Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Cmp apparently not working
Goto page 1, 2  Next
 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
LewcowVaal
Advanced Cheater
Reputation: 0

Joined: 30 Dec 2017
Posts: 59

PostPosted: Sat Dec 30, 2017 3:35 pm    Post subject: Cmp apparently not working Reply with quote

Hello everyone!
I apologize in advance for any kind of grammar mistake (and also for any script-related mistake) Embarassed
I can't post Images so you have to copy and paste and do stuff Razz

Basically i have found the instruction that accesses the 2 Addresses that i am interested to change:



So i proceeded by searching for a suitable offset to compare, because of the shared instruction (I checked registers too but no luck.):



I grouped the 2 base addresses i want in the Group 1 and the others in Group 2 and, as you can see, the offset at +04 is good for a compare.

So i wrote down this script:


When i enable it tho, my values are not changing.

If i replace the jne with a je, ALL the addresses will be affected by the instruction (my addresses will consequently change too).

What am i doing wrong?

P.S: If i directly modify my addresses, they will be changed, so i suppose there is no instruction watching and re-changing my addresses.

P.P.S: I tried also this: viewtopic.php?p=5720841

P.P.P.S: The Offset is correct, i've checked multiple times even restarting the PC.


I hope that everything was clear and also that someone will help me!
Thank you and Happy New Year Smile
Back to top
View user's profile Send private message
OldCheatEngineUser
Whateven rank
Reputation: 20

Joined: 01 Feb 2016
Posts: 1586

PostPosted: Sat Dec 30, 2017 3:54 pm    Post subject: Reply with quote

perhaps [edi+04] value is not a constant, or will change while-in-game.

lock group one addresses and add them again into another group and see if they change, alternatively you can compare the registers too.

_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
STN wrote:
i am a sweetheart.
Back to top
View user's profile Send private message Visit poster's website
LewcowVaal
Advanced Cheater
Reputation: 0

Joined: 30 Dec 2017
Posts: 59

PostPosted: Sat Dec 30, 2017 3:56 pm    Post subject: Reply with quote

OldCheatEngineUser wrote:
perhaps [edi+04] value is not a constant, or will change while-in-game.

lock group one addresses and add them again into another group and see if they change, alternatively you can compare the registers too.


I checked 4-5 times as i said and it was 46 all the times

Thanks for editing the images in the post!
Back to top
View user's profile Send private message
TheyCallMeTim13
Wiki Contributor
Reputation: 50

Joined: 24 Feb 2017
Posts: 976
Location: Pluto

PostPosted: Sat Dec 30, 2017 4:09 pm    Post subject: Reply with quote

The other thing to consider is that the code is working but the value is overwritten some where else, I would try stepping though the injection code to confirm if it is working or not. If it is then it is either not the real value (display or dummy) or you will need to deal with the other instructions that may only fire after you write to the value.
_________________
Back to top
View user's profile Send private message Visit poster's website
ParkourPenguin
I post too much
Reputation: 138

Joined: 06 Jul 2014
Posts: 4275

PostPosted: Sat Dec 30, 2017 4:26 pm    Post subject: Reply with quote

Floating point numbers usually go through the FPU in x86. When I see code treat them as plain old data (i.e. moved through general purpose registers), it usually isn't what I'm looking for. Another instruction is probably writing to the address, or that address doesn't hold the right value. (if changing the value yourself doesn't work, a code injection won't work either)

Set a breakpoint in your code injection and see what happens. If it hits too often on the cmp instruction, place it on "mov [edi+30],(float)200" so you can see if it's at least taking the branch.

_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
LewcowVaal
Advanced Cheater
Reputation: 0

Joined: 30 Dec 2017
Posts: 59

PostPosted: Sat Dec 30, 2017 4:45 pm    Post subject: Reply with quote

TheyCallMeTim13 wrote:
The other thing to consider is that the code is working but the value is overwritten some where else, I would try stepping though the injection code to confirm if it is working or not. If it is then it is either not the real value (display or dummy) or you will need to deal with the other instructions that may only fire after you write to the value.


ParkourPenguin wrote:
Floating point numbers usually go through the FPU in x86. When I see code treat them as plain old data (i.e. moved through general purpose registers), it usually isn't what I'm looking for. Another instruction is probably writing to the address, or that address doesn't hold the right value. (if changing the value yourself doesn't work, a code injection won't work either)

Set a breakpoint in your code injection and see what happens. If it hits too often on the cmp instruction, place it on "mov [edi+30],(float)200" so you can see if it's at least taking the branch.


The Addresses are correct, if i change them directly via CE they will change effectively and not revert back. (if this is what u mean)

There is only a SINGLE instruction constantly writing at the first address (it is the instruction i'm injecting to).

I forgot to say: They are 2 addresses of Y coordinates of 2 different objects

I will try what you both said, will take some time
Back to top
View user's profile Send private message
TheyCallMeTim13
Wiki Contributor
Reputation: 50

Joined: 24 Feb 2017
Posts: 976
Location: Pluto

PostPosted: Sat Dec 30, 2017 5:38 pm    Post subject: Reply with quote

Perhaps the "EDI+4" address is a flag for a stage in the procedure and is always 46 at that one point, but this happens so fast that you never see it in the dissect data structure form.

Quote:
If i replace the jne with a je, ALL the addresses will be affected by the instruction (my addresses will consequently change too).


This is what got me thinking about that, that it is really always equal to 46 here. Again you will just have to step though the code to see.

Hope it helps.

_________________
Back to top
View user's profile Send private message Visit poster's website
LewcowVaal
Advanced Cheater
Reputation: 0

Joined: 30 Dec 2017
Posts: 59

PostPosted: Sat Dec 30, 2017 6:14 pm    Post subject: Reply with quote

TheyCallMeTim13 wrote:
Perhaps the "EDI+4" address is a flag for a stage in the procedure and is always 46 at that one point, but this happens so fast that you never see it in the dissect data structure form.

Quote:
If i replace the jne with a je, ALL the addresses will be affected by the instruction (my addresses will consequently change too).


This is what got me thinking about that, that it is really always equal to 46 here. Again you will just have to step though the code to see.

Hope it helps.


Wow, that's smart.
I'll check if that address is being writed too. Thank you


EDIT: Maybe you were right, that offset is being writed constantly by 3 instructions: (img below)

ht tps:// i. img ur. com/Jm EyGa1.png

Even tho they are and/or
Back to top
View user's profile Send private message
TheyCallMeTim13
Wiki Contributor
Reputation: 50

Joined: 24 Feb 2017
Posts: 976
Location: Pluto

PostPosted: Sat Dec 30, 2017 7:43 pm    Post subject: Reply with quote

I would back trace the base address to use as an identifier or just find a different identifier in the structure.
_________________
Back to top
View user's profile Send private message Visit poster's website
LewcowVaal
Advanced Cheater
Reputation: 0

Joined: 30 Dec 2017
Posts: 59

PostPosted: Sun Dec 31, 2017 8:35 am    Post subject: Reply with quote

I wanted to try with registers, as you can see in the following image:



The green-ish are my addresses, i noticed that EDX has an unique value; so my script became:



Still not changing the single address.

Could it be that even the register is constantly changing?[/img]


Last edited by LewcowVaal on Thu Dec 08, 2022 9:46 am; edited 1 time in total
Back to top
View user's profile Send private message
TheyCallMeTim13
Wiki Contributor
Reputation: 50

Joined: 24 Feb 2017
Posts: 976
Location: Pluto

PostPosted: Sun Dec 31, 2017 10:51 am    Post subject: Reply with quote

Yeah, my bet is that, that is an address used some where in the procedure.
What I would try is to back trace the base address to a point when only the base for the player is calculated. There is a spot where only the players base is calculated. But It may be be several levels back to get to that point.

Ever table I do I always try to find a solid base and test the hell out of it before writing any cheats. This way I get around a lot of guess work when identifying the player.

_________________
Back to top
View user's profile Send private message Visit poster's website
LewcowVaal
Advanced Cheater
Reputation: 0

Joined: 30 Dec 2017
Posts: 59

PostPosted: Sun Dec 31, 2017 1:57 pm    Post subject: Reply with quote

TheyCallMeTim13 wrote:
Yeah, my bet is that, that is an address used some where in the procedure.
What I would try is to back trace the base address to a point when only the base for the player is calculated. There is a spot where only the players base is calculated. But It may be be several levels back to get to that point.

Ever table I do I always try to find a solid base and test the hell out of it before writing any cheats. This way I get around a lot of guess work when identifying the player.


I just need to figure out how to do that!
Back to top
View user's profile Send private message
TheyCallMeTim13
Wiki Contributor
Reputation: 50

Joined: 24 Feb 2017
Posts: 976
Location: Pluto

PostPosted: Sun Dec 31, 2017 2:13 pm    Post subject: Reply with quote

No general tutorial for that on the wiki, I will report back after completion but it may be a little bit. But it's amateur night tonight too, so I will be hanging out at home.
_________________
Back to top
View user's profile Send private message Visit poster's website
LewcowVaal
Advanced Cheater
Reputation: 0

Joined: 30 Dec 2017
Posts: 59

PostPosted: Sun Dec 31, 2017 2:33 pm    Post subject: Reply with quote

TheyCallMeTim13 wrote:
No general tutorial for that on the wiki, I will report back after completion but it may be a little bit. But it's amateur night tonight too, so I will be hanging out at home.


I guess that should be similar to finding a base pointer...

I appreciate your dedication, just take your time and enjoy the ending of this year Smile
Back to top
View user's profile Send private message
TheyCallMeTim13
Wiki Contributor
Reputation: 50

Joined: 24 Feb 2017
Posts: 976
Location: Pluto

PostPosted: Mon Jan 01, 2018 2:07 am    Post subject: Reply with quote


_________________
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites