| View previous topic :: View next topic |
| Author |
Message |
Greenhouse
Cheater
 Reputation: 0
Joined: 20 Aug 2016
Posts: 44
|
 Posted: Tue Feb 07, 2017 8:40 am Post subject: Register values |
 |
|
Is the any way to know the register value of an address you found in the Memory View? Break and trace instructions doesn't work because the value doesn't change normally.
For example, the assemble code is: mov rax,[rcx+000000D8]
And I need to know rcx to have the exact address I need.
Is there any way? Thanks.
|
|
| Back to top |
|
 |
mgostIH
Expert Cheater
 Reputation: 3
Joined: 01 Jan 2016
Posts: 159
|
| Posted: Tue Feb 07, 2017 8:42 am Post subject: |
|
|
You can put a breakpoint on the instruction, CE will give you all the register details even in x64 programs once the game runs that code.
_________________
|
|
| Back to top |
|
|
Greenhouse
Cheater
Reputation: 0
Joined: 20 Aug 2016
Posts: 44
|
| Posted: Tue Feb 07, 2017 8:49 am Post subject: |
|
|
| mgostIH wrote: | | You can put a breakpoint on the instruction, CE will give you all the register details even in x64 programs once the game runs that code. |
I tried and it's not giving me anything. I said that the address doesn't change and it's not finding anything.
|
|
| Back to top |
|
|
mgostIH
Expert Cheater
Reputation: 3
Joined: 01 Jan 2016
Posts: 159
|
| Posted: Tue Feb 07, 2017 9:00 am Post subject: |
 |
|
| Greenhouse wrote: | | mgostIH wrote: | | You can put a breakpoint on the instruction, CE will give you all the register details even in x64 programs once the game runs that code. |
I tried and it's not giving me anything. I said that the address doesn't change and it's not finding anything. |
You should then give us more assembly code, 20 or 30 lines of asm from above and below the code might show where rcx gets its value, maybe your code is executed only once during runtime or special events, so some conditional jump may skip it.
_________________
|
|
| Back to top |
|
|
Greenhouse
Cheater
Reputation: 0
Joined: 20 Aug 2016
Posts: 44
|
| Posted: Tue Feb 07, 2017 9:01 am Post subject: |
|
|
| mgostIH wrote: |
You should then give us more assembly code, 20 or 30 lines of asm from above and below the code might show where rcx gets its value, maybe your code is executed only once during runtime or special events, so some conditional jump may skip it. |
I'll text you on your discord channel.
|
|
| Back to top |
|
|
SunBeam
I post too much
 Reputation: 65
Joined: 25 Feb 2005
Posts: 4023
Location: Romania
|
| Posted: Tue Feb 07, 2017 9:54 am Post subject: |
|
|
| If code doesn't break when enabling a breakpoint, you haven't met the condition for that. Maybe you need to do something in-game so it's triggered. Otherwise, I don't see how code can function without the debugged hitting it. CE's VEH hits it.
|
|
| Back to top |
|
|
Greenhouse
Cheater
Reputation: 0
Joined: 20 Aug 2016
Posts: 44
|
| Posted: Tue Feb 07, 2017 10:39 am Post subject: |
|
|
| SunBeam wrote: | | If code doesn't break when enabling a breakpoint, you haven't met the condition for that. Maybe you need to do something in-game so it's triggered. Otherwise, I don't see how code can function without the debugged hitting it. CE's VEH hits it. |
I already tried with the help of mgostIH but it's not possible. Thanks anyways.
|
|
| Back to top |
|
|
SunBeam
I post too much
Reputation: 65
Joined: 25 Feb 2005
Posts: 4023
Location: Romania
|
| Posted: Tue Feb 07, 2017 1:20 pm Post subject: |
|
|
Yet another online game with some sort of memory protection  I'm quickly getting the hang of these "thanks anyways" replies 
|
|
| Back to top |
|
|
Greenhouse
Cheater
Reputation: 0
Joined: 20 Aug 2016
Posts: 44
|
| Posted: Tue Feb 07, 2017 2:30 pm Post subject: |
|
|
| SunBeam wrote: | | Yet another online game with some sort of memory protection I'm quickly getting the hang of these "thanks anyways" replies |
It's not an online game. It's just a function that's not used, it's there but does nothing.
|
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Tue Feb 07, 2017 6:10 pm Post subject: |
|
|
1. Check to see if there are any instructions that 'access' the value, that can be used for your breakpoint.
2. Launch the target by breaking at startup (before any code gets initialized) and set your breakpoint before the code gets executed.
3. You may have to write a script and set your breakpoint inside your codecave so that you can isolate the address that you are wanting to analyze.
|
|
| Back to top |
|
|
Greenhouse
Cheater
Reputation: 0
Joined: 20 Aug 2016
Posts: 44
|
| Posted: Tue Feb 07, 2017 6:14 pm Post subject: |
|
|
| ++METHOS wrote: | 1. Check to see if there are any instructions that 'access' the value, that can be used for your breakpoint.
2. Launch the target by breaking at startup (before any code gets initialized) and set your breakpoint before the code gets executed.
3. You may have to write a script and set your breakpoint inside your codecave so that you can isolate the address that you are wanting to analyze. |
I tried everything. And I checked the function with IDA but it's just a dead end.
The function calls nothing but I know it's the correct one. As I said, it's an unused function that worked on previous versions.
|
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Tue Feb 07, 2017 6:19 pm Post subject: |
|
|
| So, you tried everything as described in my previous post?
|
|
| Back to top |
|
|
Greenhouse
Cheater
Reputation: 0
Joined: 20 Aug 2016
Posts: 44
|
| Posted: Tue Feb 07, 2017 6:22 pm Post subject: |
|
|
| ++METHOS wrote: | | So, you tried everything as described in my previous post? |
The last one I didn't but I don't know how to do it. If you want to pm me your Skype or whatever to explain how to do it... So you see what I mean with what I'm saying. The function I have is from a previous feature.
|
|
| Back to top |
|
|
Zanzer
I post too much
![]() Reputation: 126
Joined: 09 Jun 2013
Posts: 3278
|
| Posted: Tue Feb 07, 2017 6:26 pm Post subject: |
|
|
| Is this Dark Souls?
|
|
| Back to top |
|
|
Greenhouse
Cheater
Reputation: 0
Joined: 20 Aug 2016
Posts: 44
|
| Posted: Tue Feb 07, 2017 6:27 pm Post subject: |
|
|
| Zanzer wrote: | | Is this Dark Souls? |
No, it's Hello Neighbor.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
