| View previous topic :: View next topic |
| Author |
Message |
Voodoox
How do I cheat?
![]() Reputation: 0
Joined: 13 Aug 2016
Posts: 4
|
 Posted: Sat Aug 13, 2016 7:07 am Post subject: Needing some Help, I'm Stuck |
 |
|
Hello, I've been messing with this for the past 8 hours. I cant seem to get it to work.
I've Found addresses and offsets for 2 levels, going to the third I'm hitting a brick wall, please help.
Attaching Picture. I figured the offset was 34. But it doesn't seem to work.
Last edited by Voodoox on Sat Aug 13, 2016 10:55 am; edited 1 time in total |
|
| Back to top |
|
 |
LastExceed
Expert Cheater
 Reputation: 1
Joined: 05 Nov 2014
Posts: 130
|
| Posted: Sat Aug 13, 2016 8:16 am Post subject: |
|
|
| I never understood the debugger method either, I'd recommend to just use the pointerscanner instead. Super easy to use and way faster. |
|
| Back to top |
|
|
Zanzer
I post too much
![]() Reputation: 126
Joined: 09 Jun 2013
Posts: 3278
|
| Posted: Sat Aug 13, 2016 8:33 am Post subject: |
|
|
Read the little note at the bottom of the popup. The values displayed are AFTER the instruction executes.
Since this instruction uses and overwrites the value of EDX, you need the prior value. |
|
| Back to top |
|
|
Voodoox
How do I cheat?
![]() Reputation: 0
Joined: 13 Aug 2016
Posts: 4
|
| Posted: Sat Aug 13, 2016 10:52 am Post subject: |
|
|
| LastExceed wrote: | | I never understood the debugger method either, I'd recommend to just use the pointerscanner instead. Super easy to use and way faster. |
I don't know a proper way of using the point scanner, every time I use it i start with about 100 million possibilities but can only get down to 1.5 million. Which is still far too much to find my value.
| Zanzer wrote: | Read the little note at the bottom of the popup. The values displayed are AFTER the instruction executes.
Since this instruction uses and overwrites the value of EDX, you need the prior value. |
I don't understand what you mean. I'm very new to Cheat engine. I'm not sure what I'm suppose to do next. |
|
| Back to top |
|
|
Zanzer
I post too much
![]() Reputation: 126
Joined: 09 Jun 2013
Posts: 3278
|
| Posted: Sat Aug 13, 2016 11:48 am Post subject: |
|
|
Doing pointer scans manually, you may still end up with tons of possible addresses.
When using the automated pointer scanner, it's okay if you're left with millions of pointers.
As long as that first pointer continues working when you reload the game and switch computers, it works.
The rest of the millions of pointers may all work as well. Just pick one and use it until it stops working. |
|
| Back to top |
|
|
mgr.inz.Player
I post too much
 Reputation: 221
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Sat Aug 13, 2016 12:20 pm Post subject: |
|
|
You can tick "show advanced", then tick:
- "first element of pointer must point to module"
- "no looping"
- "pointer must end with specific offset" and use C as ending (last) offset.
Because opcode you found has [edx+esi*4+C] and we see ESI value (it is 0000000A ), you can try this ending offset too: 34 (which is A*4+C)
- "maximum offset value" - there's no perfect value, sometimes 2047 is enough, I do not recommend value bigger than 8191 (I sometimes use bigger offset, but only when I have base address)
- "max level" - also, there's no perfect value, try with level 3, then 4, then five (do not recommend level bigger than 7)
Do "smart" pointer re-scans. And than means:
- load game save from the very beginning
- or move to different map
- use different character
- try sharing PTR files (compressed with winrar or 7zip) here on CE forum, send to any file sharing service, then give the link. Also give your exact game version.
For example, for "Borderlands 2" game, I did pointerscanning (reply to user "Match") with max level 7, ending offsets 5DC (one before last), 1BC (last one) and "first element of pointer must point to module" checked. Then after about six rescans (map changing, creating new character, Windows rebooting, etc) about 83 pointers left. But it is not enough, I wanted more stable pointers. I posted PTR files here on forum. User with nickname "Kryptos1018" rescanned it for me on his machine, boom, 16 pointers left. Took the first one in the list (link)
That way I got this pointer: [[[[[[base]+40]+190]+6A4]+68]+5DC]+1BC
And it worked for three years.
Probably you are curious how we get those 5DC, 1BC. Those were most common ending offsets for low level pointers (level 4 and 5) which stayed after second or third rescan, but disappeared after fourth.
PS:
If your game is using Lua, Mono or .NET. Give up. You will never find working multilevel pointer.
_________________
|
|
| Back to top |
|
|
akumakuja28
Master Cheater
 Reputation: 16
Joined: 28 Jun 2015
Posts: 432
|
| Posted: Sat Aug 13, 2016 10:04 pm Post subject: |
|
|
Why dont you just do an AOB injection after the cmp edx,00.
As the code thr is a "rolling instruction" or shared instruction.
Or spend an really long time never tracking a pointer that works consistently. Pointers on scenarios like these rarely work well.
_________________
|
|
| Back to top |
|
|
Voodoox
How do I cheat?
![]() Reputation: 0
Joined: 13 Aug 2016
Posts: 4
|
| Posted: Sat Aug 13, 2016 11:52 pm Post subject: |
|
|
| akumakuja28 wrote: | Why dont you just do an AOB injection after the cmp edx,00.
As the code thr is a "rolling instruction" or shared instruction.
Or spend an really long time never tracking a pointer that works consistently. Pointers on scenarios like these rarely work well. |
Thanks for the suggestion akuma, I had no idea about AOB until you said something about it. I googled it and got the AOB to work. The only problem that I noticed is that the value shownis correct most of the time, but inbetween a few ticks as my health goes up it will randomly change the value to 50 for a second and then snap back into the correct HP reading.
But my goal is to be able to get some static addresses that I can then import into other programs such as Macro Goblin or Autoit to create a trainer.
Is this AOB injection able to do that? so far it seems like it only work within Cheat Engine it self. |
|
| Back to top |
|
|
mgr.inz.Player
I post too much
Reputation: 221
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Sun Aug 14, 2016 2:50 am Post subject: |
|
|
You got many things wrong.
To make it clear:
- in CE main window, at the bottom, it is addresslist
- to add new entry to that list you double click entry in foundlist (at the top left in main window)
- or you click "add address manually"
In fact, entries in address list are "memory records".
"memory records" can be: "addresses", "pointers" (multilevel pointers), "scripts" (autoassemble scripts), "headers"
When you add "pointer", you build it from bottom to top. See "memory record, pointer" picture.
Offset you calculate based on data from "extra info", this offset is the "last offset" of (multilevel) pointer, see second picture.
If the game you are trying to hack is popular single player game, I think I can help you, I have a friend with many games on Steam and he shares his library via "family share".
So, if and only if it is a SP game, reply to message I will send you (check your PM box).
_________________
|
|
| Back to top |
|
|
chem0ne
Cheater
![]() Reputation: 0
Joined: 19 Nov 2014
Posts: 33
Location: germany
|
| Posted: Sun Aug 14, 2016 11:58 am Post subject: |
|
|
| Quote: |
@mgr.inz.Player
PS:
If your game is using Lua, Mono or .NET. Give up. You will never find working multilevel pointer.
|
hello guys,
example:
zombie night terror ~ mono, threadstack
for me under winxp, it's nearly impossible now to make any pointer in newer or bigger games. only a few games.
sure pointer was working for an short time after restarts / load game / quitting etc. my pc is to slow to go that deep range.
aob is the punishment for this and it makes more possible.
_________________
|
|
| Back to top |
|
|
Voodoox
How do I cheat?
![]() Reputation: 0
Joined: 13 Aug 2016
Posts: 4
|
| Posted: Sun Aug 14, 2016 4:32 pm Post subject: |
|
|
| chem0ne wrote: | | Quote: |
@mgr.inz.Player
PS:
If your game is using Lua, Mono or .NET. Give up. You will never find working multilevel pointer.
|
hello guys,
example:
zombie night terror ~ mono, threadstack
for me under winxp, it's nearly impossible now to make any pointer in newer or bigger games. only a few games.
sure pointer was working for an short time after restarts / load game / quitting etc. my pc is to slow to go that deep range.
aob is the punishment for this and it makes more possible. |
My Aob isn't giving me consistent values, I'm not sure if im doing something wrong. It shows my Stamina just fine for a few seconds but then the value of my characters stamina will change to a random number such as 50 then snap back to the real reading. Almost as if its reading the wrong pointer for a second or so.
Also, isn't AOB only for Cheat Engine itself? how can I allow other programs to use the Pointer/AOB to create a trainer? |
|
| Back to top |
|
|
akumakuja28
Master Cheater
Reputation: 16
Joined: 28 Jun 2015
Posts: 432
|
| Posted: Sun Aug 14, 2016 9:41 pm Post subject: |
|
|
Use
| Code: |
Pushf
cmp esi,0A
je WHATEVERURNEWCODEIS
Popf //Place this at the last part of the injection above the original code
|
Pushf is all flag push it may or may not be needed
_________________
|
|
| Back to top |
|
|
mgr.inz.Player
I post too much
Reputation: 221
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Mon Aug 15, 2016 3:34 am Post subject: |
|
|
@Voodoox, yesterday I sent you PM...
_________________
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
