Cheat Engine

[Wronschien]

Hello, I'm trying to get a god mode in a game where one hit kills you.
All the tutorials I could find only talk about detecting a health-meter value, which this game doesn't have. I'm new to CE and can't think of a way.

Are there any methods to search for that ?

[abystus]

Start by finding the "living" flag which is usually a 0 or 1 depending on the game (ex: 1 while living, 0 when dead). Once you find this, you need to disable the routine that sets it to the death value when you die. To do this, find out what writes to that address, then die (something should write when you die). Once you have the routine in question (listed in the window from the previous step), you should be able to modify the code in such a way that the death value is never set (several ways to do this). Alternatively, you could find what reads that address, then modify the code in such a way that the game always reads you as being the "living" value regardless of the current value at that address.

[ParkourPenguin]

Unknown initial value, then changed / unchanged scans while you're alive and just after you die may result in something.

[++METHOS]

Ultimap.

[Wronschien]

ultimap ?

Anyway, I've found 4 values that switch between 0 and 1 when dying or respawning. I'm messing around the codes that write or access them, maybe I'll be able to do it but assembly really is not friendly to me !

[abystus]

[ParkourPenguin]

Ultimap: http://www.youtube.com/watch?v=T5sXoEEPFBQ

Also, don't freeze the values to test it, as CE might not write to the value fast enough in order to prevent you from dying. Replace the instruction that writes the dead value to the address with NOPs. It's usually safe to do that so long as the instruction in question doesn't modify the stack or the fpu stack.

[Wronschien]

The game is Defy Gravity, I'd like to do that also for Ethan Meteor Hunter though.

I've tried to lock the values but didn't work, they're probably secondary values that are affected with death. That's why I'd like to better understand assembly code to find what the "master trigger" is.

edit : nopping didn't work either

[++METHOS]

[abystus]

[Wronschien]

Well no luck, nopping all these didn't change a thing, I managed to run ultimap but this seems too advanced for my basic knowledge.

I guess I won't do it then, pity but no matter, thank you all !

[++METHOS]

If you can find the call that gets executed during the death sequence, a simple jump or nop will probably solve your problem.

Don't give up on ultimap if you are able to run it; it's not that difficult to figure out, comparatively speaking.

[Wronschien]

Actually one of the problems with this game is that the function calls don't seem attached to the main exe (I think the game is via XNA btw), so I can't filter this way and don't know which other routine is the right one.



Edit :

Ah I went forward eventually, I found a call that can be nopped and then no hit taken so god mode indeed (at least from one hazard, I would have to test from other ones). But the problem is that the instruction is dynamically allocated and the address it points to also changes dynamically.


I've tried to set up an aobscan as was hinted to me in a previous topic, the call takes up 6 bytes (so 6 nops) but I can only know the first 2 to disable the cheat (I took the structure from Rydian's tutorial) :

[ParkourPenguin]

First of all, make sure that AoB signature is unique (set writable&executable checkboxes to grey and scan for it).

Secondly, your offset on where you're starting to NOP things is wrong. The first byte (8B 43 10 ...) is nodamage+0. The 15th byte (the call; ... FF 15 ?? ??...) is nodamage+E, not nodamage+10.

As for disabling the script, the only easy solution I can think of is to use Lua to back up the bytes. Here's a full Lua version of that script:

[mgr.inz.Player]

@ParkourPenguin, There is readmem feature: