Cheat Engine

rhcp10 · How do I cheat? Reputation: 0 Joined: 19 Feb 2021 Posts: 2

Hey guys I am new to reverse engineering and I got a problem understanding how the registers "display" work on CE. My situation is that I'm trying to find the internal send function of an online game. I found the buffer pointer and looked what accesses to it. It was obviously an instruction, which used the buffer pointer, but if I breakpoint on that instruction it doesn't contain the buffer ptr.

Any help is appreciated Smile

ParkourPenguin · Posted: Fri Feb 19, 2021 11:40 am Post subject:

CE has to guess the previous instruction when data breakpoints trigger. In this case CE guessed wrong.
Open up the disassembler yourself and figure it out. IIRC left/right arrows scroll one byte at a time.

Make sure you're using an up-to-date version of CE. Older versions don't know about some vector extensions more commonly used now.

rhcp10 · How do I cheat? Reputation: 0 Joined: 19 Feb 2021 Posts: 2

I am using the latest version. So the breakpoint is showing me false information? Then I can assume that the address in EDX from picture 1 is the correct one right?

ParkourPenguin · Posted: Fri Feb 19, 2021 9:21 pm Post subject:

I don't know. Again, look at the instruction that's actually accessing the value. Click on "show disassembler" and scroll up a bit. It might be some rep string instruction if I had to guess.

Reading through this again, it seems like you've made some misconceptions about assembly that are giving you a false sense of proficiency. Try searching for "x64 assembly tutorial" or something and come back to this later.