Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Pointer scan begins with offsets

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
Vindictive
Newbie cheater
Reputation: 0

Joined: 02 Oct 2017
Posts: 17

PostPosted: Tue May 22, 2018 2:06 pm    Post subject: Pointer scan begins with offsets Reply with quote

I feel like I would easily know the answer to this if I had a deeper understanding of memory so I apologize for any stupid questions.

After doing several pointer scans for different values in the same game I have good intuition about what the offsets might look like both the ending and beginning offsets.

When performing a pointer scan there is a clear option to add ending offsets. There is not an option to add beginning offsets.

To compromise I added a "base address must be in specific range" as followed.

From:
[[["game.exe"+0010FF90]+0]+8]+4C
To:
[[["game.exe"+0010FF90]+0]+8]+4C

This allowed me to find pointer paths that only start at the offset I want. In other words, it did work, however, I can not rescan my results because they point to a specific memory address the address that [[["game.exe"+0010FF90]+0]+8]+4C was pointing to during the initial scan.

Is there a way to accomplish what I'm trying to do?
Back to top
View user's profile Send private message
TheyCallMeTim13
Wiki Contributor
Reputation: 50

Joined: 24 Feb 2017
Posts: 976
Location: Pluto

PostPosted: Tue May 22, 2018 3:23 pm    Post subject: Reply with quote

This is a pointer.
Code:
[[["game.exe"+0010FF90]+0]+8]+4C

But the first offset (i.e.: 0010FF90) seems a bit big, but it just depends on the structure sizes in the game/process.

Ultimately you're scanning for a pointer using a pointer. So I'm not really sure what you're trying to do.

The pointer scanner start at the end of the chain and works backwards to the base. But structure spider starts at the base.

Here's a post on the wiki about pointers.
https://wiki.cheatengine.org/index.php?title=Tutorials:Pointers

_________________
Back to top
View user's profile Send private message Visit poster's website
Vindictive
Newbie cheater
Reputation: 0

Joined: 02 Oct 2017
Posts: 17

PostPosted: Wed Jun 13, 2018 5:45 pm    Post subject: Reply with quote

What I was trying to say was that I have a group of gamestate values that follow a very similar pointer chain:

Example
Health: [[[["Game.exe" + 0] + 8] + 4C] + x] + y
Armor: [[["Game.exe" + 0] + 8] + 4C] + z
Mana: [[[[["Game.exe" + 0] + 8] + 4C] + a] + b] + c

You can see that all this pointer chains begin with the same 3 offsets. So to speed up my pointer scan instead of having a max level of 7 or whatever I wanted to begin my search at [["Game.exe" + 0] + 8] + 4C so I could potentially find my value doing a much quicker pointer scan with max level 3.

I hope my intentions are sensible. Now is there a way to do it?
Back to top
View user's profile Send private message
ParkourPenguin
I post too much
Reputation: 138

Joined: 06 Jul 2014
Posts: 4275

PostPosted: Wed Jun 13, 2018 6:31 pm    Post subject: Reply with quote

The pointer scanner doesn't work that way. Try the structure spider.
_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Thu Jun 14, 2018 1:50 am    Post subject: Reply with quote

It wouldn't speed up the scans(the pointerscan starts from the final address and then finds the pointers that point to it, and repeats till a static base), at most it would find it and then not write it to disk. (which these days with proper usage of pointermaps is a non issue)

But what you can do is after the scan do a rescan, and tick :"must start with offsets"

Alternatively, if you do know the base address and the start offsets you can follow where that will lead you, and then do a pointerscan as alays, but in advanced options uncheck "Only find paths with static addresses" and give that the base address must be in a specific range. In that range will in the address you get when following the first offsets

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
gdgsdg123
How do I cheat?
Reputation: 0

Joined: 13 May 2019
Posts: 3

PostPosted: Mon May 13, 2019 2:29 pm    Post subject: Cannot post URL... Reply with quote

Dark Byte wrote:
It wouldn't speed up the scans(the pointerscan starts from the final address and then finds the pointers that point to it, and repeats till a static base), at most it would find it and then not write it to disk.

Why wouldn't it?.. Could you please elaborate?

I've read this post, and 'pointerscanworker.pas'.
The algorithms described seem to be some sort of depth-first exhaustion?.. (first I admit I have zero knowledge on Pascal... please do excuse if there were stupid errors)



The pointer scan is essentially an approach of exhaustion.
By having certain parameters pre-defined, the depth of the recursion is effectively reduced. Thereby effectively reduce the computational complexity thus the computation time.

Quote:
forum.cheatengine.org/viewtopic.php?p=5733233#5733233
githubcom/cheat-engine/cheat-engine/blob/master/Cheat%20Engine/pointerscanworker.pas


Last edited by gdgsdg123 on Mon May 13, 2019 6:34 pm; edited 2 times in total
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Mon May 13, 2019 2:43 pm    Post subject: Reply with quote

as I mentioned in
Quote:

Alternatively, if you do know the base address and the start offsets you can follow where that will lead you, and then do a pointerscan as alays, but in advanced options uncheck "Only find paths with static addresses" and give that the base address must be in a specific range. In that range fill in the address you get when following the first offsets

it can speed up if you tell it the exact start address and subsequently lower the max recursion level (so instead if scanning for point g to a in a-b-c-d-e-f-g you scan for point g to e , which only needs 2 levels instead of 6)

but the topic starter only mentioned he knows the offsets inbetween without knowing the total size or the new base address. With this information you can't decrease the level and properly reduce the dataset without throwing away valid results

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
gdgsdg123
How do I cheat?
Reputation: 0

Joined: 13 May 2019
Posts: 3

PostPosted: Mon May 13, 2019 3:20 pm    Post subject: Reply with quote

Dark Byte wrote:
but the topic starter only mentioned he knows the offsets inbetween without knowing the total size or the new base address.

I fear you misunderstood him...
Vindictive wrote:
After doing several pointer scans for different values in the same game I have good intuition about what the offsets might look like both the ending and beginning offsets.

When performing a pointer scan there is a clear option to add ending offsets. There is not an option to add beginning offsets.

And apparently he knew what you were talking about...
Dark Byte wrote:
Alternatively, if you do know the base address and the start offsets you can follow where that will lead you, and then do a pointerscan as alays, but in advanced options uncheck "Only find paths with static addresses" and give that the base address must be in a specific range. In that range will in the address you get when following the first offsets
Vindictive wrote:
To compromise I added a "base address must be in specific range" as followed.

From:
[[["game.exe"+0010FF90]+0]+8]+4C
To:
[[["game.exe"+0010FF90]+0]+8]+4C

This allowed me to find pointer paths that only start at the offset I want. In other words, it did work, however, I can not rescan my results because they point to a specific memory address the address that [[["game.exe"+0010FF90]+0]+8]+4C was pointing to during the initial scan.

Is there a way to accomplish what I'm trying to do?

So... Is there a way to accomplish what I'm trying to do? (we were actually talking about exactly the same thing...)





BTW there might be a chance that I misunderstood you...
Dark Byte wrote:
...the total size or the new base address.

Could you please elaborate the 2 highlighted words to clarify things?..
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Mon May 13, 2019 3:41 pm    Post subject: Reply with quote

he says 'starting offsets' but not 'base address and starting offsets'
when a game gets updated the base address is one of the first things that change, and starting offsets are useless without a base address

but yes, i do see that the issue is that rescan doesn't work because the scan was done using a hardcoded base address which will be different on a nextscan and there is no option for that right now

but how many levels are we speaking here? less than 3? if so the structure spider is more suited for your needs which is designed to work with variable base addresses

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
gdgsdg123
How do I cheat?
Reputation: 0

Joined: 13 May 2019
Posts: 3

PostPosted: Mon May 13, 2019 4:38 pm    Post subject: How to unlock URL posting?.. Reply with quote

Dark Byte wrote:
he says 'starting offsets' but not 'base address and starting offsets'
when a game gets updated the base address is one of the first things that change, and starting offsets are useless without a base address

Well but actually for a normal unprepared pointer scan (no parameters pre-defined), we don't know nothing about the base address neither...
(if I got things right the scanner shall add everything matched to the result if staticonly is 0)
Quote:
githubcom/cheat-engine/cheat-engine/blob/c595362dabd2f92b0d9d5f925eb923ca2f5cf5ae/Cheat%20Engine/pointerscanworker.pas#L58




Dark Byte wrote:
but how many levels are we speaking here? less than 3? if so the structure spider is more suited for your needs which is designed to work with variable base addresses

Unsure but... shall be <=16. (base on computational assumptions, highest confirmed result has 13 (no loop)...)
And the structure spider indeed appeared to have terrible multi-threading performance.





And I've found some problems (possibly?..) in 'pointerscanworker.pas'.
Shall I post them in the forum or start a new issue in GitHub?..
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Mon May 13, 2019 10:25 pm    Post subject: Reply with quote

ok, but a staticonly=false scan is not useful if the base region isn't limited. (that's like raytracing where every single object is a full lightsource) so at least a base address or a region of memory has to be defined for that


you can post where you wish. Github makes url's more easier though

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites