Cheat Engine

[Yraen]

I'm working on finding the health values in a game, and I can find them easily enough. However, I am having difficulty with the pointers.

I do the standard "What Writes to This" scan and then search for the "best guess." It consistently gives me a single 'green' result, always with the same address.

If I then add that address manually, it works as long as the "Find What Writes" dialog box is still open for the initial address. If I close that dialog, the manually added address becomes "??"

If I add some random other address to my list and do a "What Writes" scan, the pointer I added will start pointing at that address instead.

I'm sure it's something I am doing wrong, but I have no idea what.

[Dark Byte]

The best guess is wrong when the instruction is a read operation and one of the used registers is the destination
E.g mov eax,[eax+408] will show a wrong eax. Anyhow, since you know that eax+408 points to your health, you know eax was the address of your health-408. So use that calculation result as 4 byte hex to scan for

Also, it could be the green address you found is the address that contains the currently debugged address. Try picking a black address instead

[Yraen]

I think that makes sense. I think I'm just confused on where to go after the initial "What Writes" run.

The best guess is the same address as what I ran the debugger on, which is probably what's throwing me off.

The debugger returns lines 0008D23F and 008D242 as the opcodes used.

[docblue]

I tried to find HP in this game also (grimrock) with no luck. I was like 10 offsets deep and felt like it was going nowhere with the multilevel pointers. Pointer scanning failed me also. I've not had issues like this before. I'd really like to know if someone can figure this out and how they did it.