| View previous topic :: View next topic |
| Author |
Message |
Dr.Disrespect
Grandmaster Cheater
![]() Reputation: 3
Joined: 17 Feb 2016
Posts: 526
|
 Posted: Fri Mar 18, 2016 11:22 am Post subject: Offsets. |
 |
|
Please take a look at the following code, I tried to google for the answer but I couldn't.
| Code: |
movsx eax,word ptr [eax+01900000]
imul eax,eax,00000908
movsx eax,byte ptr [eax+esi+01911111]
|
The memory address(offset) "01900000" confuses me. The value at "01900000" keeps changing when I restart the game and load the same game-save file, however, the effect of this code stays the same.
How is the offset or the address calculated? Thanks |
|
| Back to top |
|
 |
hhhuut
Grandmaster Cheater
 Reputation: 6
Joined: 08 Feb 2015
Posts: 607
|
| Posted: Fri Mar 18, 2016 11:28 am Post subject: |
|
|
Is this a dynamic game?
Or sometimes CE calculates the addess wrong because the actual instruction i.e. is coded as
| Code: | | movsx eax,word ptr [eax+"Game.exe"+12345] |
of which CE calculates the absolute address and displays it as an offset (I've experienced that with PES2016 ...) |
|
| Back to top |
|
|
Cake-san
Grandmaster Cheater
 Reputation: 8
Joined: 18 Dec 2014
Posts: 541
Location: Semenanjung
|
| Posted: Fri Mar 18, 2016 11:33 am Post subject: |
|
|
Well, you can try labelling & registering symbol for that value/offset
example:
a script from crush crush table for pointer.
| Code: |
aobscan(aob_scan,8B 05 * * * * 8B 0D * * * * 83 E1 FC)
label(_O)
[aob_scan+20]:
_O:
label(_B)
[[aob_scan+8]]:
_B:
registersymbol(_O)
registersymbol(_B)
/////
label(_BO)
[_B+_O+50]:
_BO:
registersymbol(_BO)
|
Then you can use it in add address:
Bonus mutiplier address: _BO+_O+34
_________________
... |
|
| Back to top |
|
|
Dr.Disrespect
Grandmaster Cheater
![]() Reputation: 3
Joined: 17 Feb 2016
Posts: 526
|
| Posted: Fri Mar 18, 2016 11:36 am Post subject: |
|
|
| hhhuut wrote: | Is this a dynamic game?
Or sometimes CE calculates the addess wrong because the actual instruction i.e. is coded as
| Code: | | movsx eax,word ptr [eax+"Game.exe"+12345] |
of which CE calculates the absolute address and displays it as an offset (I've experienced that with PES2016 ...) |
Thanks for the reply. I didn't use the "module address" view mode because it changes every time when I restart the game. Can you explain more about "absolute address"?
@Cake-san:
Thank you for the reply. The symbols in your code is hard for me to understand, I am still digesting it.  |
|
| Back to top |
|
|
Cake-san
Grandmaster Cheater
Reputation: 8
Joined: 18 Dec 2014
Posts: 541
Location: Semenanjung
|
|
| Back to top |
|
|
Dr.Disrespect
Grandmaster Cheater
![]() Reputation: 3
Joined: 17 Feb 2016
Posts: 526
|
| Posted: Fri Mar 18, 2016 5:15 pm Post subject: |
|
|
| Cake-san wrote: | | fmanager wrote: |
@Cake-san:
Thank you for the reply. The symbols in your code is hard for me to understand, I am still digesting it. |
Lol, B is for base address and O is for offset.It's simpler for me to type it.
That aob signature contain the base address and an offset that always changed when game is restarted. |
Oh, thanks for the explanation. |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
