Cheat Engine

ArchAngelrc · Posted: Tue Jan 27, 2015 5:15 pm Post subject: Making Pointer "update-proof" ?

Hello there.

I have a little question.
I know how to work with pointers and Valuefinding.
I have a table full of working pointers for a Text based game.

Is there a way to make these pointers "update-proof" ?
They need only to show the value correctly, even if there has been a new update of the game. Nothing more.

Will be gladly looking into tutorials on that matter, if provided.

Thanks in advance Smile

Pingo · Posted: Tue Jan 27, 2015 6:01 pm Post subject:

The way I do it, not in asm but the idea is the same.

Find out which instruction accesses the address you want.
Find a usable aob pattern that works with previous version, including the current version so I can find that instruction address no matter which version.
Copy the value of the register in memory (codecave).
Then just read it like any other address.

That's the way I do it, someone might know an easier way..
What text based game?

ArchAngelrc · Posted: Wed Jan 28, 2015 4:01 am Post subject:

Pingo · Posted: Wed Jan 28, 2015 10:21 am Post subject:

Here is an example CT.

You can download it and see what is happening in memory using CE, might be easier for you to understand that way.
The file contains a CE script and a little test app i made to show the script working.

Screens before and after the script is enabled
Before

After

ArchAngelrc · Posted: Wed Jan 28, 2015 11:30 am Post subject:

First off: Huge thanks for your answers!

Looked at your script, and tested it with your table.
Problem is, that i do not understand the basic logic behind the script and dynamic pointer part.
Dunno why you look for a certain thing and how, what you do with it and why, etc...

It's propably better for me to learn the own CE tutorials from dark byte again, and after that at some beginning script things.

thanks again for your answers though, maybe i can learn from them when i understood the logic Razz

Pingo · Posted: Wed Jan 28, 2015 11:42 am Post subject:

Someone might know an easier way post it up here for you.
If I think of an easier way, I'll post it.
That's the method I use but not with cheat engine, I always code mine from scratch using C#.

How about the pointer offsets? Are they always the same?
If the only thing that changes is the base address (someting.exe+123),
you might beable to just scan for the base. I've done that a few times but it isn't always possible.

ArchAngelrc · Posted: Wed Jan 28, 2015 12:07 pm Post subject:

The offset for everything i search is always "eax+03", and the only thing that changes there is "eax".
"eax" for thirst for example is different across versions.

for example:
in version 150126, eax +03 for thirst is : 2936d6

in version 150127, eax +03 for thirst is : 2938a2

My pointers always have 004161CC + OFFSET.
That thing never changes, doesnt matter the version or pointer.

about the smoething.exe.. i dont know.
Wher can i look at that ?