 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Drakeero
How do I cheat?
![]() Reputation: 0
Joined: 08 Apr 2011
Posts: 8
|
 Posted: Fri Apr 08, 2011 11:36 pm Post subject: New Member here, basic question |
 |
|
I'm going to start by saying I'm pretty much "level 1" at this. The limit of my abilities is using the "Search" "Search Next" and hope that by tweaking byte, double-byte, etc I can get lucky and find what I want.
I've looked over tutorials, read about pointers, etc. etc. A lot of them seem to take some basic knowledge of "how stuff works" for granted. Stuff that I don't know. Pointers, scripts, all that, way over my head. I'm hoping that by dissecting and playing around with a rather simple game I love I can get more of an insight into how information is processed and then more of this stuff may make sense.
Until then, I'm stuck with basic questions.
The game is Recettear [I found the thread about it specifically, but I don't want to derail it with such a newbie question.] It has a massive inventory system. At least massive with my experience.
By playing around I've discovered the pattern of the inventory addresses for the quantity of each item in inventory. The "quantity" addresses increase by 8 for each slot in the inventory. -34 -3C -44 -4C -54 -5C etc. So far I've estimated about 350 memory addresses in use with my current game and god knows how many more [I'm thinking close to a 1000] for a full inventory. I've begun with clicking "Add Address Manually" and putting in the next address in the sequence, the description, and leaving it at that. Cheat Engine is nice enough to go check the game and fill out the desired quantity. Since that was taking too long after about 15 entries I opened up the .CT file in notepad, copy/pasted the <CheatEntry> blocks about 75 times and went through individually offsetting the memory address and description for each block. Saved it as a .CT file and loaded it up into Cheat Engine and to my complete and utter disbelief it actually worked. There were no horrible crashes or corrupted files or some other terrible punishment. That's only about 90 or so out of untold hundreds of addresses. Is there some simple way without getting into pointers or scripts to just "Add address manually" about 300 or so of the buggers? The addresses and descriptions follow a pretty easy to repeat pattern.
Sorry for any spelling errors or awkward syntax. It's 2 in the morning for me and I've been working at this for several hours now.
|
|
| Back to top |
|
 |
Innovation
Grandmaster Cheater
![]() Reputation: 12
Joined: 14 Aug 2008
Posts: 617
|
| Posted: Sat Apr 09, 2011 9:24 am Post subject: |
|
|
Although it is possible to mass-add addresses to the table using the Lua engine, you should really be using pointers.
The following may be found in the "main.lua" file located at Cheat Engine's main directory.
| Code: | --Cheat table functions:
--createTableEntry: creates an generic cheat table entry and add it to the list. Returns a tableentry pointer you can use with memrec routines
--getTableEntry(descriptionname): returns a tableEntry pointer for use with memrec functions
--memrec_setDescription(te, description): sets the specified description for this entry
--memrec_getDescription(te): gets the current description of this entry
--memrec_getAddress(te): returns the address and optional offsets for a pointer (note that in 64-bit kernelmode addresses will be rounded down...)
--memrec_setAddress(te,address,offsets OPTIONAL) : Sets the address of a entry. You can give as many offsets as you need
--memrec_getType(te) : returns the Variable type. (vtByte to vtCustom)
--memrec_setType(te, vartype) : sets the type of the entry
--memrec_getValue(te): returns the current value of the cheat table entry as a string
--memrec_setValue(te, value): sets the value of a cheat table entry
--memrec_getScript(te) : If the entry is of type vtAutoAssembler then you can get the script with this routine
--memrec_setScript(te, script)
--memrec_isActive(te)
--memrec_freeze(te, updownfreeze OPTIONAL): sets the entry to frozen state. updownfreeze is optional. 0=freeze, 1=allow increase, 2=allow decrease
--memrec_unfreeze(te) :unfreezes an entry
--memrec_setColor(te, colorrgb): Sets the color of the entry
--memrec_appendToEntry(te,te) : Adds the entry to another entry
--memrec_delete(te) : It's unknown what this function does, all that is known is that after using this command other memrec routines with this table entry value don't work anymore...
--Table related routines:
--If a cheat entry is about to get enabled or disabled it will check if a lua function named "_memrec_description_activating" or "_memrec_description_deactivating" is available, and if so call it.
--If a cheat entry is enabled or disabled it will check if a lua function named "_memrec_description_activated" or "_memrec_description_deactivated" is available, and if so call it.
--It passes the tableEntry pointer as parameter
--Example:
--If the cheat entry table with description "xxx" gets enabled it will call "_memrec_xxx_activating(te)" before it is activated and "_memrec_xxx_activated(te)" after it has been activated (check with isActive to see if it actually did get activated in case of errors in a script or unreadable memory)
--If the cheat entry table with description "xxx" gets disabled it will call "_memrec_xxx_deactivating(te)" before it is activated and "_memrec_xxx_deactivated(te)" after it has been deactivated |
|
|
| Back to top |
|
|
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8585
Location: 127.0.0.1
|
| Posted: Sat Apr 09, 2011 12:12 pm Post subject: |
|
|
If you copy an address from the table, you can repaste it with an incremented difference to step another address. Or using Lua as Innovation suggested you can do:
| Code: | local START_ADDRESS = 0x00400000;
local ADDRESS_COUNT = 350;
local STEP_SIZE = 8;
local x = 0;
for x = 0, ADDRESS_COUNT do
local te = createTableEntry();
memoryrecord_setDescription( te, 'inventory position ' .. tostring( x + 1 ) );
memoryrecord_setAddress( te, 00400000 + ( x * STEP_SIZE ) );
memoryrecord_setType( te, vtQword );
end |
Assuming your value type is 8 bytes since it is stepping 8. If not change vtQword to the proper type which you can find in the defines.lua file in the CE folder.
_________________
- Retired. |
|
| Back to top |
|
|
Drakeero
How do I cheat?
![]() Reputation: 0
Joined: 08 Apr 2011
Posts: 8
|
| Posted: Sat Apr 09, 2011 1:06 pm Post subject: |
|
|
| Innovation wrote: | Although it is possible to mass-add addresses to the table using the Lua engine, you should really be using pointers.
The following may be found in the "main.lua" file located at Cheat Engine's main directory.
| Code: | --Cheat table functions:
--createTableEntry: creates an generic cheat table entry and add it to the list. Returns a tableentry pointer you can use with memrec routines
--getTableEntry(descriptionname): returns a tableEntry pointer for use with memrec functions
--memrec_setDescription(te, description): sets the specified description for this entry
--memrec_getDescription(te): gets the current description of this entry
--memrec_getAddress(te): returns the address and optional offsets for a pointer (note that in 64-bit kernelmode addresses will be rounded down...)
--memrec_setAddress(te,address,offsets OPTIONAL) : Sets the address of a entry. You can give as many offsets as you need
--memrec_getType(te) : returns the Variable type. (vtByte to vtCustom)
--memrec_setType(te, vartype) : sets the type of the entry
--memrec_getValue(te): returns the current value of the cheat table entry as a string
--memrec_setValue(te, value): sets the value of a cheat table entry
--memrec_getScript(te) : If the entry is of type vtAutoAssembler then you can get the script with this routine
--memrec_setScript(te, script)
--memrec_isActive(te)
--memrec_freeze(te, updownfreeze OPTIONAL): sets the entry to frozen state. updownfreeze is optional. 0=freeze, 1=allow increase, 2=allow decrease
--memrec_unfreeze(te) :unfreezes an entry
--memrec_setColor(te, colorrgb): Sets the color of the entry
--memrec_appendToEntry(te,te) : Adds the entry to another entry
--memrec_delete(te) : It's unknown what this function does, all that is known is that after using this command other memrec routines with this table entry value don't work anymore...
--Table related routines:
--If a cheat entry is about to get enabled or disabled it will check if a lua function named "_memrec_description_activating" or "_memrec_description_deactivating" is available, and if so call it.
--If a cheat entry is enabled or disabled it will check if a lua function named "_memrec_description_activated" or "_memrec_description_deactivated" is available, and if so call it.
--It passes the tableEntry pointer as parameter
--Example:
--If the cheat entry table with description "xxx" gets enabled it will call "_memrec_xxx_activating(te)" before it is activated and "_memrec_xxx_activated(te)" after it has been activated (check with isActive to see if it actually did get activated in case of errors in a script or unreadable memory)
--If the cheat entry table with description "xxx" gets disabled it will call "_memrec_xxx_deactivating(te)" before it is activated and "_memrec_xxx_deactivated(te)" after it has been deactivated |
|
While I appreciate your advice, its a bit big for me to chew at the moment. I've read about pointers and its mostly over my head, the only thing that makes sense about them is the explanation that they're not values meant to be used in calculations, but simply instructions telling the program where to look. Makes sense, they "point" the way. Beyond that though...
And most the commands you posted include "memrec". What exactly does "memrec" mean? Maybe if that makes sense the rest of the commands will start to follow.
|
|
| Back to top |
|
|
atom0s
Moderator
Reputation: 205
Joined: 25 Jan 2006
Posts: 8585
Location: 127.0.0.1
|
| Posted: Sat Apr 09, 2011 1:14 pm Post subject: |
|
|
memrec is short for Memory Record. It's just an entry in the address list on Cheat Engine.
_________________
- Retired. |
|
| Back to top |
|
|
Drakeero
How do I cheat?
![]() Reputation: 0
Joined: 08 Apr 2011
Posts: 8
|
| Posted: Sat Apr 09, 2011 3:45 pm Post subject: |
|
|
| Wiccaan wrote: | If you copy an address from the table, you can repaste it with an incremented difference to step another address. Or using Lua as Innovation suggested you can do:
| Code: | local START_ADDRESS = 0x00400000;
local ADDRESS_COUNT = 350;
local STEP_SIZE = 8;
local x = 0;
for x = 0, ADDRESS_COUNT do
local te = createTableEntry();
memoryrecord_setDescription( te, 'inventory position ' .. tostring( x + 1 ) );
memoryrecord_setAddress( te, 00400000 + ( x * STEP_SIZE ) );
memoryrecord_setType( te, vtQword );
end |
Assuming your value type is 8 bytes since it is stepping 8. If not change vtQword to the proper type which you can find in the defines.lua file in the CE folder. |
I'm sorry, I didn't see your post until just now. Ok, since pointers are so useful I'm doing the very nice tutorial provided with the Cheat Engine. I'm on step 6. I've made it to the "Extra info" window. It looks roughly like this:
---------------------------------------------------------------------------
__10002AE3D - mov rdx,[1001FD720]
__10002AE44 - mov eax,[rbp-20]
>>10002AE47 - mov [rdx],eax
__10002AE49 - mov rax,[1001FD720]
__10002AE50
copy memory
The value of the pointer needed to find this address is probably 0122C1E0
[a block of RAX = 00000073 and RDX = 0122C1e0 type stuff, 9 entries total and to buttons on the right marked F and S]
The registers shown here are AFTER the instruction has been executed.
---------------------------------------------------------------------------
Unfortunately, I don't know anything about assembly so I just have to follow the tutorial as literally as I can. It says if the assembler instruction doesn't have anything between the [ and ] then use another item on the list. It then instructs me to go back and do a scan for the hexadecimal value that the extra info window just told me. I'm assuming that this means the value between the [ and ] is what I'm supposed to be looking for, but I have 5 code looking things at the top of the window. All of them have stuff between the [ and ] in them and only two of them look vaguely hexadecimal, a 9 digit number that looks like it could be an 8 digit address and a value of zero. The rest including the one in red are odd letter and number combinations. It's not clear to me where I'm actually supposed to be getting the value to look for. Trying to be lame and just using the 0122C1E0 recommendation throws back some random thing and doesn't seem to work either.
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
