Page 2 of 2
Re: [Tutorial] Finding pointers & offsets (Cheat Engine)
Posted: Wed Jun 11, 2008 6:28 pm
by Administrator
That's because it's a byte, and you're writing an integer (4 bytes), causing the first byte to not be effected under your endianness. Basically, try using memoryWriteBytePtr instead.
Re: [Tutorial] Finding pointers & offsets (Cheat Engine)
Posted: Fri Dec 05, 2008 7:13 am
by cokelat70
Nice Tuts,
I try it to game shaiya, and I got it.
But when I try to another game, I got like this
Code: Select all
mov [ecx+eax*4+000000bc],edx ????
The value of the pointer needed to find this address is pobably 14B8A218
I scan and got green address "00612608", and try it with offset "bc", I don't my hp value?
Re: [Tutorial] Finding pointers & offsets (Cheat Engine)
Posted: Fri Dec 05, 2008 12:02 pm
by Administrator
0xBC isn't the full offset. eax*4+000000bc is. But you don't know what eax is, so that's kind of problematic. Often when you are looking up what accesses that pointer, it will list ~10 entries. Try looking at one of the other entries, and see if it has a simpler offset.
Otherwise, you could try doing it mathematically. You've got your static base, 00612608? First, find out what it points to. Lets pretend it's 0234F200. If the found address you have for HP is then 0234F528 then you can just subtract the two addresses to get your offset: 0x328.
Re: [Tutorial] Finding pointers & offsets (Cheat Engine)
Posted: Fri Dec 05, 2008 1:17 pm
by 3cmSailorfuku
Also, lately I've found out that the automatic pointer search is actually very fast and reliable. You might wanna try that out if you can't find the pointer.
Re: [Tutorial] Finding pointers & offsets (Cheat Engine)
Posted: Fri Dec 05, 2008 10:29 pm
by cokelat70
Wow, I try doing it mathematically and got it, thanks.
Btw can you make tutorial to bypass xtrap or GG like you did at Shaiya
, I try search google, but not lucky.
@3cmSailorfuku automatic pointer search? but how?
Re: [Tutorial] Finding pointers & offsets (Cheat Engine)
Posted: Sat Dec 06, 2008 2:26 am
by Administrator
I would, but it's not information I'd like to make public, due to the creators of GameGuard/XTrap/whatever finding it and patching it up. Sure, there are several methods that work, but I'd like to keep as many of them working as long as possible.
Re: [Tutorial] Finding pointers & offsets (Cheat Engine)
Posted: Sat Dec 06, 2008 5:35 am
by 3cmSailorfuku
cokelat70 wrote:Wow, I try doing it mathematically and got it, thanks.
Btw can you make tutorial to bypass xtrap or GG like you did at Shaiya
, I try search google, but not lucky.
@3cmSailorfuku automatic pointer search? but how?
First you get the current adress of your HP or anything you'd like.
Add it to the adress list, rightclick and pick "Pointer Scan for this Adress".
Then choose default and enter the level of your pointer, in Shaiya's case you could choose
3 Levels to look for, just in case. But the Player Base etc only has one level in Shaiya.
In NosTale however, it's a bit more complicated and can reach to more than 10 levels.
In Shaiya you get your pointer then in like 2 seconds.
Re: [Tutorial] Finding pointers & offsets (Cheat Engine)
Posted: Sun Jan 18, 2009 5:23 pm
by Mesosmagnet
I'm sorry for BUMPing an old topic, but I need some help. And probably this is the best place to be asking it.
Firstly, the game is Nostale. I am trying to make a bot that consumes potions when HP is below a certain %.
I found that the HP address wasnt static, and the first pointer to it isnt static either. So I got a 2nd pointer that thankfully is static. However I have no idea how to use double pointers in my script.
Code: Select all
proc = 0;
win = 0;
char_Ptr = 0x00784D70;
HP_Ptr_offset = 0xAC;
curHP_offset = 0x4C;
maxHP_offset = 0x48;
MP_Ptr_offset = 0xB0;
curMP_offset = 0x4C;
maxMP_offset = 0x48;
char_target = 0x00784D74;
target_Ptr_offset = 0xBC;
target_offset = 0x18;
HP_Ptr = 0;
MP_Ptr = 0;
target_Ptr = 0;
HP = 0;
HPmax = 0;
MP = 0;
MPmax = 0;
target = 0;
function main()
win = findWindow("Nomad of Silver Spirit - Nostale");
hdc = openDC(win);
proc = openProcess( findProcessByExe("NostaleX.dat") );
attach(win);
HP_Ptr = memoryReadHexPtr(proc, char_Ptr, HP_Ptr_offset);
HP = memoryReadIntPtr( proc , HP_Ptr, curHP_offset);
HPmax = memoryReadIntPtr(proc, HP_Ptr, maxHP_offset);
MP_Ptr = memoryReadStringPtr(proc, char_Ptr, MP_Ptr_offset, 8);
MP = memoryReadIntPtr(proc, MP_Ptr, curMP_offset);
MPmax = memoryReadIntPtr(proc, MP_Ptr, maxMP_offset);
target_Ptr = memoryReadStringPtr(proc, char_target, target_Ptr_offset);
target = memoryReadIntPtr(proc, target_Ptr, target_offset);
printf("\n\t%s\n", HP_Ptr);
printf("\n\t%d\n", HP);
printf("\n\t%d\n", HPmax);
printf("\n\t%s\n", MP_Ptr);
printf("\n\t%d\n", MP);
printf("\n\t%d\n", MPmax);
printf("\n\t%s\n", target_Ptr);
printf("\n\t%d\n", target);
end
startMacro(main);
This is a simple script I used to test whether my function was returning the correct values. But I am facing some problems.
I need to use one memoryRead function to save a pointer address which is usually a combination of numbers and letters.
The few memoryRead deviations only allow for "byte", "int", "short", "float", "string". Out of those only string is able to store a combination of numbers and letters, but when I use memoryReadStringPtr(...) It returns gibberish like symbols.
I have been stuck on this script for 3 days now trying to fix my errors some of which were carelessly overlooked.
Re: [Tutorial] Finding pointers & offsets (Cheat Engine)
Posted: Sun Jan 18, 2009 5:44 pm
by Administrator
Pointers are always* 4 bytes and should be read using memoryReadInt() or memoryReadIntPtr(). It's just typically stored in hex notation, but really it's only a number. That number signifies the offset from the first byte of the program (not the program origin, mind you).
Basically, it works like this:
Code: Select all
local pointer = memoryReadIntPtr(proc, staticaddress, offset1);
local playerAddr = memoryReadIntPtr(proc, pointer, offset2);
local HP = memoryReadInt(proc, playerAddr + HP_offset);
Re: [Tutorial] Finding pointers & offsets (Cheat Engine)
Posted: Sun Jan 18, 2009 5:56 pm
by Mesosmagnet
Thank you so so much.
So actually although I have 2 pointers I really only need one memoryReadIntPtr() as the 2nd pointer pointing to my actual HP should not be using memoryReadIntPtr() because that would make it read a pointer? Sorry if I sound confusing. And also thanks for clearing up the fact that a pointer is actually numbers in a hex form.
Thank you!
Re: [Tutorial] Finding pointers & offsets (Cheat Engine)
Posted: Fri Feb 27, 2009 4:14 pm
by Schurke
I made some little training programms to train those skills, im currently still trying to solve them by myself
, solutions will follow.
( Always scan files ! )
Re: [Tutorial] Finding pointers & offsets (Cheat Engine)
Posted: Mon Mar 23, 2009 7:50 pm
by Gulron
I have been taking apart your Shaiya Bot for reference and I have come across a memory address I don't understand.
I think I understand the HP and MaxHP offsets but not the playerptr_addr. Also, what exactly is the offset?
Thanks
Re: [Tutorial] Finding pointers & offsets (Cheat Engine)
Posted: Thu Mar 24, 2011 7:18 am
by Tsutomu
Administrator wrote:You can take a look at the Perfect World script I posted in the scripts section. It uses a pointer to a character pawn, which contains pointers to the actual data. You have 'staticbase' pointing to 'charptr_addr', which points to HP, MP, etc.
Code: Select all
staticbase_ptr = 0x00903804;
staticbase_offset = 0x20;
charptr_addr = 0;
targetid_offset = 0xA18;
charptr_addr = memoryReadInt(proc, staticbase_ptr) + staticbase_offset; -- get the address of your character pawn
Now that you have charptr_addr, you can read a value from it.
Code: Select all
local readval = memoryReadUIntPtr(proc, charptr_addr, targetid_offset);
(i have this for the addresses that i want to alter - LAST one actually but to it i should come through all these)
Code: Select all
first staticbase_ptr = 0x9bc394
second staticbase_offset = 0x598
third is skillBuffFlag_offset = 0xEC
fourth is mycustom_offset = 0xB4
I want to change and freeze the value on 0xB4 last offset from 1 to 3 for ex.
Do i do this like this or not?
Code: Select all
charptr_addr = memoryReadInt(proc, staticbase_ptr) + staticbase_offset;
skillbuff_addr = memoryReadInt(proc, charptr_addr, skillbuffFlag_offset);
mycustom_value = memoryReadIntPtr(proc, skillbuff_addr, mycustom_offset);
i'm not good with using these mem functions
One more try and i'm out of guessess:
Code: Select all
charptr_addr = memoryReadIntPtr(romProcess, staticcharbase_address, charPtr_offset);
skillbuff_addr = memoryReadIntPtr(romProcess, charptr_addr, skillbuffFlag_offset);
mycustom_addr = memoryReadIntPtr(proc, skillbuff_addr, mycustom_offset);
myValue = memoryReadInt(romProcess, mycustom_addr);
Re: [Tutorial] Finding pointers & offsets (Cheat Engine)
Posted: Thu Mar 24, 2011 11:08 am
by Administrator
Tsutomu wrote:
Code: Select all
first staticbase_ptr = 0x9bc394
second staticbase_offset = 0x598
third is skillBuffFlag_offset = 0xEC
fourth is mycustom_offset = 0xB4
I want to change and freeze the value on 0xB4 last offset from 1 to 3 for ex.
Do i do this like this or not?
Code: Select all
charptr_addr = memoryReadInt(proc, staticbase_ptr) + staticbase_offset;
skillbuff_addr = memoryReadInt(proc, charptr_addr, skillbuffFlag_offset);
mycustom_value = memoryReadIntPtr(proc, skillbuff_addr, mycustom_offset);
No. Reading memory will have no effect on it's value.
Code: Select all
memoryWriteIntPtr(proc, staticbase_ptr, {staticbase_offset, skillBuffFlag, mycustom_offset}, value);
How do i change the value in memory and keep it that way (freeze)?
By re-writing it continually. That's all a "freeze" is.
Re: [Tutorial] Finding pointers & offsets (Cheat Engine)
Posted: Fri Mar 25, 2011 5:50 pm
by Tsutomu
Thanks for the info. I've learned much about micromacro memory functions, i feel a bit confident about that now.
There is only one function it's missing.
Code: Select all
VirtualProtectEx(opClient, (void *) 0x0091D3B4, 4, PAGE_READWRITE, &oldData); //This address is protected from modification, let's fix that.
A function that edits the flag of the memory address.
If we need to make it readwrite, i think no function in micromacro for that.
At least not in online library.
Is there any way to change the memory address flag to writable in micromacro?
Thanks in advance.
Re: [Tutorial] Finding pointers & offsets (Cheat Engine)
Posted: Sat Mar 26, 2011 1:07 pm
by Administrator
See my post here:
http://www.solarstrike.net/phpBB3/viewt ... 588#p19588
If the need arises, I'll add whichever functions are needed.