View previous topic :: View next topic |
Author |
Message |
someuser How do I cheat? Reputation: 0
Joined: 03 Sep 2021 Posts: 3
|
Posted: Fri Sep 03, 2021 11:57 am Post subject: Help me to solve Tutorial 6: Pointers |
|
|
Hi,
so Tutorial 1-5 were fairly easy but somehow I don't understand how I create my own pointer in tutorial 6.
So here is how I understand the problem: We have a pointer Y, pointing to some address X. At X we have some value. We want that value to be 5000.
We now have two buttons: One changes the value stored at X and one changes the value stored in Y. So in particular, the "change value" button changes the value at X and the "change pointer" changes the address stored in Y.
So we can't just overwrite the value at X to 5000 because we do have to press the "change pointer" button.
So if I understood it correctly, we want to find the address which holds the instruction which gets executed when we press "change pointer" s.t. we can fix it i.e. basically disabiling the button (it won't change the value of Y anymore). We then can set the value, press the button and we are good to go.
Now I'm not sure if that's true since I'm not sure how Cheat Engine works. Can I think of it as overwriting the memory?
Anyway, so here's how I solve it:
1. I change the value (100 is a shitty value to search for, too many results) We press the "change value" button several times and get 77.
2. Press "new scan" for 4byte extact value.
3. Type in 77 and press enter => I get a bunch of addresses but not too many.
4. I press change value again and look for a change.
5. We found the address that holds the value currently. We double click it and it gets added to that list at the bottom. It reads:
Address: 01778718, Type = 4 Bytes, Value = 550
6. Rightclick => "Find out what writes to this address"
7. We press "change value" again and get the instruction:
Count = 1; Instruction = 004270B7 - 89 02 - mov [edx], eax
Question: What does 89 02 represent?
8. We double click the instruction and read "The value of the pointer needed to find this address is probably 01778718. Which is indeed the value of EDX.
9. We press "stop" and "close" and "new scan" and do a exact value 5 byte hex search. Type in 01778718 and hit enter.
10. We fine some green address.
Here's where I am confused. This is obviously the address that changes the pointer. If we double click it and press the "change pointer" address we see that each click increases the value by "10" (hex 10 not decimal 10).
Now I want to somehow overwrite this instruction or fix it's value or whatever. And this is where I am stuck. I don't have enough knowledge to know what I can do here. I also don't get all those "add address manually" stuff. What happens if I do that? Does cheat engine overwrite the instruction on that address? Why do I need a pointer address? Is the idea that we overwrite the instruction with a pointer to some fixed address? Because I can't make it work at all.
What's the idea?
|
|
Back to top |
|
|
LeFiXER Grandmaster Cheater Supreme Reputation: 20
Joined: 02 Sep 2011 Posts: 1053 Location: 0x90
|
Posted: Fri Sep 03, 2021 12:14 pm Post subject: |
|
|
Question: What does 89 02 represent?
Answer: They represent opcodes.
Pointers are used to calculate address locations even after the game has been closed and opened again.
|
|
Back to top |
|
|
someuser How do I cheat? Reputation: 0
Joined: 03 Sep 2021 Posts: 3
|
Posted: Fri Sep 03, 2021 12:33 pm Post subject: |
|
|
I just found utube/watch?v=O23itZCoOso and saw that my issue was that I didn't include Tutorial.exe (or whatever it is called) when saving a pointer. Furthermore I also had to check "active".
Now, I can solve it but I'm not happy with my understanding of it. What's going on?
Does cheat engine overwrite instructions in the memory here or what exactly does it do?
What happens when we add an address manually and decalre it a pointer?
|
|
Back to top |
|
|
|