 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
luminebot
How do I cheat?
![]() Reputation: 0
Joined: 07 Jun 2021
Posts: 8
|
 Posted: Thu Feb 15, 2024 10:53 pm Post subject: Break when specific data is being written to the memory |
 |
|
Hi there!
First of all, I'm new to CE and debugging. I do apologize if what I'm trying to achieve doesn't make any sense.
I'm trying to figure out the address of function/method that generates a specific string. Say, the function that I'd like to know always generates the following string:
The string is not constant, and it is not stored within a static address, so it always spawns in a random address. Doing "Find out what accesses/writes this memory address" doesn't work because once the string is generated, no one actually reads or modifies the value (maybe there's read, but it will be far too late when I find the address via scanning).
Do any of you have any idea how I can achieve this? I was thinking to break the debugger if there's somehow a memory that match certain pattern (e.g if the debugger / CE find a pattern somewhere in the memory after write operation, it will break immediately) but I don't know if that possible.
|
|
| Back to top |
|
 |
ParkourPenguin
I post too much
 Reputation: 140
Joined: 06 Jul 2014
Posts: 4307
|
| Posted: Fri Feb 16, 2024 1:23 am Post subject: |
|
|
That's practically impossible.
If you know what action you have to take in order for the string to be generated, you can try ultimap or code filter (memory viewer -> tools) to find relevant code.
Maybe you can find a pointer to the string and find the relevant code from that. Try the pointer scanner- allow non-static base addresses, max level 2 or 3, don't restart the game between rescans.
Of course, this assumes the string is still alive. If the game allocates some memory and frees it almost immediately after, there probably is no pointer path by the time you scan for it. Maybe the game leaves pointers dangling to freed memory, but I wouldn't bet on it.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
luminebot
How do I cheat?
![]() Reputation: 0
Joined: 07 Jun 2021
Posts: 8
|
| Posted: Fri Feb 16, 2024 4:22 am Post subject: |
|
|
Hi! Thanks for the answer.
| ParkourPenguin wrote: |
If you know what action you have to take in order for the string to be generated, you can try ultimap or code filter (memory viewer -> tools) to find relevant code. |
It basically happens at the start-up of the program, specifically when making an HTTP request to a server. On each request, the program will somehow write some information about the request somewhere in the memory, and the address is unique to each request.
With that said, I never use the Ultimap or code filters. Can you please write a short guide how can I do this for this particular problem?
| ParkourPenguin wrote: |
Maybe you can find a pointer to the string and find the relevant code from that. Try the pointer scanner- allow non-static base addresses, max level 2 or 3, don't restart the game between rescans.
Of course, this assumes the string is still alive. If the game allocates some memory and frees it almost immediately after, there probably is no pointer path by the time you scan for it. Maybe the game leaves pointers dangling to freed memory, but I wouldn't bet on it.
|
There's nothing I can do to trigger this request manually aside from restarting the program. Fortunately, the program sends a heartbeat request every certain period. What I can tell is that this memory blocks sometimes are freed up, they often stay long enough for me to scan it though.
Also, I never use pointer scan as well, mind sharing some steps to do this?
|
|
| Back to top |
|
|
ParkourPenguin
I post too much
Reputation: 140
Joined: 06 Jul 2014
Posts: 4307
|
| Posted: Fri Feb 16, 2024 11:35 am Post subject: |
|
|
There's one or two videos on youtube showing ultimap. The code filter isn't much different. If it's only run once when the game is first started, I don't think it'll help.
The pointer scanner might not help here either, but if you want to learn it anyway, see this video on step 8 of the tutorial:
https://www.youtube.com/watch?v=3dyIrcx8Z8g
Since you have to restart the game, you need a static base to even find a path. Increase max level too, and make sure you use multiple pointer maps as shown in the video.
If you know it's making an http request, you could set a breakpoint on some relevant API and go from there. Maybe hook it directly depending on what you want to do. I'm not familiar enough with Windows to say specifically which API is a good target.
You might have better luck on forums that specifically target multiplayer games. I don't know any and won't help you find them.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
