Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Some questions about how games usually store data

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
hitmetwice
Advanced Cheater
Reputation: 0

Joined: 20 Nov 2012
Posts: 63
PostPosted: Thu Oct 03, 2013 1:58 pm    Post subject: Some questions about how games usually store data Reply with quote
This might not be the correct subforum for my question, I'm not sure. Sorry if it's wrong here...
Lets take a typical egoshooter as an example.
3 players play against 3 other players.
How would all the data about these players be stored in the memory?
Would every player have an own independent "baseaddress" or would I find the data to be stored in one array/object?

Or is everything basically in one base object? And what about the fucntions?

Would a common game store data and functions like that?
Code:

players = {
    1 = {health=100,maxHealth=100,ammo=20,maxAmmo=20,MoveTo(x,y){...},ShootGun(){...},....}
    2 = {health=100,maxHealth=100,ammo=20,maxAmmo=20,MoveTo(x,y){...},ShootGun(){...},....}
    3 = {health=100,maxHealth=100,ammo=20,maxAmmo=20,MoveTo(x,y){...},ShootGun(){...},....}
    4 = {health=100,maxHealth=100,ammo=20,maxAmmo=20,MoveTo(x,y){...},ShootGun(){...},....}
    5 = {health=100,maxHealth=100,ammo=20,maxAmmo=20,MoveTo(x,y){...},ShootGun(){...},....}
    6 = {health=100,maxHealth=100,ammo=20,maxAmmo=20,MoveTo(x,y){...},ShootGun(){...},....}
}


And if so, what would you do to find this baseobject that contains information about all players?
I mean you can't specifically scan for player1 or player 2, but only for properties of them.
And it would be even harder if you wanted to find the "players"-objects address.
Or could just somehow calculate that if you have enough values properties?
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 471

Joined: 09 May 2003
Posts: 25813
Location: The netherlands
PostPosted: Thu Oct 03, 2013 2:34 pm    Post subject: Reply with quote
It could be an array that either points to a block describing a player class, or a NULL pointer

So try finding a pointer to such an array
Just finding player1 won't be enough as you may also find other storages that point to the player, like the gui
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
hitmetwice
Advanced Cheater
Reputation: 0

Joined: 20 Nov 2012
Posts: 63
PostPosted: Thu Oct 03, 2013 3:00 pm    Post subject: Reply with quote
I'd really like to see a basic sample code of what it would most likely look like.

Things I found on google were either too complex or seemed a bit too "cheap" to be actaully used in big games...
Back to top
View user's profile Send private message
Gniarf
Grandmaster Cheater Supreme
Reputation: 43

Joined: 12 Mar 2012
Posts: 1285
PostPosted: Thu Oct 03, 2013 4:57 pm    Post subject: Re: Some questions about how games usually store data This post has 1 review(s) Reply with quote
hitmetwice wrote:
Lets take a typical egoshooter as an example.
3 players play against 3 other players.
How would all the data about these players be stored in the memory?
When in doubt, assume "shuffled all over the universe". However when you have one variable, like health, go to memory viewer->view->memory regions. It is likely (but not guaranteed) that hp for the other players are in the same memory region.

Additionally you can make assumptions based on what language(s) your game is written in. If your game is purely written in c++, all properties of a given object are grouped together so x/y(/z) coordinates will be close. But beware that the gun and the player can be 2 separate objects, and ammo can be a property of the player, the gun or the player's backpack.
If the game uses lua/squirrel/python/ruby/flash or another script engine, even position might be shuffled all over the u...

hitmetwice wrote:
Would every player have an own independent "baseaddress" or would I find the data to be stored in one array/object?
Would a common game store data and functions like that?
Code:

players = {
    1 = {health=100,maxHealth=100,ammo=20,maxAmmo=20,MoveTo(x,y){...},ShootGun(){...},....}
    2 = {health=100,maxHealth=100,ammo=20,maxAmmo=20,MoveTo(x,y){...},ShootGun(){...},....}
    3 = {health=100,maxHealth=100,ammo=20,maxAmmo=20,MoveTo(x,y){...},ShootGun(){...},....}
    4 = {health=100,maxHealth=100,ammo=20,maxAmmo=20,MoveTo(x,y){...},ShootGun(){...},....}
    5 = {health=100,maxHealth=100,ammo=20,maxAmmo=20,MoveTo(x,y){...},ShootGun(){...},....}
    6 = {health=100,maxHealth=100,ammo=20,maxAmmo=20,MoveTo(x,y){...},ShootGun(){...},....}
}
A common game, huh? A common game of the early 2000's or older, yes. A common game of 2013* or later, no. A simple test is to find health for players 1, 2, and 3. If the spacing is regular (hp2 address-hp1 address=hp3 address-hp2 address) try to guess hp4 address.

*Subtract 5 years when dealing with japanese games. -_-

Also, it is not sure that maxHealth and maxAmmo are even present in the player object since those are constants.

hitmetwice wrote:
And what about the fucntions?
Functions are somewhere else. When the game doesn't use a script engine, then code is in a memory region that is only executable and readable, while data (hp, ammo,etc...) is in memory regions that are writable and readable (usually not executable unless the developper f* up). Afaik code always starts at Game.exe+1000 when it's not in a .dll.
And what if the game uses a script engine? Shuffled all over... But near certainly NOT in the same memory region as the data.

hitmetwice wrote:
And if so, what would you do to find this baseobject that contains information about all players?
I mean you can't specifically scan for player1 or player 2, but only for properties of them.
And it would be even harder if you wanted to find the "players"-objects address.
Or could just somehow calculate that if you have enough values properties?
Assuming that massive player array exists, scan for hp1 and find out what accesses it. You'll a result like "mov eax, [esi+8c]" which means that hp1 is a property of an object that starts 0x8c bytes earlier. Likely that means the the Player1 object is allocated 0x8c bytes before hp1. When you know where the PlayerX and PlayerY objects are allocated it's easy to find where the Player array begins: PlayerX_address-X*(PlayerY_address-PlayerX_address)/(Y-X) assuming the first player is Player0.
In layman's terms the array begins where the first player is allocated ^^.
_________________
DO NOT PM me if you want help on making/fixing/using a hack.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites