 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Zaladine
Expert Cheater
 Reputation: 3
Joined: 14 Oct 2012
Posts: 129
Location: Djokdja, Indonesia
|
 Posted: Thu Oct 03, 2013 11:19 am Post subject: |
 |
|
Hey... I've done simulated the need to unlock levels through stage 134. The method used is the very same i've done before (see my previous post)... And here's some quick screen shoots:
1. I searched for the address of live value and got some results. I picked one of them:
2. Modified the value on the fly (directly to memory viewer), and turned out that it was the valid live address...
3. Through memory viewer i modified the level records (scores and ranks) all the way down to approximately level 134. I intentionally made all scores to 0 and 1 star ranks so that anyone can beat them in future play...
4. I quit to main menu, and re-enter the level maps. And here's what i got:
the levels was indeed completed to certain state, but they haven't yet been validated...
5. I restarted BlueStacks and re-enter Candy Crush Saga to found that the levels were validated... It was a successful level unlocking hack...
The big drawbacks however: by leaping level completions some levels at which certain booster items are distributed freely won't give anything though we play them later intentionally, thus unable us to do booster items hack (which is very basic hack)...
| gabarito wrote: | | I tried to unlock the map running the last gate available, that have 3 challenges. It was useless. When I fulfill the last challenge, the map remains locked and I'm prompt to fulfill 3 more challenges, as if I had done nothing. |
Try my method above: (even) restart BlueStacks and re-run Candy Crush Saga to see if the hack takes effect... Please understand that we can't answer such circumstances at which we haven't experience the same yet....
| gabarito wrote: | | I'm trying to find out which files it changes when running the game. There is a file called Map, but I'd watched no changes in it. This another approach, watching files changing. Have you ever think to try out? |
Any approach are valuable for certain conditions. This file changing examination sure will useful in future...
| gabarito wrote: | | Now I'm more confortable to navigate through the Memory Viewer and I can get addresses changing on the fly, to locating what variable I need to change. Good tool! |
That's one of the very reason i love memory-hacking-wise... 
| gabarito wrote: | | When you have any solution about to unlock the main map, please tell us. |
Please retry the hack similar way like my screen shots here... Hope it works this time...
| gabarito wrote: | More infos.
At picture1 we can see my track. I'd run the game without hacking until level 104. Scores and Stars are real ones. Level 105 and forward I filled the addresses with Score 100 (or 200) and Stars 3. Score at 104 is 147320. After play for a while the last Gate (just after Level 110) I noticed new Scores, at 119 and 126. Previously I had filled that with 200 and 300, not that numbers. The last filled address is Level 130. |
Since the records for 'gate unlocking levels' are retrievable, then it is very much logical that they stored somewhere in the memory, and seems like you've just found them...
They could be interesting point to start experimenting... 
_________________
... to boldly go where no eagle has gone before ... |
|
| Back to top |
|
 |
gabarito
Newbie cheater
![]() Reputation: 0
Joined: 03 Sep 2013
Posts: 24
|
| Posted: Thu Oct 03, 2013 12:49 pm Post subject: |
|
|
It's taking so much time and going too hard for me...
Newbie's stuff.
Now, I'm stuck in a certain way that the current level is locked too.
See at Picture1 the level where the user pic is locked. I deleted all Scores and Stars from 105 to 135, Picture2, the part I had hacked. But the user's pic became stuck at level 135, nevertheless the current level is 104, as we can see at Picture1.
I suspected that number 130 was the some magic number, but I changed it and nothing happend. So, I change back to 130.
When I change the Scores, just to go to main menu is enough to go back to map and see the changes in there.
When you say "quit BlueStacks" you mean right click on System Tray and click Stop, or you simple click (X) button of the window? Because simple click on (X) do not stop BlueStacks Agent, I guess.
I'm trying to free the user's pic, without sucsess... 
| Description: |
|
| Filesize: |
346.68 KB |
| Viewed: |
46421 Time(s) |
|
| Description: |
|
| Filesize: |
562.51 KB |
| Viewed: |
46421 Time(s) |
|
|
|
| Back to top |
|
|
Zaladine
Expert Cheater
Reputation: 3
Joined: 14 Oct 2012
Posts: 129
Location: Djokdja, Indonesia
|
|
| Back to top |
|
|
Zaladine
Expert Cheater
Reputation: 3
Joined: 14 Oct 2012
Posts: 129
Location: Djokdja, Indonesia
|
|
| Back to top |
|
|
gabarito
Newbie cheater
![]() Reputation: 0
Joined: 03 Sep 2013
Posts: 24
|
|
| Back to top |
|
|
Zaladine
Expert Cheater
Reputation: 3
Joined: 14 Oct 2012
Posts: 129
Location: Djokdja, Indonesia
|
| Posted: Fri Oct 04, 2013 11:39 am Post subject: |
|
|
| gabarito wrote: | You have 2 small homeworks, Zaladine. Not just for me, but to the whole CCrush fans:
1 - Tell us how did you transform ordinary candies into special ones
2 - Unlock that damn map...
 |
I've never consider them as homework. Instead, i take them as puzzles, and that's the very reason i found it fun and exciting. It's been always that in hacking games...
As for number 2, i believe have stated earlier, that i couldn't help more since i have never had same experience. Even when i tried to simulate your condition (of which i posted it before), the problem similar of yours was not came up. I guess that's the best i can do to help, and i am still learning here...
Now for number 1:
I got the code of each candy color by playing level 100 (or few around it), where there are some bomb-like candies with counter in it. Upon finding this counter address i then studied the values around this address (i suppose this is a good habit in hacking any type of games)...
After some experiments with these values, it turned out that:
- 16 bytes before the bomb counter address IS the address of Candy's Color Code
- 20 bytes before the bomb counter address IS the address of Candy's Type Code
So, it brought me to these candy's color codes:
| Code: | 0 - Red
1 - Green
2 - Blue
3 - Yellow
4 - Orange
5 - Purple |
Some Candy Types Codes are:
| Code: | 0 - Normal / Common Candy
1 - Horizontal Striped Candy
2 - Vertical Striped Candy
3 - Wrapped Candy
4 - Normal (unknown)
5 - Multicolored Bomb Candy
6 - Fish
9 - +5 second time addition
etc... |
Then it was pretty much easy to do: i tried several GroupScan strings to find those yellow candies addresses and altered their types altogether. And that's where my screen shots were taken... And the saga continues...
_________________
... to boldly go where no eagle has gone before ... |
|
| Back to top |
|
|
boy toy
Expert Cheater
 Reputation: 0
Joined: 28 May 2007
Posts: 173
Location: Behind You
|
| Posted: Fri Oct 04, 2013 2:18 pm Post subject: |
|
|
| Zaladine wrote: | | gabarito wrote: | You have 2 small homeworks, Zaladine. Not just for me, but to the whole CCrush fans:
1 - Tell us how did you transform ordinary candies into special ones
2 - Unlock that damn map...
|
I've never consider them as homework. Instead, i take them as puzzles, and that's the very reason i found it fun and exciting. It's been always that in hacking games...
As for number 2, i believe have stated earlier, that i couldn't help more since i have never had same experience. Even when i tried to simulate your condition (of which i posted it before), the problem similar of yours was not came up. I guess that's the best i can do to help, and i am still learning here...
Now for number 1:
I got the code of each candy color by playing level 100 (or few around it), where there are some bomb-like candies with counter in it. Upon finding this counter address i then studied the values around this address (i suppose this is a good habit in hacking any type of games)...
After some experiments with these values, it turned out that:
- 16 bytes before the bomb counter address IS the address of Candy's Color Code
- 20 bytes before the bomb counter address IS the address of Candy's Type Code
So, it brought me to these candy's color codes:
| Code: | 0 - Red
1 - Green
2 - Blue
3 - Yellow
4 - Orange
5 - Purple |
Some Candy Types Codes are:
| Code: | 0 - Normal / Common Candy
1 - Horizontal Striped Candy
2 - Vertical Striped Candy
3 - Wrapped Candy
4 - Normal (unknown)
5 - Multicolored Bomb Candy
6 - Fish
9 - +5 second time addition
etc... |
Then it was pretty much easy to do: i tried several GroupScan strings to find those yellow candies addresses and altered their types altogether. And that's where my screen shots were taken... And the saga continues... |
Is it possible to make all candies to one colored candies?
|
|
| Back to top |
|
|
Zaladine
Expert Cheater
Reputation: 3
Joined: 14 Oct 2012
Posts: 129
Location: Djokdja, Indonesia
|
| Posted: Fri Oct 04, 2013 5:45 pm Post subject: |
|
|
In theory it's possible... However, once they changed into one same color, they will crush immediately due color matching...
_________________
... to boldly go where no eagle has gone before ... |
|
| Back to top |
|
|
gabarito
Newbie cheater
![]() Reputation: 0
Joined: 03 Sep 2013
Posts: 24
|
| Posted: Fri Oct 04, 2013 5:54 pm Post subject: |
|
|
I found out one more trick.
I can fulfill the 3 challenges just changing the number 1 and 2 pointed by a big red arrow to 3. That address controls if the challenges were completed.
I could see more addresses changing just before and after complete a challenge. They are pointed by small arrows, but I don't know what are they.
The 4000 and 3999 are the lives address.
I'm still stuck with the user pic don't wanting to go to where I want.
Edited:
How to save the Memory region and compare afterwards?
I saw how to save, but not how to compare. I'm comparing using screen capture.
| Description: |
|
| Filesize: |
29.2 KB |
| Viewed: |
46336 Time(s) |
|
|
|
| Back to top |
|
|
Zaladine
Expert Cheater
Reputation: 3
Joined: 14 Oct 2012
Posts: 129
Location: Djokdja, Indonesia
|
| Posted: Fri Oct 04, 2013 6:56 pm Post subject: |
|
|
| gabarito wrote: | I found out one more trick.
I can fulfill the 3 challenges just changing the number 1 and 2 pointed by a big red arrow to 3. That address controls if the challenges were completed.
I could see more addresses changing just before and after complete a challenge. They are pointed by small arrows, but I don't know what are they.
The 4000 and 3999 are the lives address. |
That's a very nice finding... Those changing values (the one you pointed with arrows) are there for reasons. I recommend you to study them further... There could be important values around them...
| gabarito wrote: | How to save the Memory region and compare afterwards?
I saw how to save, but not how to compare. I'm comparing using screen capture. |
At Memory Viewer, use File > Save memory region (Ctrl+S). However, it seems that we have to use 3rd party software to compare those saved memory dumps...
There is also Tools > Dissect data/structures. But its purpose seems to be different. I don't think we can compare the same addresses using this feature. Yet, it's very handy to compare addresses which structures are matched...
_________________
... to boldly go where no eagle has gone before ... |
|
| Back to top |
|
|
Dark Byte
Site Admin
 Reputation: 471
Joined: 09 May 2003
Posts: 25835
Location: The netherlands
|
| Posted: Fri Oct 04, 2013 7:05 pm Post subject: |
|
|
Normally, you could allocate memory and load in there a copy of the saved region, open a secondary memoryview window and then use "link with other hexview" to show the differences between the two memview windows
But since you're messing with physical memory, there is no real method to allocate memory easily (and immediately get the physical address)
Anyhow, if you prefer to use CE, you can use the "Open file' feature in ce (open another instance) and then do a first scan with the first file loaded, and then a next scan/changed value after opening the second file, and get a list of changed results like that, but yeah, a dedicated file comparer might be easier
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Zaladine
Expert Cheater
Reputation: 3
Joined: 14 Oct 2012
Posts: 129
Location: Djokdja, Indonesia
|
|
| Back to top |
|
|
boy toy
Expert Cheater
Reputation: 0
Joined: 28 May 2007
Posts: 173
Location: Behind You
|
| Posted: Sat Oct 05, 2013 8:04 am Post subject: |
|
|
| Zaladine wrote: | | In theory it's possible... However, once they changed into one same color, they will crush immediately due color matching... |
How do I find a specific candy in the memory?
I have tried to scan its color and type but it found thousands of addresses, how can I filter them out?
|
|
| Back to top |
|
|
gabarito
Newbie cheater
![]() Reputation: 0
Joined: 03 Sep 2013
Posts: 24
|
| Posted: Sat Oct 05, 2013 10:00 am Post subject: |
|
|
| boy toy wrote: |
How do I find a specific candy in the memory?
I have tried to scan its color and type but it found thousands of addresses, how can I filter them out? |
Good question for our BlueStacks guru. I second your question.
I restored files I had save before to go with hacking tricks beyond level 104. My user pic was stable, standing where it would be, at level 104.
I filled Stars and went to level 110, just before the gate.
I filled address 2E2CC208 with 3, to complete the challenges.
User pic went to level 111 and this is the current level to go.
Comparing addresses, let's examine picture 1, with 3 different times:
Values are changing at arrows and rectangle.
What do you think are the arrow #3?
And the big values at rectangle #5?
I think arrow #2 is the last completed level
Address 2E2CC1EC is the position where the maps load for first time, I guess, not the completed level, changing from 95 to 109.
My target is to find out the address for open map and user pic position.
Saga continues.
Edited:
One more thing that I found out:
When the user pic is somewhere and I fill Stars address to complete levels, I have to take care to do not go beyond the next gate with challenges. If I do that, the user pic go ahead, but my current level don't. So, I fill the Stars addresses to just before the next gate. If user pic go further, I cannot (I don't know how to) bring it back.
| Description: |
|
| Filesize: |
32.16 KB |
| Viewed: |
46265 Time(s) |
|
|
|
| Back to top |
|
|
Zaladine
Expert Cheater
Reputation: 3
Joined: 14 Oct 2012
Posts: 129
Location: Djokdja, Indonesia
|
| Posted: Sat Oct 05, 2013 11:48 pm Post subject: |
|
|
| boy toy wrote: | | How do I find a specific candy in the memory? |
If i were to find exactly one specific candy's structure within the memory, say the candy right in the upper left corner of the candy board, then i can't do so yet.
What i did, as shown in my previous screen shots, was to find all of the yellow candies' structures. After found them, i deleted all unnecessary addresses and left only the candies type and color ones, then edited them simultaneously.
I used this GroupScan string:
| Code: | | 4:0 4:3 4:-1 4:0 4:* 4:* 4:-1 4:4 |
The elements details:
0 : Candy's Type Code (0=common)
3 : Candy's Color Code (3=yellow)
-1 : constant
0 : constant
* : variable
* : bomb-type counter
-1 : constant
4 : constant
Above GroupScan string will search for all current yellow-common-candies on puzzle board.
I kept the first element addresses (which held the value of each candy's type), and change them at the same time.
That's how i did the trick...
| boy toy wrote: | | I have tried to scan its color and type but it found thousands of addresses, how can I filter them out? |
Both candies' color and type are pretty much constant thus it is very difficult to filter them. In order to find the values, i took the advantage of bomb-counter (around level 100) since this counter keep changing at each taken step. When this counter address obtained, i study values around it via CE Memory Viewer and so i found those type and color addresses.
The GroupScan sting above however can't be assumed as a fix structure of a candy. We have yet to find more vital values such as candy's position on board.
Edit:
@gabarito: I will try to study more about your findings (the values around lives address) later. But can't promise to do so soon since i have much to do from today to few days ahead...
_________________
... to boldly go where no eagle has gone before ... |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
