 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
LastDance
Cheater
 Reputation: 1
Joined: 09 Jun 2015
Posts: 37
|
 Posted: Tue Jun 14, 2016 1:24 pm Post subject: too much infinite hp |
 |
|
Hey all,
Im currently trying to create a table for the game Crea (it is like terraria but with skills and such)
im having an issue where i have identified the bit of code in the disassembler that writes the float value for my hp, and successfully nop it to the point that no hp is lost and it reliably stays that way across multiple instances of the program...
but the code also works for my stamina...
and every other hp bar of every creature and enemy in the game..
hints on what im missing?
| Code: |
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(health,crea.exe,89 81 A4 00 00 00 E8 D0) // should be unique
alloc(newmem,$1000,"crea.exe"+495265)
label(code)
label(return)
newmem:
code:
//mov [rcx+000000A4],eax
jmp return
health:
jmp code
nop
return:
registersymbol(health)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
health:
db 89 81 A4 00 00 00
unregistersymbol(health)
dealloc(newmem)
|
| Description: |
|
| Filesize: |
27.83 KB |
| Viewed: |
8980 Time(s) |
|
Last edited by LastDance on Thu Jun 16, 2016 11:47 am; edited 1 time in total |
|
| Back to top |
|
 |
ParkourPenguin
I post too much
 Reputation: 152
Joined: 06 Jul 2014
Posts: 4718
|
|
| Back to top |
|
|
LastDance
Cheater
Reputation: 1
Joined: 09 Jun 2015
Posts: 37
|
| Posted: Tue Jun 14, 2016 2:33 pm Post subject: |
|
|
Thank for the quick reply!
This look like exactly what i need to solve the problem with a little work 
Edit: nope, it didnt work :/
his first suggestion failed because i couldnt find an instance of an opcode tht only dealt with player hp
his second one wasnt applicable due to the lack of I-frames
his final one didnt work because the game crashes long before i can do enough scanning of the player structure..
|
|
| Back to top |
|
|
zm0d
Master Cheater
 Reputation: 7
Joined: 06 Nov 2013
Posts: 423
|
| Posted: Wed Jun 15, 2016 9:42 am Post subject: |
|
|
You may work with breakpoints and check the subroutine step by step. Do this for both, when you lose health and when another NPC loses health. Check out differences in registers and look for some flags, that would indicate you as a player or the others.
Check against this flag in your auto-assemble script, and only let the code execute when it's not your player flag.
|
|
| Back to top |
|
|
LastDance
Cheater
Reputation: 1
Joined: 09 Jun 2015
Posts: 37
|
| Posted: Thu Jun 16, 2016 11:40 am Post subject: |
|
|
| zm0d wrote: | You may work with breakpoints and check the subroutine step by step. Do this for both, when you lose health and when another NPC loses health. Check out differences in registers and look for some flags, that would indicate you as a player or the others.
Check against this flag in your auto-assemble script, and only let the code execute when it's not your player flag. |
So i hate to be the guy jumping up and down and saying: "i dont know what im doing"
but...
Honesty never heard of breakpoints/registers/flag before this moment, is there a good tutorial somewhere that would help me get my feet under me before i dive headlong into the abyss?
I mean, i can see pretty clearly just by messing around a bit the difference on the side there from when i get hit and an npc gets hit, but i haven't a clue what it means. Im also noticing that the Game doesnt toggle the breakpoint like it should when the npcs get hit..
| Description: |
|
| Filesize: |
21.22 KB |
| Viewed: |
8986 Time(s) |
|
|
|
| Back to top |
|
|
zm0d
Master Cheater
Reputation: 7
Joined: 06 Nov 2013
Posts: 423
|
| Posted: Fri Jun 17, 2016 2:34 am Post subject: |
 |
|
| LastDance wrote: | | So i hate to be the guy jumping up and down and saying: "i dont know what im doing" |
Stop with that attidude! There is no reason to "hate" that. No one can know everything on this world. And if you have people around you, who know stuff you dont know, but you want to know, then simply ask. You'll definitly learn more, when you are active at something you're willing to learn. Of course, you can gain alot of knowledge about nearly everything with a simple visit to google, but when it comes to details, you are more likely to learn better, when you can ask someone.
| LastDance wrote: | | breakpoints/registers/flag |
Breakpoints -> A "point" in the code execution, that indicates the processor/program to stop execution right when reaching it. You can inspect everything (like you just did in your game) when the breakpoint got hit. Also you can start "stepping". That mean, executing the code step-by-step and inspect every instruction, that gets executed. Very, very helpful in terms of software-developing and reverse engineering.
(https://en.wikipedia.org/wiki/Breakpoint)
Registers -> Very small memory immediatly in the CPU. Fastest access to value. There are also caches (L1/L2/L3), which store values for faster access then the RAM.
Simple, human-readable example -> Your hands are registers. If you have something in your hands, you can immediatly work with it. Maybe you need to slighly adjust the object in your hands to make it useable, but you have it right there. The caches are more likely your vest/trouser pockets. They are very close to your hands, but you have to get in there first and pull your object out. Still fast because its close to your hands.
Then there is the RAM. It's more likely your backpack. It's on your back because it's bigger. You can store alot more in there, then in your pockets/hands. You just have a "long" way to reach you backpack and pull things out, you need. Therefore it takes more time to access your backpack. To complete the example, you also have the hard disk. It's more like your storage room in your house. it's very big compared to the others, but accessing it and searching in it takes way longer than the other stores.
Flag -> A simple number to indicate something. E.g. -> 1 = player, 2 = NPC, 3 = animal... etc.
To come back to your problem -> Do it again with the breakpoints, when you got hit and when and NPC got hit. I'd guess RAX could hold the address of your player/npc. Next time, you do this with breakpoints, add the RAX address to the dissect data structure window and compare them. They should look very equal, in what they store. If not, check out other registers, that differ with their value.
|
|
| Back to top |
|
|
LastDance
Cheater
Reputation: 1
Joined: 09 Jun 2015
Posts: 37
|
| Posted: Fri Jun 17, 2016 9:12 am Post subject: |
|
|
| Quote: |
To come back to your problem -> Do it again with the breakpoints, when you got hit and when and NPC got hit. I'd guess RAX could hold the address of your player/npc. Next time, you do this with breakpoints, add the RAX address to the dissect data structure window and compare them. They should look very equal, in what they store. If not, check out other registers, that differ with their value.
|
again i am a bit confused because the number seem to come back reliably as different each time i get hit, and i not actually sure if im getting the number for the NPC at all because the game doest break at all either when hitting enemies or restoring stamina (both of which are effected by this address)
Edit:
This of course leads me back to realize that i could have in fact just used the third method in Rydian's tutorial above. Im just actually stupid 
Edit 2:
so past that little embarrassment, i can now see fairly clearly a good way to put myself in god mode by dissecting the code and using a constant value that belongs to the player as a way of telling CE who is who. Im now running across the issue that i cant find the hook. In Rydian's tutorial, there is a clear number that stays constant across different iterations of the game, however in my own game, the only "constant" number i see are number such as my maximum health, which unfortunately changes whenever the player levels up.
So follow up question, is there another way to find an anchor value?
There are dozens of pointers around that i havent looked under, if i can even use the numbers under them as anchors, how do i extend the offset to move under the pointers? (if that makes sense?)
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
