Cheat Engine

lilezek · Newbie cheater Reputation: 0 Joined: 30 Jun 2009 Posts: 13

Hi everyone. I would like to do a program similar to cheat engine for linux. I can't port it directly as I don't know pascal (but c++), so I'm here to ask a few questions about the functionality of this program, not to ask for help to port it.

1º: How CE stores information? It uses a structure with the pointer, memory, and size of chunk? I mean:

[Pointer | Memory | Size of chunk]
0x00001|Whatever|4 bytes (for instance)

2º: What does CE when the ram memory becomes not enough to store those structures? This is like when you are looking for a value you doesn't know at start, so you need to get an snapshot of the whole readable memory.

3º: What exactly does unrandomize and speed hack to work? I would like to implement in linux if it is possible, but I can't imagine how it works.

This is the basic question I have. As I continue I'll ask more questions.

Thank you for read.

Dark Byte · Posted: Wed Mar 09, 2011 12:03 pm Post subject:

1:
It stores it in a file in the format of
Address (4 bytes)

and a separate memory file build up based on the used type (e.g byte scan is an array of 1 byte, 2 byte: array of words, etc...)

2:
It doesn't store them in ram, it stores them on the disk. The addresslist is just a view into the file. If you scroll down the filepointer is updated instead

3:
unrandomize scans for code signatures often used in unrandomize routines and rewrites those so they return a more predictable value

speedhack hooks the api's that games make use of to find out how much time has passed and makes them return a different value, depending on the speed you gave

lilezek · Newbie cheater Reputation: 0 Joined: 30 Jun 2009 Posts: 13

Dark Byte · Posted: Wed Mar 09, 2011 1:06 pm Post subject:

it get's read in memory depending on the blocksize in the settings
e.g 512kb worth of addresses each time, compare against that and continue with the next block

lilezek · Newbie cheater Reputation: 0 Joined: 30 Jun 2009 Posts: 13

How does CE update the value list? It is constant checking the program and storing it into disk? Or just the address that are visible on the address list?

Dark Byte · Posted: Sat Mar 12, 2011 7:40 am Post subject:

Only the addresses currently visible in the list, and when you scroll it updates imeadiatly

lilezek · Newbie cheater Reputation: 0 Joined: 30 Jun 2009 Posts: 13

Alright, I finished the Speed Hack cpp. Here is the pastebin and some instructions. It is not automatic, but it works and it will be implemented in final version of the program for linux:

If someone wants to optimize it is welcome.

http://pastebin.com/ZLryd20D

Compile it as shared library with -ldl option enabled. Then use LD_PRELOAD =./nameoflibrary.so and open the program you want to modify the speed.

If you want to modify the speed of speed hack, check at int M; and int N; values:

Dark Byte · Posted: Tue Mar 15, 2011 6:57 pm Post subject:

interesting method of function hooking. (stuff like this also explains why there aren't many proprietary games for linux)

lilezek · Newbie cheater Reputation: 0 Joined: 30 Jun 2009 Posts: 13

Do you mean the ability to modify a function?

Well, this makes you to be able to easily modify functions of a video game. But that is not the objective.

The real objective of LD_PRELOAD is to load functions from another library that might be better than the library you are using. It is like a program is using DirectX 7 and you want to use DirectX 11.

lilezek · Newbie cheater Reputation: 0 Joined: 30 Jun 2009 Posts: 13

I just finished many useful functions, the last one: snapshot. It returns a temporary FILE with the snapshot of the program. I'm still implementing more and more functions, but it is going well. If anyone is interested to help me:

(I can't post urls. Please, admin fix this:)
h t t p : // code.goo gle.co m/p/xeat-engine/

I named it Xeat Engine so you can difference it to Cheat Engine (written in Delphi for both Windows and Mac Os X) and Xeat Engine, written in C++ just for LinuX.

PD: I have another question. Why are many values in CE green?

Dark Byte · Posted: Sun Apr 03, 2011 1:49 pm Post subject:

Green values in ce mean that they can be found using modulename+offset notation, so if a module is loaded at a different memory location ce will find it back.

Also a tip: I see you use ptrace. This means that it will crawl like nothing you've seen before. It might be faster to use another way of memory access (perhaps reading /proc/xxx/mem )

lilezek · Newbie cheater Reputation: 0 Joined: 30 Jun 2009 Posts: 13

I use ptrace for writing, not for reading. For reading I'm using the mem access. By the way, I tried to use the mem filesystem to write too, but that only works in kernel mode with the kernel patched as far as I know.

kir · How do I cheat? Reputation: 0 Joined: 11 Apr 2011 Posts: 1

I'm interested in trying it out.
Would you like to make it more compilable?
A list of package dependencies would be helpful.
Maybe a script or Makefile or such to compile it too.

Dark Byte · Posted: Mon Apr 11, 2011 4:43 pm Post subject:

O still say it would be easier to just use lazarus and port the sourcecode of ce to linux the same way I did for mac (one unit which implements the functions that are missing)