Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Why do I get different module addresses?

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
justa_dude
Grandmaster Cheater
Reputation: 23

Joined: 29 Jun 2010
Posts: 893
PostPosted: Wed Jul 14, 2010 7:32 pm    Post subject: Why do I get different module addresses? Reply with quote
Hi folks,

Just wondering why I sometimes get different module addresses depending on whether I'm using the kernel-level debugger versus the default. If I'm using the user-mode debugger, I still get the more familiar addresses when I copy from the memory view / disassembler, but the display shows something different. The templates all grab the unfamiliar module names, too. CE seems to be happy using either, but I'm not really clear on the difference. Could anyone enlighten me, please?

As an example, AK::Streammgr::blahblah+12345 vs Assassinscreedgame2.exe+12345.

Cheers,
adude
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 471

Joined: 09 May 2003
Posts: 25833
Location: The netherlands
PostPosted: Wed Jul 14, 2010 8:15 pm    Post subject: Reply with quote
the symbols are probably lost when the new processhandle is being used (new processhandle due to attachtoprocess) so ce falls back on modulenames when getting the name of an address
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
justa_dude
Grandmaster Cheater
Reputation: 23

Joined: 29 Jun 2010
Posts: 893
PostPosted: Wed Jul 14, 2010 8:22 pm    Post subject: Reply with quote
So, the AK::Streammgr stuff is a symbol loaded from the program's debug information? That's awesome.

For noting addresses in general, is any one choice advantageous over another? I understand that using flat addresses relative to the base of memory is frowned upon since the relative addresses can change, but is there any fundamental difference between using a symbol name versus a module name?

Thanks,
adude
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 471

Joined: 09 May 2003
Posts: 25833
Location: The netherlands
PostPosted: Wed Jul 14, 2010 8:38 pm    Post subject: Reply with quote
using symbols can have an advantage sometimes.
e.g a game could have a lot of symbols like apawn::DecreaseHealth

When it updates there is a high chance that the offsets from those direct functions are still valid (unless those specific functions got edited, but that's rare)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites