Cheat Engine

[Warezio]

When hitting an enemy u get to dmg him.. dmg is never the same.. its alittle random.. so cant scan for value..

But u see his hp.. like 200 .. So u find the memory location for it.. u hit him and u tap the "what write to this adress" u get this..

mov [esi+08],edi <- I guess the [ESI+08] Register holds the dmg

But how do i get that register to everytime be 255 in dmg... ??

Should i change the sentence to:

add esi, 000000FF

or??

The problem is that everytime there is a new monster the hp location changes .. and i simply cant find it with a pointer.. gets some really weird results..

[Dark Byte]

[esi+08] will hold the address of the health of the monster
edi holds the new value of health

the code that decreases edi will the the damage it does and if you change that you change the damage it does.

But, you could also just change the code just before that mov into xor edi,edi (2 bytes) or change the instruction to mov [esi+8],0 (7 bytes) so the monsters health becomes 0
Take in mind that the same coude could also be used for your own player.

You could try the code inject template in the auto assemble to do all the jumping and nopping for you for easier editing. (Less concerns about opcode size)


Also, if you just intend on finding the health address of the monster you're fighting, then add this code to the code list and choose the option "Find out what addresses this code writes to"
It will then fill a list with addresses that get used by that code (all the health addresses of all the monsters you damage)

[Tsongkie]

hmm with cheat engine auto assembler, i would probably do it as this

00010ABF: //(CODE CAVE)
mov dword ptr[esi+08],00000000
jmp address_here //where address_here is the next address to mov [esi+08],edi

address_of_mov [esi+08],edi_here: //address of mov [esi+08],edi
jmp 10abf
nop


1. im guessing mov [esi+08],edi is 6 bytes which it normally is
2. this is also called one hit kill