Cheat Engine

[btd5]

How can i get adress of invisible hp. When i die i see message ˇdiedˇ. when i dont die i see ˇno diedˇ. I tried unknown adress but no luck. Any advice?

And how can i get adress of moving object and freeze it?

Thanks.

[Daijobu]

1. Scan Unknown Initial Value
2. Take damage
3. Scan Decreased Value
4. Heal
5. Scan Increased Value
6. Repeat Step 2

50% chance your value is 1.00 or 100.00 float at full health.

[btd5]

The problem is that when i take damage i die instantly. So this game is like 1hp when alive and 0 when died. what im tring to say is u are dead or alive so no hp at all.

Here u can look at intro. /watch?v=6mTVWWCasX4

basicly i can explain u here. game is squshi the suicidal pig. His parent was taken to slaugter house and he wants to join them so he do suicide. But he comes to hell because of it. Now he must lose his 31x bonus lifes to get to parents, but in some rooms u must not die. U must found a key. So basicly is game like founding some keys and survive and do 31x suicide.

Thanks. U can watch intro u will see more.

[btd5]

I tried also with assemble but no luck.

[ENABLE]
squishy.exe+404A7:
inc [esi+08]

[DISABLE]
squishy.exe+404A7:
dec [esi+08]

[ParkourPenguin]

[btd5]

thanks for info. Ill watch wideos then try it.

[btd5]

Ultimap is good tools but it's pain in a** too :D. It's hard to find HP. So when i die it sais fail, then i restart. So i do next.

I start play level lets say 1-1. Press start in ultimap. Im not sure if this code is executable but i press code did not executed. Then i go die. Next press is mark all new entries as filtered out. Then i do filter out routines not in a specific module then scan for game. Next i do filter out routines that where not called, and for last filter out routines where callcount is not 1(i died 1 time so i think it's ok.

Can i do better somehow to get address of my life(im dead or alive no hp at all)?

[btd5]

Can someone give me any advice or tip. I'we searched in forum and looked some tutorial then try with ultimap and normal scan but i still didnt find that boolean value with dear or alive. So any advice?

Thanks

[ParkourPenguin]

[btd5]

I do next code has been executed
filter out routines not in a specific module
filter out rountine that where not called
gaved me 586 results. this is a lot but i will try it. Thanks

[btd5]

btw what is this squishy.exe+5277 - CC - int 3 represent?

[ParkourPenguin]

Google could help you.

[btd5]

Well i have some adresses where death is writed to it. But can be boolean value compared or moved in auto asseble or i need to create lua script? Frezee dont work.

Is this code even wright ?
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)

newmem: //this is allocated memory, you have read,write,execute access
cmp [esp+??],???????? --------------Im changing offset here-------------
jne originalcode
jmp exit

originalcode:
mov eax,[esp+10]
movsd xmm0,[squishy.exe+25E918]

exit:
jmp returnhere

"squishy.exe"+E6860:
jmp newmem
nop
nop
nop
nop
nop
nop
nop
returnhere:




[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
"squishy.exe"+E6860:
mov eax,[esp+10]
movsd xmm0,[squishy.exe+25E918]
//Alt: db 8B 44 24 10 F2 0F 10 05 18 E9 65 00

[ParkourPenguin]

That instruction isn't writing to that address. It shouldn't even be accessing anything significant to you- it's some value on the stack.
Regardless, assuming you backtraced the instruction that wrote to your health to this instruction, then just move some new value into [esp+10]. If you have a basic knowledge of assembly, you should know how to do this. If you don't know, then you probably selected the wrong instruction to do a code injection on anyways.

[btd5]

Well i'am begginer in aa but i did few stuff and workes, like
fly hack
newmem: //this is allocated memory, you have read,write,execute access
cmp [ecx+04C],000000DE
jne originalcode
jmp exit

originalcode:
movss [ecx+58],xmm1

or no cooldown for skil just by noping adress, but this boolean value is hard shell :D. I will try to search for a differend code. Probably i found just a wrong instruction like u said. I'll see.

Thanks for help.