Finding a pointer

Memory scanning, code injection, debugger internals and other gamemodding related discussion
Post Reply
User avatar
NumberXer0
Expert Cheater
Expert Cheater
Posts: 1028
Joined: Sun Mar 12, 2017 2:17 pm
Reputation: 92

Finding a pointer

Post by NumberXer0 »

I'm kind of lost on how to make my cheats stick. I can find values easy, but I can never find a pointer. For example, hacking ammo. I can find and lock the ammo fine, but changing guns, areas or restarting the game breaks the cheat. If I try to pointer scan, I get so many results that I can't manage. Here is my process:

Find original value
Pointer scan for address
Change value in game
Rescan memory
Repeat until results stop narrowing down
Close and open game
Rehook CE
Find original value again
Pointer scan for new address
Repeat until results stop narrowing down
Still stuck with a million results, none of which actually effect my ammo

I followed a direct tutorial on this and sometimes it works, but that's 1% of the time. Most games give too many results.

User avatar
jungletek
Shogun
Shogun
Posts: 179
Joined: Tue Oct 17, 2017 7:31 am
Reputation: 62

Re: Finding a pointer

Post by jungletek »

viewtopic.php?f=11&t=4113

TL;DR: AOB scans in your scripts.

User avatar
NumberXer0
Expert Cheater
Expert Cheater
Posts: 1028
Joined: Sun Mar 12, 2017 2:17 pm
Reputation: 92

Re: Finding a pointer

Post by NumberXer0 »

jungletek wrote:
Thu Jan 11, 2018 1:10 am
viewtopic.php?f=11&t=4113

TL;DR: AOB scans in your scripts.
I tried following that, and it kind of works, but I'm completely lost when it gets to the breakpoints. I can lock my current ammo at whatever value fine, but I can't make it sync up with my maximum.

"If you are anything like me; you are not fullfilled yet. You dislike having a railgun or shotgun with 25 ammo and really need to do something about it. Luckily this is often very easy. In my experience so far, the current and MAX ammo count are VERY close friends.
So, lets change the current ammo count to the MAX ammo count!

There is literally a million ways to do find this out, but it really comes down to luck and ingenuity.
Lets get back to the disassembler. (Actually, my game crashed here because i forgot to restore the original code and activated the script; addressed are slightly off now)

We want to know where in memory RAX is located. We do this by setting a breakpoint in our new script or above it. In the image the cheat is activated so the proper instruction is now replaced by a jmp <address>. If you highlight it and press SPACE you will go to the new place in memory where our injection resides.
Set a breakpoint and hit fire. If the game halts, you know you did it right. To the right you will see the registers. In the code you see that the rax is getting the value that resides in rdi+40. And we know that rax is the thing we want. Remember from the script, that [rax+30] is where the ammo resides"


I don't understand this part. I have the script set and activated. How do I open up the disassembler for the script? I don't see any options at the top or the right click.

User avatar
jungletek
Shogun
Shogun
Posts: 179
Joined: Tue Oct 17, 2017 7:31 am
Reputation: 62

Re: Finding a pointer

Post by jungletek »

I'm not sure what you're asking. You went through the tutorial and made a script for your game but you don't know how to open the disassembly window again?

User avatar
NumberXer0
Expert Cheater
Expert Cheater
Posts: 1028
Joined: Sun Mar 12, 2017 2:17 pm
Reputation: 92

Re: Finding a pointer

Post by NumberXer0 »

I mean how do you open the disassembly window for the script. I know how to open it for the original address I was searching for, it was in the right click menu. It isn't in the menu when clicking on the script. And if I repeat my steps to get back to the original address and then do it there, the tutorial falls apart. There's no jmp address and nothing happens if I press space.

User avatar
Blayde
Expert Cheater
Expert Cheater
Posts: 230
Joined: Fri Aug 25, 2017 2:37 pm
Reputation: 47

Re: Finding a pointer

Post by Blayde »

NumberXer0 wrote:
Thu Jan 11, 2018 12:23 am
...... I get so many results that I can't manage.
It's very easy if you have 2 or more computers, but...
Look here: [Link]

User avatar
jungletek
Shogun
Shogun
Posts: 179
Joined: Tue Oct 17, 2017 7:31 am
Reputation: 62

Re: Finding a pointer

Post by jungletek »

NumberXer0 wrote:
Thu Jan 11, 2018 2:45 am
I mean how do you open the disassembly window for the script. I know how to open it for the original address I was searching for, it was in the right click menu. It isn't in the menu when clicking on the script. And if I repeat my steps to get back to the original address and then do it there, the tutorial falls apart. There's no jmp address and nothing happens if I press space.
There's no such thing. There's a script editor, and a disassembler/mem view window. You get the former by double-clicking the address area of that script in the main CE window (where it says <script>), and the latter from the right-click menu when you click on an entry in the main window, or the keyboard shortcut is CTRL-D.

Also just blindly following the tutorial without understanding what and why you're doing things isn't going to teach you anything other than how to follow that tutorial.
There's no jmp address and nothing happens if I press space.
Then either your script isn't activated, or the code relocated in memory and your addresses changed. Your script WRITES the jmp, which jumps to memory you allocate in your script.

Post Reply

Who is online

Users browsing this forum: No registered users