something like cemu.exe + some hex values. --- COPY THAT .
Step 8. Now select POINTER in the box to turn it into a 4 byte pointer.
In the Bottom field PASTE the value you copied. ( cemu.exe + blah blah).
In OFFSET field which is one above it with arrows copy and paste [b]RSI value + 68 values we have from the MORE INFO screen.
NOW the GREYED OUT ADDRESS box at the TOP should show the ADDRESS of your value (ex. Stamina ) and its value.
IF its shows the correct address thats it you successfully located a pointer that will not reset when you load the game again.
SOME THINGS TO NOTE:
1.On all my searches there always at least one static address at the bottom which pointers to the cemu hook dll which is (dbghelp.dll + blah blah)..
Now I found that using this address is actually better than the cemu.exe ones because it always shows up in my searches. This comes in handy i noticed when switching different versions of cemu but using the same hook. I my test i mentioned earlier only the pointers i made with the cemu hook base address where located on different versions.
2. IN MY CASE OF BOTW the values are in BIG ENDIAN so the value shown in the ADDRESS bar will be different than what you have .
Thats because its showing the value in 4 byte....just change the drop down menu to what ever your value type is and it should show the same.
3. Also your pointers will sometimes not work when you load the game on a different version / or same. I noticed that restarting cemu fixes it. So close it and start it again.
ENJOY.
[/b]
Last edited by maxdice on Tue Apr 25, 2017 9:32 pm; edited 1 time in total |
|
Back to top |
|
|
sportyspice Newbie cheater Reputation: 0
Joined: 06 Apr 2017 Posts: 10
|
Posted: Tue Apr 25, 2017 12:20 pm Post subject: Re: CEMU pionters |
|
|
maxdice wrote: | Step 5. In the list below you'll see a bunch of Address, but u only care about the addresses at : R13 and RSI also note the any values after the + . SO in my example its R13 = 140370000, RSI = 4278A51C and + 68.
NOTE: if you use your HEX calculator and ADD thise values they should add back to your value your modding address (example 1825BA584).
Step 6. Now go back to Scan new and do a 4 byte HEX value search for the first address in the red line>> move [ blah + blew] in my case its the R13 address.
.
[/b] |
The addresses I get don't add up back to the original address. Also, searching for the first value in (4byte hex search) returns nothing. I tried this with 5 different values and tested all the debugger entries for each.
Not sure why it works for you and not for me. What version of cemu are you using?
Do you have Skype or something similar? I'm working a pretty big BOTW hack/trainer and I'd really like your help.
Thanks!
**EDIT: I know the problem more or less. You see the right assembly code, somehow. The rest of us don't. I see a push command, not a move command, and it's wrong. Did you add some special plugins to cheat engine to allow it to read PPC assembly?
**EDIT2: Even without seeing the right assembly code I have now figured out how to make it work! Thanks, you are awesome. I would still like to know though how are you able to see the correct code.
Last edited by sportyspice on Tue Apr 25, 2017 1:56 pm; edited 1 time in total |
|
Back to top |
|
|
maxdice How do I cheat? Reputation: 0
Joined: 24 Apr 2017 Posts: 7
|
Posted: Tue Apr 25, 2017 1:54 pm Post subject: |
|
|
I'll.do.a video later with my setup and steps. The only thing I added to.CE are big endian support. Also I have found and locked in values for hearts,stamina and, horse stamina as well. Found and edit values for everything in inventory from shrine orbs,korok seeds,wepons and armor. So if anyone needs help with finding stuff let me know.
|
|
Back to top |
|
|
sportyspice Newbie cheater Reputation: 0
Joined: 06 Apr 2017 Posts: 10
|
Posted: Tue Apr 25, 2017 2:00 pm Post subject: |
|
|
maxdice wrote: | I'll.do.a video later with my setup and steps. The only thing I added to.CE are big endian support. Also I have found and locked in values for hearts,stamina and, horse stamina as well. Found and edit values for everything in inventory from shrine orbs,korok seeds,wepons and armor. So if anyone needs help with finding stuff let me know. |
I have found all those things and a lot more. I was using byte scans till now to get all addresses again after a relaunch, which was tedious. This is working much better for me now with this method, you are great. I'd still like to know how are you able to see the correct assembly code though.
|
|
Back to top |
|
|
maxdice How do I cheat? Reputation: 0
Joined: 24 Apr 2017 Posts: 7
|
Posted: Tue Apr 25, 2017 2:28 pm Post subject: |
|
|
I'm using cemu 1.74 with lastest cemu hook searching most of my values as 4 byte big endians. As far as assembly code sometimes when u check a value you'll see processes being run with a counter to the left increasing on its own. I ignore these and do an action in the game that results in either a add or sub. It will load a few more processes with something like ( mov sub or add ) I just use one of those.
Note: I recently tired 1.75 and my pointers work however wen I try to do new ones and click what acess/writes it crashes cemu.
|
|
Back to top |
|
|
sportyspice Newbie cheater Reputation: 0
Joined: 06 Apr 2017 Posts: 10
|
Posted: Tue Apr 25, 2017 2:39 pm Post subject: |
|
|
Yes I also crash on 1.7.5 when trying to attach a debugger. I see the assembly code entirely incorrectly for all the entries, even the ones that write. It's been like this from the start (i've been messing with this for like a month now). It's not just the command itself that is incorrect, but also everything else within it, which is why the addresses I get there don't add up, and I definitely can't do anything more advanced like code injection.
Please, do you have Discord or Skype? It will be easier to talk and I'd really like to figure this out.
|
|
Back to top |
|
|
maxdice How do I cheat? Reputation: 0
Joined: 24 Apr 2017 Posts: 7
|
Posted: Tue Apr 25, 2017 2:53 pm Post subject: |
|
|
I can't PM as yet so PM and me your skype info and I'll be on later like after 12pm eastern time.
|
|
Back to top |
|
|
sportyspice Newbie cheater Reputation: 0
Joined: 06 Apr 2017 Posts: 10
|
Posted: Tue Apr 25, 2017 3:20 pm Post subject: |
|
|
I put my skype username under aim on my profile. (just hover with the mouse, you'll figure it out )
|
|
Back to top |
|
|
daninthemix Cheater Reputation: 0
Joined: 29 Jul 2013 Posts: 39
|
Posted: Tue Jun 13, 2017 11:10 am Post subject: |
|
|
I'm getting nowhere fast. Just searching for lives in NSMBU - found the address, but when I search for 'What writes to this address', i just get
And rcx is 000001C9, R8 is 000001E4
|
|
Back to top |
|
|
|