 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
AbsMan
How do I cheat?
![]() Reputation: 0
Joined: 02 Nov 2023
Posts: 2
|
 Posted: Thu Nov 02, 2023 6:23 am Post subject: CMP Pointer to pointer question |
 |
|
Hello
Help me figure out how to use CMP
After watching the tutorial I was able to create basic scripts for health and armor, like
newmem:
mov [esi+10],(int)0
sub eax,ebx
jmp exit
originalcode:
mov [esi+10],eax
sub eax,ebx
which set the health value to 0 (instakill), but obviously it affects enemy and me.
Further analysis revealed that the ESI indicates the base address (which is a pointer), and health, attack and armor are stored at offsets +10, +18 and +1C.
Because this is a Unity game, using Mono helped me a lot to understand the structure and I found the address, which is supposedly the value of the character belonging to my team (_BelongsToLocalPlayer).
I found an instruction that works with this field
cmp byte ptr [esi+09],00
and I would like to add a check to my code, but in this case this ESI is already an address in another structure, but the offsets from that base structure are known to it: [[[esi+08]+0C]+09] (this ESI is base structure)
But a record like
cmp byte ptr [[[esi+08]+0C]+09],00 does not pass compilation, how can I do the correct check?
[[[esi+08]+0C]+09] contains 1 for my troops and [[[esi+08]+0C] (pointer) for enemy troops contains nothing.
So if [[[esi+08]+0C]+09] is 1 (or 0) to do something (or do nothing) with [esi+10] (health) or [esi+1C] (armor)
|
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 467
Joined: 09 May 2003
Posts: 25701
Location: The netherlands
|
| Posted: Thu Nov 02, 2023 7:47 am Post subject: |
|
|
are you sure it [[[esi+08]+0C]+09] and not [[esi+08]+0C]+09 ?
in case of [[esi+08]+0C]+09 (which seems more correct seeing it's a byte access)
| Code: |
push eax
mov eax,[esi+8]
mov eax,[eax+c]
cmp byte ptr [eax+9],1
pop eax
je mytroops
enemytroops:
mytroops:
|
in case of [[[esi+08]+0C]+09] (read that as [[[esi+08]+0C]+09]+00000000):
| Code: |
push eax
mov eax,[esi+8]
mov eax,[eax+c]
mov eax,[eax+9]
cmp byte ptr [eax+00000000],1
pop eax
je mytroops
enemytroops:
mytroops:
|
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
AbsMan
How do I cheat?
![]() Reputation: 0
Joined: 02 Nov 2023
Posts: 2
|
| Posted: Thu Nov 02, 2023 11:08 am Post subject: |
|
|
Thanks for the quick response.
Probably the [[esi+08]+0C]+09 option is really more correct, I haven’t quite figured out the indication of addresses and pointers yet.
I've tried similar combinations, but the result is the same - when checking, the game crashes, no matter whether I'm attacking or being attacked.
Is it important to use AOB injection in this case, because I passed the script from code injection?
Is there any way to log actions in assembler through third-party functions, is this probably somehow possible through the use of lua? (although this question is already beyond the scope of the main one)
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
