Cheat Engine

sdecorme · Cheater Reputation: 0 Joined: 07 Sep 2010 Posts: 33

Hi
I've a working pointer that give me this address.
"Engine.dll"+002FC778 + offset 20
With memory viewer and Ctrl+Alt+S I've found the base address of Engine.Dll => 10000000.
I suppose that the final address is
10000000 + 002FC778 + 20 = 102FC798
And I've done a goto address : 102FC798
But at this address I've found nothing interesting.
Is it the wrong address ?

Dark Byte · Posted: Sat Jan 29, 2011 4:34 pm Post subject:

sdecorme · Cheater Reputation: 0 Joined: 07 Sep 2010 Posts: 33

The address is what I've on the screenshot
only a list of add[eax],al ???

Ok I'm stupid Crying or Very sad

the code given by memory view is the decompilation of the exe code so.
in my screenshot you can see the value (4byte => address)
at the address "Engine.dll"+002FC778 there is
90 87 E2 11 coded in big endian give 11E28790 +20 = 11E287B0.
It work I've understand it.
But now how can I found who write 90 87 E2 11 at "Engine.dll"+002FC778.
the function "find out..." doesn't work any of them Question

Thanks

sdecorme · Cheater Reputation: 0 Joined: 07 Sep 2010 Posts: 33

I've understand why It is impossible to find how write in my adress :
"sbk2010.dll"+01BDFC64 + Offset 0 , it because it was written as the launch game .
I've done a Who write to this address at the launch game and I've found only one access that load my address .
It is a mov [edi+04],eax
eax = 04C1CFA8 = "sbk2010.dll"+01BDFC64 +offset 0
edi+4 = 02B1FC64 => in green like a static one .

But now is it possible to do the reverse way to find the rest of the structure.
I've done a memory dissect => structure with 02B1FC64 as base address and I've found a lot of pointer . How Can I go with this pointer to a final value ?
thanks