Cheat Engine

Physical · How do I cheat? Reputation: 0 Joined: 05 Nov 2012 Posts: 3

I am trying to red the HP and MP values from an old game called lineage. I am using the client on a private server. (The game is no longer available in North America except for private servers) You can Google Lineage Revival to see what client I am using. It won't let me post the link. They say they are changing clients this weekend so at the time of this post I am using the EP6 client. The problem I am having though also occurs with the newer clients. I chose to use this because it is an old game / client so I thought it would be a good way to begin learning how to use CE. I am using Cheat Engine 6.2.

I have been searching for information on address scanning and pointers etc. The problem I am having is locating any address at all. I haven't even gotten to the part where I need a pointer.

I started out using the exact value 4 byte search as suggested and went from there using decreased and increased value searches after the initial search. In a short time the address list will be completely empty. I expanded this to include all value types. Still the same result of 0 addresses. I searched the forums again and found a post where Dark Byte gave some advice to use unknown initial value and to use changed and unchanged value searches after that. I did that and got it down to 7 addresses that lasted a while through multiple searches. I saved one I thought was the correct one but kept searching and eventually they all disappeared.

That took a while so I decided to make an attempt using the address I had saved. I was skeptical with this address as the value given had no relation at all to my hp. I chose the option to see what access this address and began working with some of the things that came up. I attempted to locate a pointer and do some searches from things that accessed it. After several hours of tinkering what I ended up with were two addresses that were some how related to my hp but I am not sure how. One was an address I calculated based off of the register values given in the more info from the debugger. The other was a pointer I made based off that address.

The max hp value of my char in game is 418. At the time I did this his current hp was 2xx. The value of the two address I just mentioned were 6-8 digits long (I don't remember exactly. My game crashed and the values were lost) I have no idea how they linked to my hp unless it was a padded number. (I don't know much about padded numbers, I just saw them mentioned in a thread) Maybe if I spent more time comparing the numbers I could make a calculation to get the proper hp value.

The end result of this attempt was me attempting to see if I had the actual addresses for HP. To do this I went into the debugger, opened the memory view of the code that was accessing the pointer I made and replaced it with code that does nothing. I then went back into the game and used a hp potion. Well my hp did not increase and about 2 seconds later the client crashed. I know the hp is server sided. The attempt was only to see if it would change my local view of the hp or rather prevent it from changing so that I could verify I was reading from the correct address.

I have just started learning how to use Cheat Engine. Any advice telling me what I am doing wrong or helping me learn how to find the addresses would be greatly appreciated.

Dark Byte · Posted: Tue Nov 06, 2012 7:03 am Post subject:

You must run the private server software on your own computer, connect to that, and then scan the server process for the variables instead of scanning the client

Physical · How do I cheat? Reputation: 0 Joined: 05 Nov 2012 Posts: 3

Well I have been doing as you suggested and so far I have not had any luck. I am running the server on my local computer and I can find values that show what my hp is but I cannot find base pointers for them. I look at what is accessing them, then search the value given in the disassembler's more info, then I make a pointer using one of the values in the search result. I end up trying multiple values because they point to the correct address for a little bit and then they randomly change to something else. Even when they are pointing to the correct address prior to changing if I make a pointer from then then try to see what is accessing it, nothing shows up. Usually after waiting a while 1 thing shows up and the address changes.

At this point I really don't know what I am doing wrong. I used the same methods and followed the same guides an tutorials on finding addresses and pointers to do the same thing with a game called Jade Dynasty that I am trying to do here. My end goal is only to read the max hp and current hp. I was able to do that in Jade Dynasty no problem. With Lineage 1 I am having great difficulty.

One thing I don't understand about your advice is trying to get the values from the server itself. If I got them from my own private server (which so far isn't working either) then wouldn't it only work when my private server was running and I am connected to it with the client? I wanted to be able to read the values from the client itself, for this reason I wanted to learn how to find them so I can find them in any client.

One thing about this game is it has it's main executable file then it has a file of the same name .bin. On one of the attempts while running my own server I scanned the .bin file and found a static address for my max hp. I was unable to find the current hp right away but I also didn't spend much time on it. Should I continue to try to find the values from that file? (It does not show up as a running process on all servers.) One of the servers uses a newer version of the client that I was trying this on. It's running process shows up as .dat

I would like to be able to find the values from the client itself so I can find them from different client versions. Any advice on doing that would be appreciated.

Dark Byte · Posted: Tue Nov 06, 2012 5:41 pm Post subject:

Try code injection on the server. Find the code that writes your health, and then inject a piece of code that looks up that the playername is your player, and if so, do not change the health.

It will only work for your own private server yes. Unless you hack the server you're playing on , install cheat engine there, and then execute the injection script on their computer

Anyhow, on the client current hp might be stored as a string, or stored as total damage taken. You might be able to find a pointer for that, but remember, it can not be changed

Physical · How do I cheat? Reputation: 0 Joined: 05 Nov 2012 Posts: 3

I know it cannot be changed through the client. I have no intention of changing it. The only thing i want to do is find the addresses and use them in a program called blue eye to read the values and display what they are. It won't really be useful other then the process of learning how to do it and finally accomplishing it.

Thanks again for your advice, I will keep trying.

EDIT:

Something else I just thought about. These private servers use a connector to connect to the server itself which is written in java. I was wondering if this would affect which process I need to connect to. Some examples are:

Server 1 - Uses just a connector to connect to the server. The connector is a modified version of the main exe file with the ip address for the server put in the shortcut.

Server 2 - Uses a exe file to launch the login that reads the connection information from an ini file and runs a special .bin file depending on the client version.

Server 3 - Uses a special exe file which has its own process that modifies other things such as ur computer clock and launches the game process which is the exename.dat

I have thought maybe I am opening the wrong process. Now I had the same issue when I scanned the server itself and I did try opening other processes and didn't have any luck. I tried one time selecting lineage from the window list but I don't know if that opened the correct process.

If it would help too I can post bits of code from the source code of the server where it communicates with the client.

Edit 2: One more question. The original client was 16bit. The new one (which is a Korean client) might be 32 bit but it looks more like it was programmed over top of the 16bit one. The both uses some of the same files. Does this have anything to do with the difficulty I am having?