Empires of the Undergrowth?

Anything Cheat Engine related, bugs, suggestions, helping others, etc..
Post Reply
Formous
Noobzor
Noobzor
Posts: 7
Joined: Mon Oct 16, 2017 8:58 pm
Reputation: 0

Empires of the Undergrowth?

Post by Formous » Mon Dec 04, 2017 7:36 pm

So this is a new game out on Early Access I had been following for a while. I have been having some trouble working with cheat engine to modify the food values. Using 4 byte, I am able to narrow to one value for food, and can mod it, but the effects don't seem to show up ingame outside the food count indicator up in the corner. I have also tried float values, but I can't seem to narrow it down. Anyone got a idea on how to modify available food and fix it?

narcolepticnerd
Noobzor
Noobzor
Posts: 11
Joined: Fri Sep 01, 2017 5:41 am
Reputation: 0
Contact:

Re: Empires of the Undergrowth?

Post by narcolepticnerd » Tue Dec 05, 2017 10:15 pm

Well This is what I did I created and allocated a base address for the ant with a script and found the offset for the others so my script auto updates but I have not found the actual food yet.

+414 is the food display
+418 is the food max
+428 is the worker ants
+42c is the max worker ants

+444 is the royal jelly
+440 is the territory

max ants +450

these ones are worthless
soldier ants +438
max soldier ants +43c

this is my script

Code: Select all


{ Game   : EotU-Win64-Shipping.exe
  Version: 
  Date   : 2017-12-05
  Author : Forrest

  find the ant base
}

[ENABLE]

aobscanmodule(findantbase,EotU-Win64-Shipping.exe,3B B0 40 04 00 00) // should be unique
alloc(newmem,$1000,"EotU-Win64-Shipping.exe"+1F8C8E)

label(code)
label(return)
globalalloc(theantbase,8)

newmem:

code:
  mov [theantbase],rax
  cmp esi,[rax+00000440]
  jmp return

findantbase:
  jmp newmem
  nop
return:
registersymbol(findantbase)

[DISABLE]

findantbase:
  db 3B B0 40 04 00 00

unregistersymbol(findantbase)
dealloc(newmem)
dealloc(theantbase)

then I add every offset like this as individual addresses [theantbase]+offset

so for royal jelly

i would add an address as a pointer use theantbase as the first address then add offset 444 and it will show your current royal jelly now update it.



so for

narcolepticnerd
Noobzor
Noobzor
Posts: 11
Joined: Fri Sep 01, 2017 5:41 am
Reputation: 0
Contact:

Re: Empires of the Undergrowth?

Post by narcolepticnerd » Tue Dec 05, 2017 10:17 pm

I think food is a double, I found it once and did a wrong injection game crashed but I remember it showed :s on the address part.

narcolepticnerd
Noobzor
Noobzor
Posts: 11
Joined: Fri Sep 01, 2017 5:41 am
Reputation: 0
Contact:

Re: Empires of the Undergrowth?

Post by narcolepticnerd » Tue Dec 05, 2017 10:45 pm

I think you have to scan a range of values to get the food, I have noticed that the actual food value takes 2 seconds to update to the display value. and confirmed it shows :s next to it in the address.

jungletek
Cheater
Cheater
Posts: 43
Joined: Tue Oct 17, 2017 7:31 am
Reputation: 6

Re: Empires of the Undergrowth?

Post by jungletek » Wed Dec 06, 2017 12:34 am

:s isn't a double, it's a single (A.K.A. 'float'/single-precision floating-point).

Bone up on your understanding of data types, guys, or you're gonna have a bad time ;)

narcolepticnerd
Noobzor
Noobzor
Posts: 11
Joined: Fri Sep 01, 2017 5:41 am
Reputation: 0
Contact:

Re: Empires of the Undergrowth?

Post by narcolepticnerd » Wed Dec 06, 2017 5:36 pm

Appreciate the feedback, but I am just typing in what I am finding, I am well aware of assembly and different data types. The food shows up as a :d and a :8 and a :4 and even a :s on the addresses, thats double, 8 bytes 4 bytes, and a singular float. I get down to the most 261 results and every time the food changes all 261 of those results change with it. I guess its good because I start from 3 billion with unknown value. I will update this post if I can find the food.

jungletek
Cheater
Cheater
Posts: 43
Joined: Tue Oct 17, 2017 7:31 am
Reputation: 6

Re: Empires of the Undergrowth?

Post by jungletek » Wed Dec 06, 2017 10:00 pm

Freeze some of those 261 results and see if the value you want freezes too, if so, you know the address is in the group that you froze. Reduce the group size and freeze half of what was left, and check to see if your value is affected. Rinse, repeat until you find the proper address(es).

Like a binary search/tree, yeah?

narcolepticnerd
Noobzor
Noobzor
Posts: 11
Joined: Fri Sep 01, 2017 5:41 am
Reputation: 0
Contact:

Re: Empires of the Undergrowth?

Post by narcolepticnerd » Thu Dec 07, 2017 11:35 am

I have done that and the display freezes but the food runs out, I am thinking that the real food is delayed so its not the same value as the display value Another game that uses this method is huniepop, the bar the value is not the same so searching for a range between 2 values and putting game on slowmo is only way to recover the actual value.

jungletek
Cheater
Cheater
Posts: 43
Joined: Tue Oct 17, 2017 7:31 am
Reputation: 6

Re: Empires of the Undergrowth?

Post by jungletek » Thu Dec 07, 2017 12:36 pm

Could be, or the value could be encoded in some way. Have you tried unknown value search and then changed/not changed, etc.?

Schnitzelmaker
Expert Cheater
Expert Cheater
Posts: 99
Joined: Fri Mar 03, 2017 6:18 pm
Reputation: 54

Re: Empires of the Undergrowth?

Post by Schnitzelmaker » Thu Dec 07, 2017 4:00 pm

Food is based of the value on the food tile, so it is required to change it there.
The value shown is only the sum of all food on tiles.

An example for unlimited food is: (Note that the food value will increase when building more food tiles)

Code: Select all

[ENABLE]

aobscanmodule(Food,EotU-Win64-Shipping.exe,45 03 88 78 03 00 00) // should be unique
alloc(newmem,$1000,"EotU-Win64-Shipping.exe"+20160E)

label(code)
label(return)

newmem:
  cmp [r8+00000378], #20
  ja code
  mov [r8+00000378], #20

code:
  add r9d,[r8+00000378]

  jmp return

Food:
  jmp newmem
  nop
  nop
return:
registersymbol(Food)

[DISABLE]

Food:
  db 45 03 88 78 03 00 00

unregistersymbol(Food)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: "EotU-Win64-Shipping.exe"+20160E

"EotU-Win64-Shipping.exe"+2015E2: 33 C0                    -  xor eax,eax
"EotU-Win64-Shipping.exe"+2015E4: 48 63 CE                 -  movsxd  rcx,esi
"EotU-Win64-Shipping.exe"+2015E7: 85 F6                    -  test esi,esi
"EotU-Win64-Shipping.exe"+2015E9: 7E 44                    -  jle EotU-Win64-Shipping.exe+20162F
"EotU-Win64-Shipping.exe"+2015EB: 44 8B 8B 14 04 00 00     -  mov r9d,[rbx+00000414]
"EotU-Win64-Shipping.exe"+2015F2: 44 8B 93 18 04 00 00     -  mov r10d,[rbx+00000418]
"EotU-Win64-Shipping.exe"+2015F9: 0F 1F 80 00 00 00 00     -  nop [rax+00000000]
"EotU-Win64-Shipping.exe"+201600: 48 8B 14 C7              -  mov rdx,[rdi+rax*8]
"EotU-Win64-Shipping.exe"+201604: 48 FF C0                 -  inc rax
"EotU-Win64-Shipping.exe"+201607: 4C 8B 82 38 04 00 00     -  mov r8,[rdx+00000438]
// ---------- INJECTING HERE ----------
"EotU-Win64-Shipping.exe"+20160E: 45 03 88 78 03 00 00     -  add r9d,[r8+00000378]
// ---------- DONE INJECTING  ----------
"EotU-Win64-Shipping.exe"+201615: 44 89 8B 14 04 00 00     -  mov [rbx+00000414],r9d
"EotU-Win64-Shipping.exe"+20161C: 45 03 90 7C 03 00 00     -  add r10d,[r8+0000037C]
"EotU-Win64-Shipping.exe"+201623: 44 89 93 18 04 00 00     -  mov [rbx+00000418],r10d
"EotU-Win64-Shipping.exe"+20162A: 48 3B C1                 -  cmp rax,rcx
"EotU-Win64-Shipping.exe"+20162D: 7C D1                    -  jl EotU-Win64-Shipping.exe+201600
"EotU-Win64-Shipping.exe"+20162F: 48 85 FF                 -  test rdi,rdi
"EotU-Win64-Shipping.exe"+201632: 74 08                    -  je EotU-Win64-Shipping.exe+20163C
"EotU-Win64-Shipping.exe"+201634: 48 8B CF                 -  mov rcx,rdi
"EotU-Win64-Shipping.exe"+201637: E8 F4 F6 09 00           -  call EotU-Win64-Shipping.exe+2A0D30
"EotU-Win64-Shipping.exe"+20163C: 48 FF C5                 -  inc rbp
}

Rawhide
What is cheating?
What is cheating?
Posts: 1
Joined: Sat Dec 09, 2017 2:24 am
Reputation: 0

Re: Empires of the Undergrowth?

Post by Rawhide » Sat Dec 09, 2017 2:25 am

I have noticed that you can find and edit the amount of food in a corpse with a 4byte search.

Post Reply

Who is online

Users browsing this forum: No registered users