| View previous topic :: View next topic |
| Author |
Message |
bbeben
Expert Cheater
![]() Reputation: 0
Joined: 18 Dec 2006
Posts: 236
|
 Posted: Thu Oct 18, 2007 5:16 am Post subject: [Question] Values of addresses |
 |
|
Say you find an address in dissassembler, is there a way to find out the value of it's ecx, eax and so on without having to do a pointer search?
So if I had an address with the code: cmp edx,[ecx+1c] is there a way to find out its ecx? Thanks.
|
|
| Back to top |
|
 |
Labyrnth
Moderator
![]() Reputation: 10
Joined: 28 Nov 2006
Posts: 6301
|
| Posted: Thu Oct 18, 2007 12:17 pm Post subject: |
|
|
Are you serious?
You have 200+ posts and you are asking that question.....
OK look, stop what you are doing.
1. Go to C:\Program Files\Cheat Engine
2. Double click Tutorial.exe
3. Read and follow instructions.
|
|
| Back to top |
|
|
kjmarket
Grandmaster Cheater
 Reputation: 0
Joined: 11 Oct 2006
Posts: 600
|
| Posted: Thu Oct 18, 2007 12:51 pm Post subject: |
|
|
Wow...that is a little hard to believe. Go with Lab's advice and do the tutorials.
_________________
I can hear the voices of opcodes. "Come and NOP me!" Come and NOP me!" |
|
| Back to top |
|
|
bbeben
Expert Cheater
![]() Reputation: 0
Joined: 18 Dec 2006
Posts: 236
|
| Posted: Thu Oct 18, 2007 1:18 pm Post subject: |
|
|
Well, actually I have done the tutorial and completed it. My situation is this:
In dissassembler I've come across an address with the code:
cmp edx,[ecx+1c]
what that is saying is to compare the value of the address of the pointer ecx + 1c to edx. My question is how do you find out the value/address of ecx from this code?
|
|
| Back to top |
|
|
Labyrnth
Moderator
![]() Reputation: 10
Joined: 28 Nov 2006
Posts: 6301
|
| Posted: Thu Oct 18, 2007 1:47 pm Post subject: |
|
|
Well in ce, there is a button that says "more info" after you attached the debugger and found this instruction.
And if you would have done the tutorials and understood them, you would already know about this.
|
|
| Back to top |
|
|
Symbol
I'm a spammer
![]() Reputation: 0
Joined: 18 Apr 2007
Posts: 5094
Location: Israel.
|
| Posted: Thu Oct 18, 2007 2:07 pm Post subject: |
|
|
| But what if he isn't using "Find out what writes to that address"? or access/read? you can set a breakpoint at that address and when the game reads that address it will break there. (For example, if its in the part where you get a message you can't do thing, pop up the message and then is will break. I think you got my point)
|
|
| Back to top |
|
|
Labyrnth
Moderator
![]() Reputation: 10
Joined: 28 Nov 2006
Posts: 6301
|
| Posted: Thu Oct 18, 2007 2:21 pm Post subject: |
|
|
| Symbol wrote: | | But what if he isn't using "Find out what writes to that address"? or access/read? you can set a breakpoint at that address and when the game reads that address it will break there. (For example, if its in the part where you get a message you can't do thing, pop up the message and then is will break. I think you got my point) |
Do you really believe he found that without attaching the debugger?
Because i dont.
I wont waste my time explaining every way to find out what the registers values are.
|
|
| Back to top |
|
|
bbeben
Expert Cheater
![]() Reputation: 0
Joined: 18 Dec 2006
Posts: 236
|
| Posted: Thu Oct 18, 2007 4:22 pm Post subject: |
|
|
| Labyrnth wrote: | | Symbol wrote: | | But what if he isn't using "Find out what writes to that address"? or access/read? you can set a breakpoint at that address and when the game reads that address it will break there. (For example, if its in the part where you get a message you can't do thing, pop up the message and then is will break. I think you got my point) |
Do you really believe he found that without attaching the debugger?
Because i dont.
I wont waste my time explaining every way to find out what the registers values are. |
*Sigh* I wish you'd be more understanding than seeming annoyed.
I'm trying to find the ecx value from a bit of code:
I'm not using "Find what accesses/writes to this address." so that little length of code i'm looking for isn't part of a pointer search. I was messing around with an existing pointer and came across a different section of code: cmp edx,[ecx+1c] How do I find the value/address of ecx in that?
|
|
| Back to top |
|
|
Labyrnth
Moderator
![]() Reputation: 10
Joined: 28 Nov 2006
Posts: 6301
|
| Posted: Fri Oct 19, 2007 12:22 pm Post subject: |
|
|
You can set a break point on it and when it breaks during game it will show you that in the mem window "top right", or you can pop open ollydbg and do the same thing. * But be sure not to be in full screen mode when doing it.
Sorry, bout before im getting a little irritated by some of the dumb stuff i am seeing lately.
|
|
| Back to top |
|
|
kjmarket
Grandmaster Cheater
Reputation: 0
Joined: 11 Oct 2006
Posts: 600
|
| Posted: Fri Oct 19, 2007 4:18 pm Post subject: |
|
|
I'll apologize for my response as well. Keep mouth shut until question is clear. Lesson learned. Again...sorry, man. It is very easy to get to a point on here when you expect people to ask really dumb questions.
_________________
I can hear the voices of opcodes. "Come and NOP me!" Come and NOP me!" |
|
| Back to top |
|
|
hero4rune
Newbie cheater
 Reputation: 0
Joined: 20 Oct 2007
Posts: 15
|
| Posted: Sat Oct 20, 2007 1:13 am Post subject: |
|
|
i got probs with founding pointer!
look, this is when i writes to this adress and getting extra info by AEX:
00CFF020
What must i type in by searching in hex?
PW by tutorial is:098712
greez, hero4rune
|
|
| Back to top |
|
|
bbeben
Expert Cheater
![]() Reputation: 0
Joined: 18 Dec 2006
Posts: 236
|
| Posted: Sat Oct 20, 2007 4:40 am Post subject: |
|
|
| hero4rune wrote: | i got probs with founding pointer!
look, this is when i writes to this adress and getting extra info by AEX:
00CFF020
What must i type in by searching in hex?
PW by tutorial is:098712
greez, hero4rune |
That should be answered in the tutorial.
I'm having trouble attaching the debugger to the game. Every time I try and attach it I get an error=6 and a message that says the thread that was supposed to attach to the process failed. I got it to work once yesterday, but I'm not sure what I'm doing wrong now. Any clues?
--edit--
Ok, so I ran systemcallretriever and now I can attach the debugger to the process. Now my problem is my computer automatically restarts, despite using a Rev 1060 bypassed UCE. Ideas?
--edit2--
I'm not sure what I'm doing wrong. When the game is starting up I can attach the debugger, but my computer restarts. When I'm in game I get error=5/6.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
