Cheat Engine

[codedemen]

Hi!

First of all I would like to tell you, that I have a bit experience in revercing, so I know the basics and mostly I can find in a program any values, that I need...

But not this time... I am trying to reverce an online game to find out some basic value positions(hp, etc) for my future bot but I could find just nothing.

1st attempt
I know my hp now is 1000, i searc for all values with 1000(4bit, 8bit, float, decimal, etc) than i change it to lower(changing equip) and trying to find new value and... nothing found!

2nd attemt:
I search for unknown value then changing my health value(unequiping), look for decreased value, equiping, look for increased value and so on while there are 2-3 adresses left and the value of this adresses is(for example) 1, 46875439-E10 and yes, it changes every time I change my hp value... If I am missing here something - please tell me what, but I can not find out how to operate with such value...

And here is my question:
Could please somebody help to find me 1-2 values, explain how he made this in order I could understand it and try for myself... I am ready to pay for your help up to 50$.

Thank you for your time!

[Mohsen]

You would better to donate 50$ to cheat engine rather than pay for those who are going teach you how to USE it..

BTW, a simple guess. If you are really sure that 1, 46875439-E10 is what you are looking after then add that address; then select it and press ALT+ENTER to change it's type to some integer.

[codedemen]

No, im not sure... even more: I am sure that it is not what I am lookig for... About donating to CE - I am donating to it every time I run a succesfull project using it, so this price is really just for help - nobody will spend his time in order to teach somebody on how to make something... Except it is a forum guide etc... And now I really need some private help...

[Mohsen]

[daspamer]

Tell me whats the game name I'll see whats possible.
I won't take money.

You really should donate to C.E instead.

[jucce]

[Gniarf]

Stick a debugger and see if your data is accessed as an int or float over a word/dword/qword.

Given your tests I'm not yet sure the addresses you found are health-related, they may be pointers to the equipped gear or data related to items.
I know we are talking about an online game, but see if changing those values at least changes the displayed health value.

If the values you found are not hp-related, did you disable fast scan when doing your scans? Because if hp's address is unaligned (rare) you might not find it.

Once you've found addresses that hold hp for sure, post several ingame-value vs in-memory-HEX-value correspondences if you can't figure it yourself.

[codedemen]

Thank you for your replies! I found a value that i needed, it is calculated in a function every time is is needed... But Ive got more one problem here:

[Dark Byte]

"ret 0004" means it needs one parameter

The parameter is stored in [ebp+8]

[Mohsen]

Function parameters are mostly pointers not constant and all of them are pushed into stack before a call is made to that function.

And no-one can tell you what to send as parameter, either no-one is going to find out the pointers for you.

Learn x86 instruction set before touching this area.

[codedemen]

[Gniarf]

Err...Correct me if I'm wrong, but what you did is:
1-find your health's address
2-find the function that writes to this address.
3-now you want to force-call it so that it updates your health and I assume you want to log the health in the process for your bot.

If the above is correct, you're not taking the right/easiest approach. Instead find what functions accesses your health and hook the one with the highest hit count.
Or if the function you found is the only one to write your hp, just log the hp value each time the game writes it, no need to manually trigger an update.

[codedemen]