Cheat Engine

Fresco

so, i have windows 7 x64 and i'm about to start hacking need for speed most wanted the one from 2005, problem is, that it has an idle debugger and i have no clue on how to attach ce 6.2 to this game.
thank you for your help Smile

Dark Byte · Posted: Sun Jan 20, 2013 11:44 am Post subject:

Try the veh debuggerinterface, and if needed manually reset breakpoints that are in use for specific threads you might suspect access the variable

Else try kernelmode debugging, (if your system supports dbvm) , but still the same thing, manually reset the used debugregisters by the game's debugger

Fresco · Posted: Sun Jan 20, 2013 12:38 pm Post subject:

thanks, it works with veh dbg; but it can't find the code that writes to an address (nitro) ce shows no codes writing to it.
neither kernelmode dbg works.
in win xp x86 worked with that trick: peprocess+bc set to 0 but in win 7 x64 doesn't work as the addy is already set to 0
thanks

Fresco · Posted: Mon Jan 21, 2013 11:20 am Post subject:

can you think of anything else ?

Dark Byte · Posted: Mon Jan 21, 2013 12:16 pm Post subject:

go to debugger settings and make sure "Override existing breakpoints when setting breakpoints" is checked

And when you say, kernelmode debug doesn't work. Do you mean it doesn't work because your system doesn't support it/crashes, or that it doesn't find anything as well ?

in win7 x64 it's a different offset

Fresco · Posted: Mon Jan 21, 2013 2:06 pm Post subject:

no no, kernelmode dbg works like a dream, my sys does supports dbvm, i always get DBK64 LOADED, the thing is that neither kernelmode nor VEH can find any instructions that wrote on address.
in debugger settings i have checked the "Override existing breakpoints when setting breakpoints" but it still doesn't work

Dark Byte · Posted: Mon Jan 21, 2013 2:18 pm Post subject:

Check the debugevents window while the debugger is attached , perhaps it gets some events that might give a clue.

Also, check the threadlist and the debugregisters perhaps the override doesn't work.

And try global debug.

Running dbgview from sysinternals might also show some things.

Also, what are you trying to find? E special variable used by security, or just an ingame variable?

Fresco · Posted: Mon Jan 21, 2013 2:26 pm Post subject:

nitro, nothing fancy, i already got the pointer but still can't make the dbg to find anything.
i'm interested into nopping the rear lights boost effect when using nitro.
so i thought that the thing that decreases nitro could be a good start Smile

ce shows no dbg events while searching for the code

Fresco · Posted: Fri Feb 01, 2013 6:17 am Post subject:

is there anything else i can try ?
i noticed a process : "~e5.0001" Description : Cleanup
i'm sure it's an idle debugger, debugging nfsmw.
is there a way to deattach it, so i can attach cheat engine ?

Dark Byte · Posted: Fri Feb 01, 2013 7:28 am Post subject:

Try finding the debugport in the eprocess structure and set that to NULL
I have no idea what offset the debugport is. Try comparing two eprocess structures before and after you attach the normal windows debugger.

I thing that the function PsGetDebugPort (or whetever it's called) has the code that contains the offset as well)

Fresco · Posted: Sun Feb 03, 2013 9:56 am Post subject:

i'll look into it. thanks Smile