 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Symbol
I'm a spammer
![]() Reputation: 0
Joined: 18 Apr 2007
Posts: 5094
Location: Israel.
|
 Posted: Fri Jan 25, 2008 1:54 pm Post subject: [Question]Speed Hack (C#) |
 |
|
I noticed that Cheat Engine makes GetTickCount to jmp an address and returns immeditly, but it doesn't look like allocated memory or something, it was the same memory but it wasn't static, I mean it wasn't just a few 00 bytes... why does it jump there? what exacly does it do?
Also when I checked QueryPerformanceCounter and it jumped right below that ret:
| Code: | 01C13A84 - 8b 05 14 0c c3 01 - mov eax,[01c30c14] ; 01804466 (Extra info, probably the value of 1c30c14)
01C13A8A - c3 - ret
01C13A8B - c3 - ret ; 2 ret's? o.o
01C13A8C - 55 - push ebp
01C13A8D - 8b ec - mov ebp,esp
01C13A8F - 8b 45 08 - mov eax,[ebp+08]
01C13A92 - 8b 15 18 0c c3 01 - mov edx,[01c30c18] ; 1FE73CE0
01C13A98 - 89 10 - mov [eax],edx
01C13A9A - 8b 15 1c 0c c3 01 - mov edx,[01c30c1c] ; 00004367
01C13AA0 - 89 50 04 - mov [eax+04],edx
01C13AA3 - 83 c8 ff - or eax,ff
01C13AA6 - 5d - pop ebp
01C13AA7 - c2 04 00 - ret 0004 |
GetTickCount and timeGetTime jumps to 01C13A84 and QueryPerformanceCounter jumps to 01C13A8C.
What does it actually do? how does it change the game's speed? (or its not the only thing that makes it faster?)
And what happens if CE doesn't find the module timeGetTime? it happened a few times... (for example I attached a random process, Microsoft Visual C# and it couldn't find it...)
Oh and, I checked CE's source, it just calls the HyperScan.Click or something and then checks if sender == cbSpeedHack and enables the text boxes, thats all...
|
|
| Back to top |
|
 |
Losplagos
Expert Cheater
 Reputation: 0
Joined: 21 Mar 2006
Posts: 172
Location: Knee deep in a c++ book
|
| Posted: Sat Jan 26, 2008 8:49 am Post subject: |
|
|
Here is what it looks like to me. Cheatengine stores all the original info for queryperformancecounter, timegettime, and gettickcount. When you turn off the speedhack it restores the original info and the game runs at normal speed. It is just making common functions used for timing code read a fake value.
_________________
Earthbound = 31337 |
|
| Back to top |
|
|
Symbol
I'm a spammer
![]() Reputation: 0
Joined: 18 Apr 2007
Posts: 5094
Location: Israel.
|
| Posted: Sat Jan 26, 2008 9:54 am Post subject: |
|
|
| I don't need help disabling... I need to know what is this address it jumps to.
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
