Cheat Engine

[Dahde]

Alright, here it goes from the beginning....

I start the game and attach CE, find the address with my value, and then do a pointer scan on that address:


I double click a couple to add the to the register, then double click again to see this:



Now before I disconnect, I want to find the real address of this pointer, so I do a new search for 13ec9f8c and a magic green address pops out...



Now I enter this magic green address here:



Proceed to close the game...



Restart the game:



And start banging my head against the keyboard.
I am clearly missing something...

[Labyrnth]

After pointer scan and you see the 35 address's.
Close the game *do not close ce or pointer scan window.
Launch the game again.
Attach CE
On pointer scan window click "pointer scan" and rescan pointers. You will see only valid pointers remaining after this.
Add one to your cheat table and restart game again and see if it is still valid after that.
If so then thats it. You can make a trainer with CE with the CT.

[Dahde]

I get nothing when I rescan, perhaps I'm doing it wrong again.

I reattach, it asks me if I want to make a new scan, I click ok, keep the old values, and search for the value again, choose rescan in the opened pointer window, it asks me for a new address, I enter the address where my value is and get 0 results + the pointer list disappears.

I think this method is flawed in theory for this game, could that be?
Take a look at these and tell me if this makes sense.

The value I search for is "HAND #", when the game writes this value, it writes some other values behind it...So when I rescan values after reattaching, it finds this value, but it's not the last value that was pushed onto the stack by the game.


So theoretically, when rescanning I should be looking for the very last address that was accessed in the stack. About every 14 char the stack address changes to the next mem address, which is about +10 offset.




Take a look at these too, maybe they'll give you an idea...










That address that pushes the value onto the stack "push ebp 004011D8" maybe there is way to follow it?? It seems to stay the same...

EDIT:
My CE settings are probably incorrect or my technique is flawed, because I notices that after I reattach to the game, if I try to do a strainght forward pointer scan on a value (not a rescan) I come up with 0 results also. Then if I keep the game open, restart CE, find that same value again and pointer scan I get a ton of pointers. Is these some setting/method of reattaching I should know about?? I did go through the tutorial supplied with CE with NP, so I don't know how to explain this ...

[Labyrnth]

Ok for 1, your not in the executable module when you found what writes to it.
Notice range on pointer scan 00400000 to 004BD000 for static pointers.
In the last image you show memory view, notice the lower window in memory view.
Right click in that window and click goto and type the address you are looking at from the top view. 77C473C0 Then you will see your in a dll.
I would try just using the assembly and make an AA script, or maybe you can set a break on this in olly and in the stack window click where the break is and hit enter and see if it puts you back in the module on the code you need to mess with.

[Dahde]

Crap, looks like this is more that I can handle...I don't understand what to try next. The results are too different from the tuts I've seen so far to make any sense to me. The pointer scanner seems to malfunction after reattaching to the game also.

There has got to be an easy method for finding out what memory address was last used, or is next up, since they are basically consecutive addresses. It seems that they are in similar memory realm every time also.

In case anyone has ideas, here is the link for the app I'm using.
Poker-Academy-Pro Edited by:Lab , we cant post warez links. Against the rules.

Maybe someone could get more lucky...

[Labyrnth]

Im looking into the game, since i have nothing to do.
Maybe i can help a little more.

Bad news man, I have not seen this before but only on some browser based games. It is all allocated in memory. When you find what writes to it, you get a allocated or the program is copied to memory. But it is in the same address. No module .
Pointers are no good as well, it finds pointers in modules such as a dll and the binary, but none are valid after any restart.

You can cheat by simply altering the money value of the address you find at the time. Located in double scans

[Dahde]

Dang, that sucks...

I'm not trying to cheat, I needed that info to feed to my bots ai. There are other ways I could do this, it's just this seemed like the most promising approach, which could be replicated on other poker soft.

I learned a whole bunch out of this experience, so it was well worth it.

Thank you for trying.

Cheers Man.

EDIT:

I just had another idea...I notice that the CE memory search functions is very fast when I look for my value. I'm thinking of replicating it in AutoIt. Are you using kernel32.dll to power that function?