Cheat Engine

661089799107 · Last edited by 661089799107 on Thu Jun 10, 2010 5:24 am; edited 1 time in total

I'm trying to do step 8 of tutorial.exe. Can someone tell me what I am doing wrong?

Here is the table that I have, after finding the static address. (Won't let me use [img])

img824.imageshack.us/img824/965/beforetable.png

What accesses this address: (00964CFC, 1st address in above image)

img816.imageshack.us/img816/8883/accesseshealth.png

What accesses this address: (2nd address in first image)

img820.imageshack.us/img820/5245/accesses1afterhealth.png

What accesses this address: (3rd address in first image)

img819.imageshack.us/img819/8426/accesses2afterhealth.png

What accesses this address: (4th address in first image)

img819.imageshack.us/img819/5581/accesses3afterhealth.png

What accesses this address: (5th address in first image)

img823.imageshack.us/img823/6968/accesses4afterhealth.png

And then after clicking "change pointer":

img815.imageshack.us/img815/6697/aftertable.png

Uzeil · Moderator Reputation: 6 Joined: 21 Oct 2006 Posts: 2411

Sorry but I can't be sure what's going on in these pictures, mostly because the table is the same size the whole way through.

I'll just remind you of this:

When you look at mov [ebx+18], edi for example, then your pointer there was be the address in EBX, plus 18. But that also isn't where you stop

Let's say this is how you got to the static address:

You start with address 700
Then you find out that some [eax+6] gets your offset, meaning [eax+6] = 700, where let's say(when you look down at the table) EAX is 500.
So at that point you have the pointer of Address: 500, Offset: 6 (which gives you 700)
Then lets say you do the 'what accesses' again for the address 500, and you get [ebx], where EBX is 450. This means the value of the address 450 is 500. So now, in total, your pointer is: Address: 450, Offset: 0, then result of that with Offset 5. (Because [450+0] gets your 500, then [500+5] gets you your 700, the original address.)

If you're still having issues, put pictures of the 'Add Manual Address' screen, as that's likely where you're having issues.

661089799107 · Posted: Thu Jun 10, 2010 5:23 am Post subject:

Thanks, was able to figure it out Smile

img821.imageshack.us/img821/4525/done.png

Uzeil · Moderator Reputation: 6 Joined: 21 Oct 2006 Posts: 2411

Congrats

661089799107 · Posted: Thu Jun 10, 2010 7:42 am Post subject:

Uzeil · Moderator Reputation: 6 Joined: 21 Oct 2006 Posts: 2411

Are you sure you're not accidentally scanning for the same thing?

Unfortunately there are some tricks to keep you from seeing it as easily as done in the tutorial, but that's uncommon(as a compiler generally wouldn't make that code, especially considering it would slow down every loading of the pointer which compilers aren't usually supposed to do)

...what I mean is, "are you sure you're not accidentally scanning for the same thing you scanned for earlier?"