Cheat Engine

[crimsonedge5]

Specifically Fire Emblem Radiant Dawn (NTSC-U)

Ok first of all, yes I am using 4 byte "Big Endian".

And yes, I have had success finding and modifying certain values like gold and Bexp, and even successfully modified the usage to infinite on weapons, but the weapons got deleted in the very next mission.

Also the only quantity that was exactly like it was on the search was gold. Example, I got 5000 gold, buy 1 thing from the shop and got 4500 gold, search for that number, and I come up with 2 on the search, modify one to 500000, and it changes my gold to 500000. The one to modify Bexp was an enormously high number like 1407864836, although if I change it to 1000000000 - changes the Bexp from 999999 to 0. Also confused as to why this is?

I had similar results modifying the weapon durability. It would be 24/40, so if I searched for 24 I would get nothing, and the only way I found the value was to attack something go from 40 to 39 and look for decreased value - and I would do that 20+ times until it narrowed the search down to 10 or so. I was successful in finding something attached to it, but the value was an astronomical number, 10 digits. So I'd change it to 9999999999 - then it would give me a weapon with infinite durability - but also glowing blue lettering? I also tried smaller numbers - would also get weapons with infinite durability but with the text glitched out completely. At first I though cool I can make this work, but all the weapons I modified this way get deleted in the next mission.

My problem is I can't find any pointers. Although the one for gold is generally unchanging. I was only able to find the others by repeatedly searching for decreasing values, because the values in game were far different from the listed values in CE. If there is a better way to search for these while not knowing the quantity values - please tell me, lol.

I stopped last night after messing around for about 3 hours trying to hack this game.

The reason I'm trying to use CE instead of Gecko, because the Gecko codes don't work, and even the offsets I found for the codes via google search don't work in my version of the game. So I figured if I'm gonna hack it myself I may as well use CE.

I'm a complete noob at CE - so please bear with me and try to explain things to someone of my level.

If anyone has hacked this particular game on Dolphin and has a cheat table, please share and also tell me how you found the pointers.

And yes I have done searches and found a few other threads - one of them had the "Big endian" value script which I added. I wasn't able to find any answers in those other threads - or they were explained in terms I didn't understand.

[foxfire9]

First of all, have you finished or tried the Cheat Engine Tutorial?

[crimsonedge5]

I've finished the tutorial up to step 6, or the pointers. Code injections are too tough. I felt like the tutorial in that part was assuming I knew how to do something when the assumption is wrong, which leads to nothing but complete confusion for people like me. And is that even required for what I'm trying to do here?

I could use some help from anyone who knows how to hack Dolphin. I'll be glad to share the cheat tables for pointers I find with the community.

I'll give this another go in a few minutes and search with some other value types. I was under the impression (And probably wrongfully so) that you had to use Big Endian with Dolphin, which is why I didn't search using any of the other value types.

**edit

I've tried searching on all value types + hex, and I cannot locate specifically what modifies weapon durability in this game. I thought I found a match in string, but turns out I couldn't modify it. I'd raise the value and activate, and the text in game would flicker on/off but wouldn't raise the value. I also tried searching for what writes that and the searches would come up blank even after the value changing 20+ times.

[foxfire9]

I'll give a clue, most Cheaters here including me, don't use Pointers to find what you want, instead we use Code Injections + Lua Scripting + AOB Scans + Code Cavings.

So, Pointers is a no-no for me but it's a part of my cheat making.

Therefore, finish up all the difficult parts of the Tutorial including Code Injections.

After that show how did you cheat it. But don't show all the specs.

[Dark Byte]

Code injections usually do not work in emulators as the code that decreases health is also used to render 3d objects, play music and sound effects, and handle keyboard input

Pointers are also tricky as pointer values are relative to the emulated memory base address (e.g pcsx always has as base 200000000, but i guess dolphin isn't that nice)
That means that offsets need to be increased with this base to finally get to the real address (or hoop rpm/wpm and adjust all offsets. But you still need to find the base)

[jeff_7214]

[quote="crimsonedge5"]I've finished the tutorial up to step 6, or the pointers. Code injections are too tough. I felt like the tutorial in that part was assuming I knew how to do something when the assumption is wrong, which leads to nothing but complete confusion for people like me. And is that even required for what I'm trying to do here?

ok first of all i have used CE on and off for about 2 years now and yet step 6 still gets me. i have done it but i had to do research online to find out what i was doing wrong and yet even knowing i can do step 6 don't mean i know how to get it done in other game hacking but here is few tips first of all like firefox9 said try using other scan types byte is the smallest values but can = high values in the 4byte or 8btye so if u r getting a 10 number value in 4btye try and use the byte or 2 bytes i know for a fact that bytes go from 0-255. but another thing u can try and do is use the 4btye scan like before but this time work the values around to be what u started with. say ur weapon is 40 and u do a search for 40 then it drops down to 39 then 28 ect. so when u find that address add the 4byte address and add it again but as a byte address so u can watch and find out what codes r used in bytes. so once u have the addresses make ur weapon go back to 40 then check the value of the bytes say it's 200 make note of that then back in 4byte make it 29 look as how much differents the bytes value goes for 40 to 39 say it's 5 so now bytes value is 195 then keep doing this few times to c what the true differents is for each number that was lost off the weapon so when u have to find it again u can do a scan of bytes for 200 and when the weapon goes to 39 rescan for 195 ect keep doing that till u find ur address it will take time to learn it but once u have learned it u will go through finding ur codes faster and faster each time till u have it down pat. it all that don't work with bytes say bytes shows same value for weapon of 40 , 39, and 38 then try using 2bytes and do the same thing smaller numbers r better to work with but then again it does take longer to find. looking for a 4byte 999,999,999 value is way easier then looking for a 4byte 24 value but if u r not able to remember all the numbers in the long 4byte code or it's over 1,999,999,999 then u will have to use the smaller numbers to find what u r looking for but 99% of the time u can find the address u want with figuring out the true value of each part of the code so very best way is to search and find ur code and then make weapon back to 40 and watch each number as it goes down and say at weapon 40 the code runs from 999,999 to 899,999 u can do a scan between 899,999 to 999,999. so keep at it and keep trying new things and u will find what way helps u best hope this helps

[crimsonedge5]

I've done the tutorial up to the very last one - or step 9, where you got a team and have to use cheats to click the button and win.

Now just because I have gotten up to that point doesn't necessarily mean I know enough to know which situations I should use which methods.

All efforts have failed to find any pointers on Dolphin. I can find an address for a specific thing I'd like to modify, but all efforts in "find out what writes to this address" or using a pointer scan have came up with nothing. Pointer scans always come up with nothing.

I have succeeded in isolating an address + value for item durability that is tied to a particular character's equipment slot. I had to search on "byte". Usually after attacking 5-6 times I can find the address again.

I explained in one of the above posts that I found an infinite durability code, but the weapons glitched out + got deleted in the next mission. Well, I figured out why they were getting deleted, because all of the stats on the weapon like damage, crit, accuracy were removed. I messed around with the values randomly until I got the results I wanted + permanent weapons. That particular address I'm talking about was found on the 4 byte "Big Endian" value type.

Basically I did "search for unknown initial value" attacked with a weapon once, then did search for "decreased value". After about 10-15 hits or so of searching it narrows the search down to about 15 addresses, all of which have the same values. Then I grab any one of them and modify the value. The particular value I stumbled on that works is:

2123366538 - infinite weapon value

Basically I search for the code again on boot, copy - paste that value and any item that goes into that slot gets made to have blue letters + infinite durability. This includes stat up items, weapons, healing items. I noticed that it doesn't work on forged weapons, or it brings their stats down to normal weapon values but still makes them infinite. I got another way of manipulating durability - just not infinite, but I can raise it to 255/40 - or whatever for the forged weapons.

It would be sweet as hell if I could make these permanent.

Few cheats I've made work:

Basically I got infinite items/weapons - tied to specific character slot.
255 durability for any item with durability.
999999 gold
999999 Bexp
Also 99exp in battle (tied to character) was an easy address to find.

Found a value that modifies critical hit on weapons also - found it by accident by swapping weapons and searching for values. Crits in this game are pretty much 1hko - and I'm sure I could raise the damage + crit to make it "1hko no matter what vs anything" for specific character.

If I could make these permanent that would be sweet.

Basically, I can hack the game, but I can't find any permanent ways to hack it. Meaning I have to search for the codes every time I boot the game up.

I've been successful in finding pointers for PC games, and I take it that hacking emulated ram is harder?

Also I found a thread by a google search that talks about finding pointers in Dolphin, but I can't really understand what they mean in a few points.

http://forums.dolphin-emu.org/Thread-cheat-engine-and-dolphin-solution-inside

Post #2. And I'm only assuming the guy who wrote that knows what he is talking about. Can someone explain this on simpler terms please? I'm lost after taking the game ID and doing a scan?

For example the game ID for Fire Emblem: Radiant Dawn is RFEE01. I click hex and put RFEE01 in the search using 4 byte "Big Endian", and the results give the same as if I was to search for "0". This is why I'm totally lost here.

I could be mistaken, but I don't believe the tutorials covered what I'm trying to do here. If you guys help me figure out how to make permanent cheats, then I'll probably be using that info to hack several other Dolphin emulated games and I'll share them with the community here. I feel like I've almost got this, but I still haven't put the last bits of the puzzle together.

[Dark Byte]

I assume it's just an example you made up, since there is no R in hexadecimal

Anyhow, first task you need to do is find the base address of the emulated memory, or the pointer to that address (Normal windows pointer)

When you have that note down the relative address between the windows address and base address.
Try that result as an offset with the pointer to the base of the emulated address

[Turtle]

I've just been making some codes for this game actually:

Enter these as AR codes.

Micah slot 2 quantity
0084FA78 000000XX (XX is the quant that you want)

This will make it blessed instead of a qauntity
0084FA78 27900000 (weaps only I think)

The address for the item type is 4 bytes less:

0084FA74 80B66600

80B66600 is the item, in this case herb, subtract or add 50 in hex for the next item type. But these addresses may only work on my game.

[Turtle]

Actually 279 makes it blessed and equipped. so it only works well for weapons.

Use 271 instead, it makes it blessed but unequipped, it works on items too.


Miciah has SS light skill
0084FB74 0000014B

The built in code system doesn't seem to be able to make the codes work, but the codes do work, I tested it in the debug mode.

You have to go into the memory view and change it directly in RAM. Maybe they will fix this.

Gives Miciah equipped blessed Thani in slot 1

0084fa4c 80B64620
0084fa50 27900000

This makes Miciah the special Hero class that can have SS rank in all things at once:

0084F980 808B4408

Again, probably have to do it via the memory view in the debugger.

[iroku]

ha, funny, we are having the same issue
Dont worry dude, its just a matter of reading a lot of stuff you dont find usefull atm but we ll get there

im trying the same with another emu, prob we are having is that the emulator pretty much runs the show so all fixed pointers belong to him in easy terms.
But, i think evry console had an adress, like Mega Drive had a fixed memory adress specific to megadrive.Like a memory card And i think these adresses are out there you just have to know wich console your emulating

than it comes down to find this weird offset im still trying to understand.

watch?v=jvon3uj1-tk

check it out, kindda weird how it got uploaded today... i guess we noobs have it all done lol too bad it hasnt got any sound but its doable...again the offset part im still lost

Dont worry we just gotta read and look a bit harder well get there anyway im having the same prob ill try to keep you posted on any thing i learn

so i just got my base adress

Detailed process information about ggpofba.exe:(emulator)

ggpofba.exe (base address 0x00400000, size 8728 KB)

so just have to figure out the offset part and what Darkl was trying to say...

When you have that note down the relative address between the windows address and base address.
Try that result as an offset with the pointer to the base of the emulated address

[crimsonedge5]

I'm still completely lost as to how to go about doing this. I don't even have a clue where to start. I don't think any of the tutorials covered this.

The suggestions are fine, but I got no clue how to find the offset, or even where to start. I got no clue how to find the base address for the emulated memory. Or no clue what you mean by "windows" address. Can someone explain this on simpler terms and tell me how to go about finding this?

Also the methods in the video don't work for Dolphin because I get a window up after I find what writes to "gold" for example. Then I do a search for the value for the base address, and it comes up with nothing. I've been completely unsuccessful at finding a base address through any conventional means. Can someone explain another way to do this?

[Turtle]

Did my AR codes work.

Try the slot 2 quant first.

[crimsonedge5]

[quote="Turtle"]Did my AR codes work.

Try the slot 2 quant first.[/quote]

Nope, they crashed my game on boot.

[Turtle]

There was one Gecko code that worked for me

$blessed weap after use
283c9396 0000B83C
003c9221 00000090
E0000000 80008000

You have to add it as a gecko code.

If all else fails you will have to do what I did.

First use the dolphin search to find the slot quantity, that will be your first step. Then you will have to run dolphin in debug mode by adding /d after the exe in command prompt.

In debug click on the memory view, switch it to ASCII view.

There will be 2 boxes on the top right, the first lets you GO TO the address you enter, the second box is where you enter a new value for that address.