Cheat Engine

[Senort11]

The game in question is Nom Nom Galaxy but I've seen this behavior in other games as well.

In this game, there are multiple levels and each time you start a level the address for money, resources, etc changes each time a level is started, including restarting a level.

How do I nail this down in my table so that I don't have to search for the new address each time a level is changed? Is this even possible?

[ParkourPenguin]

Pointers. If you're wondering what they are, this topic describes them pretty well.

If you're wondering how to find them, check out the CE tutorial located under the help menu of CE. You can also use the pointer scanner if you want (tutorial here).

If you don't want to use pointers, then the instructions that write to the values might not change between levels, in which case you could do an AoB injection on them (tutorial here), but you'll need to have a basic comprehension of assembly (tutorial here).

[Senort11]

I've used pointer scans to keep addresses up to date between game loads, don't know why I didn't think that would work between level loads. Lol

Thanks! I will try that out and see what I can do.

[Senort11]

Well so far I've had very little luck finding a pointer that works. I did manage to find one that held the value of money between loading levels, but upon restarting the game the pointer no longer pointed to anything valid and none of the other pointers in the scan it came from pointed to the correct address.

Is it possible that all these values are calculated randomly at runtime and I'll never find a pointer that always works?

[ParkourPenguin]

I doubt that. You could try expanding your search settings:

• Increase the max offset size of your pointers
  
• Search for higher level pointers
  
• Make sure you're allowing the stack addresses of the first few threads to be handled as static
  
• Increase the number of threads you're searching through
  
• Increase the max stack offset

Of course, doing so will make the pointer scan take longer and use up more disk space. You can ignore looping pointers to save disk space (but this might make it take longer), and you can set the end offset(s) yourself to make it faster and use up less disk space (but you might miss valid pointers).

Again, alternatively, you could just find out what instructions access whatever values you're trying to find a pointer to, and chances are you'll find one that's a good target for an AoB injection (which should be fine even between game restarts).

[Rydian]

If pointer scans are taking too long or being too annoying, you could try one of the other methods. Code editing and stuff can get things working in 30 seconds if the game is cooperative.

[Senort11]

I tried the injection copy method but when I got to the step that said to make sure the instruction only accessed the address for the value I needed, both instructions that accessed the address also accessed about 100 more.

When I tried the AoB injection method, I got to the part where that said try introducing nops, and the game just went black. There were still sounds but no way to interact with the game any longer. This leads me to think that the game might have some kind of protection against this kind of tampering.

I haven't tried the AoB to data method in the pointer tutorial, I will be doing that later today. Hopefully, I can make some progress with it.

[ParkourPenguin]

If an instruction accesses lots of addresses quite often and you NOP it, I'd be surprised if it didn't mess up your game.

What you could do is combine the two methods (pointers and code injection) by finding a pointer to your value that's persistent between levels (it doesn't have to be static!). Instructions that access that pointer might not access other addresses, making it a good target for code injection, so long as you can find a good signature for that AoB.

I did this a while ago on a flash game called fantastic contraption. I gave a pretty brief explanation of what I did here:
http://forum.cheatengine.org/viewtopic.php?p=5597167#5597167

[Rydian]

Yeah, if the instruction accesses a bunch of other things than messing with in any way is going to cause issues.

http://forum.cheatengine.org/viewtopic.php?t=583376
This has some things to do in that case.

[Senort11]

[ParkourPenguin]

Did you uncheck the box "Only find paths with a static address"? When you include dynamically allocated base pointers, you should be getting tons more. After changing levels (but not restarting the process itself) a few times and rescanning your pointer list every time, you should generally find over a hundred pointers (most being dynamic) that point to your address, even at a max pointer level as low as 3. At that point, it's just a tedious guessing game. One of those pointers has to be accessed at least once when you change levels.

If you don't want to play that guessing game, I can think of another way that's similar to the third method Rydian linked to; however, unless you plan on spending hours gathering and looking through data to maybe get a result that might work after relaunching the game, I really wouldn't recommend it.

[Senort11]

I didn't have that unchecked so I retried with that deselected.

It came up with about 130 results and I went through each one trying to find an instruction that only accessed that pointer but each instruction accessed multitudes of other addresses.

This game really has me scratching my head wondering why it's so strangely hard compared to others.

[Rydian]

Some games use lots of shared code, in these cases it will take more work to filter the results.

Do the instructions access the same data, but for other objects? Like if it's health do the instructions access everybody's health? If so you can use comparisons to filter the cheats down to just your unit.

However if it's instructions that modify damned-near-everything, then chances are the game is actually scripted internally using some game creation engine and there might be tutorials on script modding out there.

[Senort11]

I shying away from doing stuff that multiple entities might have like health or ammo. I figured it would be easier that way.

From what I understand of the game, only the player has materials and gold but both of those have the same difficulties of the instruction access many different things.

It would appear that this game is well beyond my ability at this point but the things I've learned trying to get a cheat working will definitely help me in the future. Thanks for all the tutorial links and help. It was really interesting stuff.

[Rydian]

Could you show us one of the instructions?