Cheat Engine

gaming04

I have the Player structure named by the CE Dissector. I want to test for this name in AA.

For example:
Structure #1
PlayerStructure
00
04
08
0C
10

Structure #2
EnemyStructure
00
04
08
0C
10

In AA I want to test for the string, PlayerStructure, which is discovered by dissector. How do I do this?

Dark Byte · Posted: Sun Dec 19, 2021 4:36 am Post subject:

can't you just compare the first 2 bytes of the start of the base address?
If it's what I think you're referring to (rtti info) the vtable should be pointing to a static. So if it's already a static that's a good reference to compare against (even holds up with randomization of the loaded module, as the first 2 bytes don't change on relocate)

but if you insist,
https://github.com/cheat-engine/cheat-engine/blob/master/Cheat%20Engine/rttihelper.pas and implement that in AA (line 117 is where the fun part begins)

or, if you are lazy ,and it's not on a high performance point, and I am assuming rcx holds the instance base address:

gaming04 · Posted: Thu Dec 23, 2021 4:10 am Post subject:

unfortunately, auto assembler only finds error. How do i fix it?

and another error if i switch {$luacode} into {$asm}

Dark Byte · Posted: Thu Dec 23, 2021 3:02 pm Post subject:

looks like dll injection of luaclient failed

is this a selfcompiled build?

gaming04 · Posted: Fri Jan 07, 2022 12:19 am Post subject:

No, I am using latest public release.

gaming04 · Posted: Sun Jan 16, 2022 7:30 pm Post subject:

bump.

Also, I note that I am using the {luacode} inside [Enable] and [Disable]

P.S. I have decided to simply search for the first two bytes. But I have no idea how to retrieve the first two bytes from 64-bit addresses. How can I do this?

gaming04 · Posted: Thu May 18, 2023 12:10 pm Post subject: bump

bump.

I can really use some help. It has been a few years since I last posted in this thread but I still haven't been able to figure it out. I want to test for an Address name as pointed out in the pictures. Can anyone help me?

I'm trying to test for the class name using auto assembler.

++METHOS · Posted: Thu May 18, 2023 12:30 pm Post subject:

You can try to set the data type to 4-byte hex and compare to that, or, if it really is a pointer, you can expand the pointer and compare to a unique value that resides inside of that pointer tree.

That is, assuming that I am understanding your question.

gaming04 · Posted: Thu May 18, 2023 12:45 pm Post subject:

Dark Byte · Posted: Thu May 18, 2023 5:17 pm Post subject:

that's just the initial syntaxchecl error. ignore it and click yes on the error and then check the box. Does it check?

++METHOS · Posted: Thu May 18, 2023 5:17 pm Post subject:

If you cannot get the lua to work, then you may still be able to use pure assembly. Have you expanded that pointer and performed a comparative analysis to see if anything is viable?

gaming04 · Posted: Sun May 28, 2023 12:46 pm Post subject:

Dark Byte · Posted: Sun May 28, 2023 6:12 pm Post subject:

print out info when you're not sure what goes wrong. It could be your address is wrong, the wrong register is used, etc...
e.g: