Posted: Thu Apr 27, 2023 2:52 pm Post subject: Patching a file with x64dbg after finding ram addresses
I've been tinkering with an exe game. After finding a memory address I wanted to change using Cheat Engine (I want to change a je to a jne op), I successfully managed to change the game's code.
I want to modify the .exe file so that when I launch the game, that je is already modified to a jne. However, I read that when editing memory in Cheat Engine, the memory modified is RAM, and therefore I cannot use any tools such as olly or x64dbg (because they modify disk memory, not RAM) to patch the exe.
I tried to find the address I found in CE at the disk file memory, but it seems as if the memory is only available after the game.exe is launched.
Joined: 09 May 2003 Posts: 25262 Location: The netherlands
Posted: Thu Apr 27, 2023 3:06 pm Post subject:
is the address addresable using a modulename+offset or it is a dynamic/jitted address ?
also, if it's a static exe address you can also use CE. After editing go to tools->scan for patches and choose the .exe
then rightclick the edit you made and choose created patched exe from selected entries _________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping
Go to Memory Viewer -> Tools -> Scan for patches. Select the module to scan.
Select the changes you want to include, then right click -> Create patched exe from selected addresses.
Close everything, rename the original exe to something else (e.g. game.exe.bak), and rename the new exe to the name of the original exe. _________________
I don't know where I'm going, but I'll figure it out when I get there.
is the address addresable using a modulename+offset or it is a dynamic/jitted address ?
also, if it's a static exe address you can also use CE. After editing go to tools->scan for patches and choose the .exe
then rightclick the edit you made and choose created patched exe from selected entries
The address is addressable using a modulename+offset.
I tried changing the opcode (je->jne) but nothing shows up in the patches window?
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum