Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


DMA, pointer, multiple addresses from one opcode

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
adaptusaaf
Advanced Cheater
Reputation: 0

Joined: 13 Jan 2008
Posts: 52
PostPosted: Wed Dec 28, 2011 5:36 am    Post subject: DMA, pointer, multiple addresses from one opcode Reply with quote
I've been wrecking my brain trying to figure this all out.
I've read up on DMA and pointers, but still have some questions.

1. Can DMA addresses have no pointer or static address? Can they simply be calculated by a formula in the game and have no way to hone in on something trainable?

2. Pointers - when I do a pointer scan for a dynamically changing address, I get a ton of results all pointing back to the same address, what am I doing wrong, is this dynamic address without a static address?

3. Multiple addresses from one opcode - the addresses I want to find static pointers of usually come from 'find out what this opcode writes to'. There will be about 12 addresses usually the opcode writes to, usually like 4 addresses all saying 100, and 8 addresses all saying 50, for example. Whenever you do something in the game, like finish a mission, and start a new one, the addresses switch around or change completely, seemingly at random.

Is there a method to find a static pointer for these kind of multiple addresses from one opcode?

4. Assuming that all of the pointer finding or DMA to static address methods result in failure, is there a way to use auto assembler to read what addresses an opcode writes to, assign them to variables (1,2,3,4,5,6,7,8,9,10) for example, and then use those variables in auto assembler as your static addresses, as they will update automatically and thus defeat the DMA problem without finding a pointer?
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 471

Joined: 09 May 2003
Posts: 25828
Location: The netherlands
PostPosted: Wed Dec 28, 2011 8:59 am    Post subject: Reply with quote
1:
It's possible but extremely unlikely (stack only and never pass any reference in the memory to a dll, system dll's included)

There is another method but that is an anti-cheat and not dma

You can always try code injection to get past this. Even if it's a simple store of the pointer to a known location

2:
You can see the pointerscan as a routeplanner. From every street you can take 2 or more turns and eventually get to your destination anyhow. Only difference is that after a game is restarted a lot of roads are blocked or point to a different location

After a pointerscan restart the game and use the rescan option for the new address. That filters out the paths that are not valid anymore.
After a few repeats you'll be left with pointers that are almost always valid.
Tip: Try a delayed scan and do a rescan while you're inside the game playing (make sure the address doesn't change while playing) That way you filter out paths that are only valid when tabbed out of the game

3:
Check the structure date of the memory regions of those addresses and see if you can find a way to distinguish between the address you need and the ones you do not need and do a code injection at the place you do a 'find out what this opcode writes to'. (Checking the register states also can be useful)
There store the address in a known location, or location you allocated yourself

4:
yes
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
adaptusaaf
Advanced Cheater
Reputation: 0

Joined: 13 Jan 2008
Posts: 52
PostPosted: Wed Dec 28, 2011 12:56 pm    Post subject: Reply with quote
Quote:
4:
yes


Ok, code injection seems like the best way,
however for this particular case I don't think it will do me any good, since I already used autohotkey script for my aimbot, and storing variables in auto assembler can't be read from ahk (currently I'm using readprocessmemory, if then statements, and writeprocessmemory on loop, and constantly manually updating addresses each new mission in the ahk script for the dma addresses ((annoying))),

so I think my only option is to find a pointer.

my question is, if the restart-game and rescan method for pointer scan fails or takes way too long for my slow laptop, can we also find the pointer by changing the DMA address, scanning for changed value, rinse and repeat, to find pointer?

Or does the pointer usually not change with the DMA address until you 'start new mission' or 'restart game'?
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites