Help me with these..

Anything Cheat Engine related, bugs, suggestions, helping others, etc..
Post Reply
apinfear
What is cheating?
What is cheating?
Posts: 4
Joined: Thu Jun 28, 2018 6:22 pm
Reputation: 0

Help me with these..

Post by apinfear » Thu Jun 28, 2018 10:47 pm

Hi,



1. What is this? Why it's keep changing everytime i restart the game?

[url=https://postimg.cc/image/757e4ex4x/][img]https://s8.postimg.cc/757e4ex4x/question.jpg[/img][/url]





2. When i try to update the outdated offsets through "dissect data/structure" in cheat engine, why 0x6F2F9020 shows results but the 0x14285CB68 doesn't? Why i need to use 0x6F2F9020 to find/update the offsets?



I mean, i found new offsets that lead to correct values through the 0x6F2F9020 instead of 0x14285CB68. But when i "add address manually" in address list, the 0x14285CB68 + new offsets (that i found through 0x6F2F9020) show correct value or working.





3. Next, i found horse stat offsets but it's located at 0x6F28C5E0 (0x6F2F9020 - 0x6CA40).



The problem is ... i dont know the new address of 0x14285CB68 from 0x6F28C5E0, because i dont know how to find it from there.





Thanks.

User avatar
FreeER
RCE Fanatics
RCE Fanatics
Posts: 142
Joined: Fri Mar 10, 2017 7:11 pm
Reputation: 12
Contact:

Help me with these..

Post by FreeER » Thu Jun 28, 2018 11:05 pm

The address stored at 0x14285CB68. 0x14285CB68 stores the address aka points to 0x6F2F9020, if it didn't change you wouldn't need a pointer in the first place.



In the dissect window you could use [icode][14285CB68][/icode] to tell it to use the address stored at 0x14285CB68 rather than 0x14285CB68 itself

apinfear
What is cheating?
What is cheating?
Posts: 4
Joined: Thu Jun 28, 2018 6:22 pm
Reputation: 0

Help me with these..

Post by apinfear » Fri Jun 29, 2018 1:27 am

[QUOTE="FreeER, post: 50498, member: 980"]In the dissect window you could use [icode][14285CB68][/icode] to tell it to use the address stored at 0x14285CB68 rather than 0x14285CB68 itself[/QUOTE]



But in dissect windows, 14285CB68 + 1078 = shows wrong value, but it shows correct value in addresslist.



Meanwhile still in dissect windows 6F2F9020 + 1078 = shows correct value , but it shows wrong value in addresslist.



So basically when i want to update the old offsets, i had to use 6F2F9020 until i found new offsets then use those offsets with 14285CB68 in address list as final step.



14285CB68 doesnt change when i restart the game, only when the game has new update/patch.



6F2F9020 does change when i restart the game.



The real reason im asking this because of question number 3 at my main post, i already know how to find 14285CB68 through signature/aob when the game updates, but i cant find figure out how to find "the new 0x14285CB68" from new 0x6F2F9020 because when i rolling up the structure i found offsets for horse stats at 0x6F28C5E0 (0x6F2F9020 - 0x6CA40).



You understand my question right? (my english is bad, im trying my best to explain here xD)



14285CB68 -> [U]6F2F9020[/U] = to find/update old offset,

[I]then i found offsets for horse stats but the address is located at 0x6F28C5E0.... so:[/I]

[U]???????????[/U] -> 6F28C5E0. = how to find this new 14285CB68 ?
Last edited by apinfear on Fri Jun 29, 2018 1:40 am, edited 5 times in total.

User avatar
FreeER
RCE Fanatics
RCE Fanatics
Posts: 142
Joined: Fri Mar 10, 2017 7:11 pm
Reputation: 12
Contact:

Help me with these..

Post by FreeER » Fri Jun 29, 2018 1:36 am

It doesn't show the wrong [b]value[/b], you're using the wrong [b]address[/b]. 14285CB68 is a pointer to (the base of) what you want not the address itself, that's why you need the []s in the dissect window to tell CE to treat it as a pointer and read it's value as an address rather than to treat [i]it[/i] as the address or to put the address in manually yourself which in this case was 6F2F9020. It's the same reason 6F2F9020 doesn't work in the address list, if you add 6F2F9020 as a pointer it's going to read it's value as an address, and since it's not intended to be used as a pointer it's not going to work. You'd have to add 6F2F9020 + 1078 as a regular address but that'd only work for that one run because it's a dynamic address not a static one.



As for 3. 0x6CA40 is quite a large offset and you probably need to find another pointer to it, if you don't understand how pointers work I suggest using the pointer scanner.

apinfear
What is cheating?
What is cheating?
Posts: 4
Joined: Thu Jun 28, 2018 6:22 pm
Reputation: 0

Help me with these..

Post by apinfear » Fri Jun 29, 2018 1:58 am

[QUOTE="FreeER, post: 50509, member: 980"]As for 3. 0x6CA40 is quite a large offset and you probably need to find another pointer to it, if you don't understand how pointers work I suggest using the pointer scanner.[/QUOTE]



i know how to use pointer scanner, that's how i found my first offset then i use that to find other hacks in dissect structure or reclass tool.



Let me show the visuals of the problem:



[IMG]https://s8.postimg.cc/qd8b6b479/problem1.jpg[/IMG]



[IMG]https://s8.postimg.cc/ja0fqtgt1/problem2.jpg[/IMG]



Now lets image the game has protection/gameguard. I cant use cheat engine, best i could do is freeze/suspend the process at login screen. When I attach my ce table and click the pointer address in address list, the only address i know is 14285CB68 not the 7C7F8010 because i cant login into game world so it's impossible for me to update the old offsets because i need to know the 7C7F8010 first before i can update the offsets.
Last edited by apinfear on Fri Jun 29, 2018 2:12 am, edited 7 times in total.

User avatar
FreeER
RCE Fanatics
RCE Fanatics
Posts: 142
Joined: Fri Mar 10, 2017 7:11 pm
Reputation: 12
Contact:

Help me with these..

Post by FreeER » Fri Jun 29, 2018 2:46 am

Because you keep putting in 14285CB68 not [14285CB68] the brackets MATTER. They aren't white space, they actually [i][b]mean[/b][/i] something. I've said it multiple times now and your image shows that you still don't get it and are apparently incapable of copy pasting...



Yes, that's rude, but I've said it nicely twice now (and it wasn't a small note with a bunch of other comments, it was the main point) and you obviously didn't get it so perhaps being rude will be the wake up call you need to [i]at least[/i] copy paste.



The 14285CB68 in the address list is not [i]just[/i] an address, it is a [b][i]pointer[/i][/b] to an address. Putting just [icode]14285CB68[/icode] in the dissect window treats it as just an address, putting [icode][14285CB68][/icode] treats it as a pointer. Of course it's not going to work if you treat it as one in one place and the other elsewhere.



As for protection that generally means it's an online game which last I knew can't be talk about on FRF (at least in any specifics, to be somewhat fair I'm not very active here...), so if we were to imagine that the conversation would probably be over :D

apinfear
What is cheating?
What is cheating?
Posts: 4
Joined: Thu Jun 28, 2018 6:22 pm
Reputation: 0

Help me with these..

Post by apinfear » Fri Jun 29, 2018 3:20 am

[QUOTE="FreeER, post: 50516, member: 980"]Because you keep putting in 14285CB68 not [14285CB68] the brackets MATTER. They aren't white space, they actually [I][B]mean[/B][/I] something. I've said it multiple times now and your image shows that you still don't get it and are apparently incapable of copy pasting...



Yes, that's rude, but I've said it nicely twice now (and it wasn't a small note with a bunch of other comments, it was the main point) and you obviously didn't get it so perhaps being rude will be the wake up call you need to [I]at least[/I] copy paste.



The 14285CB68 in the address list is not [I]just[/I] an address, it is a [B][I]pointer[/I][/B] to an address. Putting just [icode]14285CB68[/icode] in the dissect window treats it as just an address, putting [icode][14285CB68][/icode] treats it as a pointer. Of course it's not going to work if you treat it as one in one place and the other elsewhere.



As for protection that generally means it's an online game which last I knew can't be talk about on FRF (at least in any specifics, to be somewhat fair I'm not very active here...), so if we were to imagine that the conversation would probably be over :D[/QUOTE]



How the fuck im suppose to know about the bracket thing, if i knew that i wont post this thread. You should had told me about the bracket from beginning, i guess those images i posted really help to make you understand what's my problem.



Yes, it's online but using emulator files from ragezone and hosted BY ME locally but it has no protection yet because the xigncode files were fuck up/not working. Also, i'm not allowed to do ASM on my own server? lol.
Last edited by apinfear on Fri Jun 29, 2018 3:25 am, edited 3 times in total.

User avatar
koderkrazy
Fearless Donors
Fearless Donors
Posts: 248
Joined: Sun Jun 17, 2018 2:14 pm
Reputation: 157

Help me with these..

Post by koderkrazy » Fri Jun 29, 2018 3:21 am

[USER=19015]@apinfear[/USER], is this the game are you talking about? I think yes.

[B]Black Desert [/B]Online is a sandbox-oriented massively[B] multiplayer online role-playing game[/B] by Korean video game developer Pearl Abyss.





about the pointer, what [USER=980]@FreeER[/USER] is trying to say is this:

[SPOILER="use SquareBrackets"][IMG]https://image.ibb.co/kgenLT/problem11.jpg[/IMG][/SPOILER]

User avatar
FreeER
RCE Fanatics
RCE Fanatics
Posts: 142
Joined: Fri Mar 10, 2017 7:11 pm
Reputation: 12
Contact:

Help me with these..

Post by FreeER » Fri Jun 29, 2018 3:40 am

[QUOTE="apinfear, post: 50518, member: 19015"]How the fuck im suppose to know about the bracket thing[/QUOTE]Because I literally put it in my first post that's only 2 lines long and mentioned it [i]again[/i] in my second, it's not my fault if you don't bother to read what people tell you when you ask for help until they call you an idiot for not reading :D



And as for hosting it yourself, it's literally impossible to prove that you don't intend to use them on a non-local server later even if you could prove that you are doing so for now. Plus it probably breaks a bunch of laws even to say what you just did and I doubt FRF wants to be risk potentially being seen as encouraging such in any way :) but then I'm not staff so I can't say for sure.

User avatar
SunBeam
Trouble Makers
Trouble Makers
Posts: 1504
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 222

Help me with these..

Post by SunBeam » Fri Jun 29, 2018 7:55 am

"it's impossible for me to update the old offsets because i need to know the 7C7F8010 first before i can update the offsets."



Considering your [B]14285CB68 [/B]is a static address, fucking find references to it in game's .exe. You don't need it running for that matter, just unpacked/dumped (if using some protector over it) and opened in x64dbg. Then go to start of the first section of the .exe in top view (disassembler) - - should contain the executable code - - and to 14285CB68 in hex view. Select first 8 bytes (cuz this is a qword pointer) and [I]Find references to this address[/I].



There you go, good luck.
Last edited by SunBeam on Thu Jan 01, 1970 12:00 am, edited 3 times in total.

Post Reply

Who is online

Users browsing this forum: No registered users