Cheat Engine

onomamashinee · Newbie cheater Reputation: 0 Joined: 27 Dec 2014 Posts: 19

I have found a value using dissect data/structures, however it is an offset within a pointer offset. It is offset +0000 within offset eax+1C4. Does anyone have any idea on how I could move it to values and/or compare it to values ou simply use this value in the auto assembler script? Btw, this value (offset 0000 within offset 1C4) is a string, and is text instead of numbers. Any help is immensely appreciated.

++METHOS · Posted: Tue Apr 26, 2016 11:33 am Post subject:

Change the string data type to 4 byte hex and compare against that. Assuming your originalcode is mov eax,[esi+04]:

ParkourPenguin · Posted: Tue Apr 26, 2016 11:34 am Post subject:

Those bytes need to be in reverse order, ++METHOS. 'cfba' (string) == 63 66 62 61 (AoB) == 61626663 (dword). CE can translate string literals to bytes automatically:

++METHOS · Posted: Tue Apr 26, 2016 1:58 pm Post subject:

I just used an online converter for the sake of providing an example. If he follows my instructions, he shouldn't have any problems.

onomamashinee · Newbie cheater Reputation: 0 Joined: 27 Dec 2014 Posts: 19

I tried following these instructions, but the game crashes everytime I activate anything in game that accesses the resulting script. Am I missing something? The original code is:

mov [eax-04],ecx
mov ecx,[ebp+00]

What I am trying to do, at least for now, is make [eax-04], 0 if the value in the offset is, for instance "cfba" or "babt" (text values in the offset 0000 of offset eax+1C4, which is a pointer)

hhhuut · Posted: Wed Apr 27, 2016 10:25 am Post subject:

You pop the edi register at the wrong place:

Cake-san · Posted: Wed Apr 27, 2016 10:31 am Post subject:

++METHOS · Posted: Wed Apr 27, 2016 10:43 am Post subject:

I don't understand why people can't follow simple instructions.

Anyway, you also want to make sure that your pointer is valid for all addresses. You may have to incorporate another filter if it's not.

onomamashinee · Newbie cheater Reputation: 0 Joined: 27 Dec 2014 Posts: 19

Tried changing the script to all of the above including fixing the location of the pop edi, but the game still crashes nonetheless. Thanks everyone for the help, but using offset 0000 of offset 1C4 just is not working right now. Autoassembler scripting is indeed complicated. Maybe I'll try using other, less complicated offsets that are not pointers.

++METHOS · Posted: Wed Apr 27, 2016 11:18 am Post subject:

Like I said, you may have to add another filter in the event that you're trying to process a invalid pointer.

onomamashinee · Newbie cheater Reputation: 0 Joined: 27 Dec 2014 Posts: 19

You are right ++METHOS, I've found that in certain rare situations eax+1C4 is actually 0 and not a pointer. It may even have other values in other situations I am not aware of. Even though these situations are not the ones I was trying to change, I see they prevent me from changing the ones I do want to change :~

++METHOS · Posted: Wed Apr 27, 2016 4:01 pm Post subject:

All you have to do is perform a check or test to see if the data is valid. There are several ways to do this, just check the forum. Once you have filtered all of the bad addresses out, then you can do your string compare without crashing the target.

onomamashinee · Newbie cheater Reputation: 0 Joined: 27 Dec 2014 Posts: 19

Added some more conditions before doing the string compare, and it worked like a charm. I think the problem is pretty much solved now. Smile

++METHOS · Posted: Thu Apr 28, 2016 5:05 am Post subject:

I guess......you're welcome?

onomamashinee · Newbie cheater Reputation: 0 Joined: 27 Dec 2014 Posts: 19