Cheat Engine

MrBitLover · How do I cheat? Reputation: 0 Joined: 08 Mar 2022 Posts: 4

I'm having this game that i want to get the current map that the user has selected.

I do have a static pointer that points to another pointer, and does this even after restarting the game, which points to another pointer.
But the offset 1 to 6 (that Cheat Engine shows at pointer settings) do change with every restart of game.

With CheatEngine i do get to see the Offsets that i have to add
(this picture is a sample only, not for my purpose, my pointer has 5 levels)

I KNOW how to predict the next pointer by using Cheat Engine because i can see the offset values 1 to 6 with Cheat Engine Pointer Scan tool that i have to add to my pointer to follow to the next pointer.

But where do i get this offsets information?, because each time my static pointer points to another pointer, but the value of the offset that i first have to add also chances with a reboot, the static first pointer remains the same and points to the next pointer if i use the add value that Cheat Engine shows me.
Sometimes i have to start with D4, then 0, and E1, etcetc after a restart.
Its for a old game, not something fancy with AC patches and stuff.
The base address is fixed and does not change, its at &H400000.

Where do i read (ReadProcessMemory) this 1 to 6 offset bytes that cheat Engine shows me at its Pointer Scan subitems?

Do i read a pointer, then i have to read another couple bytes to know what value to add first to get to the next pointer?

To make it easy to understand, look at the picture. You see this 'A8' at the second textbox below ''Pointer''.
How do you get this 'A8' value with ReadProcessMemory, because the next time i start the game this A8 will be something else.
Cheat Engine shows me the updated values that i have to add first, so it can be done. But what to do by using ReadProcessMemory?
The starting pointer at the bottom is always the same in my case, and if i would follow the path with the add values (A8 and stuff) i get to my destination.

I need the best for this. If you are not this, please dont answer just for the sake of it with information i already found with Google.

cooleko · Posted: Tue Mar 08, 2022 11:11 am Post subject:

MrBitLover · How do I cheat? Reputation: 0 Joined: 08 Mar 2022 Posts: 4

Look, the game has a offset that i can use with ReadProcessMemory.
But THIS pointer that CE shows me is changing each time i restart the game.

So i run the game, make sure the address gets found again,
And then i do a pointer scan on it.

I see the SAME address each time is changing the offset with the CE Pointer Scanner.
But also that the offsets that i have to add to the long change like in my above screenshot with A8.

I want to use the fixed address, and follow the pointer until i get to my destination which is a random address in memory.
If i had knew how to get to this A8 (offsets) values, i can follow the address, but where do i get this A8 value.

How does Pointer Scanner finds the addresses and knows that it has to add A8 and stuff?
Because if i knew how, i can get to my random address in game by using the fixed address that points to where i want to go.

Is the pointer scanner using something else as ReadProcessMemory to find all the pointer addresses?. How does it know its a pointer, and how does it know the Offsets 1 to 6 (you know what im talking about)

---------------------------------------------------------------------

Look.

CE found a 'Address' in main window:

address: 05D8F968
value: BT03 African Village

When i change the map in game, i see in mainwindow of CE that the 'value' changed too of this address. so i know its the right address.
But if i restart my game, the value 05D8F968 is something totally different.

So when CE found my offset, i do a pointer scan at the address.
And it finds "Game.exe" + 00417EB4, which points to 05D8F968 according CE.
This 00417EB4 does not change, CE always shows me this fixed address where i can get a long value.

So if i read address "Game.exe" + 00417EB4, i do get a 4 byte long value.
And this value is exactly how CE shows it too.
But now i want to go to the destination, CE shows me that i have to first add 'F68' to my found pointer to get to the next.
But how can i find this 'F68' offset, how does CE knows that it is 'F68'.

Because when i restart my game, and i go to 00417EB4 address, i get my long again, but not what i have to add extra, (and it will not be F68 again if i recheck with CE), to it to goto the next pointer.

ParkourPenguin · Posted: Tue Mar 08, 2022 2:57 pm Post subject:

The offsets are a part of the pointer. "Game.exe"+00417EB4 doesn't point to 05D8F968- the pointer path ["Game.exe"+00417EB4]+F68 points to 05D8F968. If any of the offsets (i.e. F68) changes, it's a different pointer path.

The pointer scanner uses a brute force algorithm to find every possible pointer path to an address (or value). This includes paths that just happen to exist by random chance. In the next instance of the game, such paths will break.

You should be using multiple pointer maps with the pointer scan that are generated across multiple instances of the game. See this video for more information:
https://www.youtube.com/watch?v=3dyIrcx8Z8g

MrBitLover · How do I cheat? Reputation: 0 Joined: 08 Mar 2022 Posts: 4

there must be a way to get the offsets to goto a pointer from another pointer.
To get this A8 value by readprocessmemory,

How can CE Pointer Scanner get this that quickly?
Does it hook the game for it? - Or can it be done with brute force with only ReadProcessMemory to get this offsets somewhere

Dammit, i wish this was easier

cooleko · Posted: Tue Mar 08, 2022 3:29 pm Post subject:

MrBitLover · How do I cheat? Reputation: 0 Joined: 08 Mar 2022 Posts: 4

thx for your info, in this case google wasnt my friend, but YouTube did.

I knew that i had to scan the game a few times in order to get the right address in main window.

And i thought i could programmatically find this A8 values and stuff, but this is where i was wrong.

I was looking for the static address pointing to a random address, but i said this A8 was changing all the time.

It's the first time i use Cheat Engine, but its great software.
What I forget is i had to add the found addresses with Pointer Scan to my main window by double clicking the records.
Then restart the game, and look at main window its bottom view what values returned to the right ones after a restart of game and hooking it again.
After doing that i few times i found a static address that always points to the random address with the information i need. With the fixed offsets that CE showed me that never change truout restarts of game.

A8 changing and stuff as i asked, only did when I found a non static address with CE Pointer Scan that i believed was static, my bad.
And thx for helping me out, was almost giving up, but i never do. hahahaha

PS (edited):
I've got it working thanks god. As a little boy in a candyshop i feel, that after 3 days of sitting in the dark looking into this i can finally say i got what i need.

Kindly regards