 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Fable-Gook
Expert Cheater
![]() Reputation: 0
Joined: 04 Jul 2007
Posts: 170
|
 Posted: Fri Oct 26, 2007 3:21 pm Post subject: [Q] Code Injecting |
 |
|
Like in step 6 of the tutorial you can edit the code in the assembler to make it add 2 every time instead of losing 1, but how do I do it for codes that aren't EAX or any of the listed? Here's my code:
| Code: | originalcode:
movsd
jmp 680cbda9
cmp [ebp+18],edi |
_________________
I/L - Banned (Nov 16)
Level 1 Beginner - Active
Like my sigs?=P |
|
| Back to top |
|
 |
Labyrnth
Moderator
![]() Reputation: 10
Joined: 28 Nov 2006
Posts: 6301
|
| Posted: Fri Oct 26, 2007 3:30 pm Post subject: |
|
|
Like Step 6: ?
I dont think so,
| Quote: | Step 6: Pointers: (PW=098712)
In the previous step I explained how to use the Code finder to handle changing locations. But that method alone
makes it difficult to find the address to set the values you want.
Thats why there are pointers:
At the bottom you'll find 2 buttons. One will change the value, and the other changes the value AND the location of
the value.
For this step you dont really need to know assembler, but it helps a lot if you do.
First find the address of the value. When you've found it use the function to find out what writes to that address.
Change the value again, and a item will show in the list. Double click that item. (or select and click on more info) and
a new window will open with detailed information on what happened when the instruction ran.
If the assembler instruction doesnt have anything between a '[' and ']' then use another item in the list.
If it does it will say what it think will be the value of the pointer you need.
Go back to the main cheat engine window (you can keep this extra info window open if you want, but if you close it,
remember what is between the [ and ] ) and do a 4 byte scan in hexadecimal for the value the extra info told you.
When done scanning it may return 1 or a few hundred addresses. Most of the time the address you need will be the
smallest one. Now click on manually add and select the pointer checkbox.
The window will change and allows you to type in the address of a pointer and a offset.
Fill in as address the address you just found.
If the assembler instruction has a calculation (e.g: [esi+12]) at the end then type the value in thats at the end. else
leave it 0. If it was a more complicated instruction look at the calculation.
example of a more complicated instruction:
[EAX*2+EDX+00000310] eax=4C and edx=00801234.
In this case EDX would be the value the pointer has, and EAX*2+00000310 the offset, so the offset you'd fill in
would be 2*4C+00000310=3A8. (this is all in hex, use cal.exe from windows in scientific mode to calculate)
Back to the tutorial, click OK and the address will be added, If all went right the address will show P->xxxxxxx, with
xxxxxxx being the address of the value you found. If thats not right, you've done something wrong.
Now, change the value using the pointer you added in 5000 and freeze it. Then click Change pointer, and if all went
right the next button will become visible.
extra:
And you could also use the pointer scanner to find the pointer to this address
|
|
|
| Back to top |
|
|
Fable-Gook
Expert Cheater
![]() Reputation: 0
Joined: 04 Jul 2007
Posts: 170
|
| Posted: Fri Oct 26, 2007 3:32 pm Post subject: |
|
|
It could have been step 7, let me check...
it's the step where you had to change the address to add [ xxxxx],2 or 3 if you didn't delete the -1
_________________
I/L - Banned (Nov 16)
Level 1 Beginner - Active
Like my sigs?=P |
|
| Back to top |
|
|
Labyrnth
Moderator
![]() Reputation: 10
Joined: 28 Nov 2006
Posts: 6301
|
| Posted: Fri Oct 26, 2007 3:48 pm Post subject: |
|
|
The assembly you are looking at is not from step 7.
Step 7:
==================================
What you can do to make it increase twice, thus makes it add 2 each time.
| Code: |
alloc(newmem,2048) //2kb should be enough
label(returnhere)
label(originalcode)
label(exit)
0045673B:
jmp newmem
nop
returnhere:
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
inc [ebx+0000030c] <--- increase once
inc [ebx+0000030c] <--- increase once again will equal 2 increases of 1.
originalcode:
//dec [ebx+0000030c] <--- Commented out because this makes it decrease by 1.
exit:
jmp returnhere |
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
