Page 1 of 1

Encrypted value

Posted: Fri Aug 31, 2018 10:04 am
by hello_hello
Hi there,

In gameguardian, there is an option for encrypted value search

Is there something similar available for cheat engine? Plugin or anything?

Re: Encrypted value

Posted: Fri Aug 31, 2018 12:30 pm
by TimFun13
I'm not sure what "gameguardian" is doing, but there really isn't any universal way to decrypt a value; some may use a simple XOR setup, but others may just be "V * 2 + 1 = stored value". Plus there is even the AES instruction set.
[Link]

EDIT:
The best way I know of is to use "unknown initial value" and "changed" and "unchanged" scans; and freeze the encrypted value to see that you have found the right one. Then see what accesses it to see how the value is encrypted/decrypted.

Re: Encrypted value

Posted: Sat Sep 01, 2018 2:54 am
by koderkrazy
It's no magic, With encrypted value search in GG you still have to change stats(money, hp) and scan multiple times. It's not giving results right away. I think GG is simply doing unsigned 2-byte, 4-byte or 8-byte scans on changed and unchanged values.

So ,in GG, with encrypted value checked, when you:
1. Select datatype , it tells GG to search for 2, 4, or 8 bytes. eg. if you select word it'll search 4bytes, for Dword=8bytes.
2. When you enter actual stat value before hitting refine/search. It just tells GG that the value is changed or not. So it'll do changed or unchained value search based on that.

Equivalent in Cheat Engine would be to:
1. select 2/4/8 byte valuetype and do 'unknown initial value' search.
2. then do changed and unchanged value searches
If you want to search 2,4,8 byte values at same time then in 'scan settings' select these types in 'All type includes'. And do scan on all types.

Re: Encrypted value

Posted: Fri Dec 29, 2023 4:30 pm
by Sami1982
koderkrazy wrote:
Sat Sep 01, 2018 2:54 am
It's no magic, With encrypted value search in GG you still have to change stats(money, hp) and scan multiple times. It's not giving results right away. I think GG is simply doing unsigned 2-byte, 4-byte or 8-byte scans on changed and unchanged values.

So ,in GG, with encrypted value checked, when you:
1. Select datatype , it tells GG to search for 2, 4, or 8 bytes. eg. if you select word it'll search 4bytes, for Dword=8bytes.
2. When you enter actual stat value before hitting refine/search. It just tells GG that the value is changed or not. So it'll do changed or unchained value search based on that.

Equivalent in Cheat Engine would be to:
1. select 2/4/8 byte valuetype and do 'unknown initial value' search.
2. then do changed and unchanged value searches
If you want to search 2,4,8 byte values at same time then in 'scan settings' select these types in 'All type includes'. And do scan on all types.

I am using game guardian on Android and the value I need is encrypted (i.e. i can only find it by ticking the "value is encrypted" option) and then I decrease, refine...etc to zero in on the correct value. My question is, anyway I can speed up or automate this so that I don't need to repeat the decrease, refine....etc process every time I restart the game? Normally for a non-encrypted value I just do a group search, write the script and done. But I am unable to find any values that i can use in a group search with that encrypted value. Nothing seems to work once the game is restarted. I've tried the offset method as well and the XOR key and pointers but as I said unfortunately once I restart the game nothing works and I can't re-find that encrypted value unless I undergo the entire search, decrease, refine...etc process all over again. Would appreciate any help on the matter. Thanks

Re: Encrypted value

Posted: Fri Dec 29, 2023 4:39 pm
by Sami1982
PS
I apologize for posting an inquire pertaining to Game Guardian here but I received no answers on the Game Guardian forum and I've requested permission to post on the Game Guardian subreddit several times but i was completely ignored. Kinda desperate :D)

Re: Encrypted value

Posted: Sun Dec 31, 2023 10:02 am
by hien2702
For encrypted value, it is difficult to use scan to find it. What if that value is encrypted according to the update tick, or updated every 0.1s, or updated when your character performs a certain action? Are you sure that at the time you perform the unchanged value scan, the value has not changed at all? And suppose you can find 200-300 values, including the correct variable, how do you know it? Split and freeze or change the value of a set of variables? It will easily lead to a game crash, and you will have to start scanning again from the beginning.
The only and safest way to find the encrypted value is to go from the display value and use back tracing.

Re: Encrypted value

Posted: Sun Dec 31, 2023 1:31 pm
by Sami1982
hien2702 wrote:
Sun Dec 31, 2023 10:02 am
For encrypted value, it is difficult to use scan to find it. What if that value is encrypted according to the update tick, or updated every 0.1s, or updated when your character performs a certain action? Are you sure that at the time you perform the unchanged value scan, the value has not changed at all? And suppose you can find 200-300 values, including the correct variable, how do you know it? Split and freeze or change the value of a set of variables? It will easily lead to a game crash, and you will have to start scanning again from the beginning.
The only and safest way to find the encrypted value is to go from the display value and use back tracing.
I am able to find the encrypted value just fine. I used the "value is encrypted" option in Game Guardian and then I decease my health, refine, increase, refine...etc until I find it. And once I find it yes I am sure that it does not change no matter what happens or what I do unless I take damage. My question is, how can I find it again faster once I restart the game without having to go through the entire search, decrease, refine...etc process all over again? I went up and down the list (above and below my main value) trying to find a unique/non-changing value that I can use in a group search or calculate its offset, but they all change once I restart the game. Hence I get no results at all using a group search or the offset method. I've tried pointers, but had no luck. I've also tried the pointer chain tool by Game Guardian. I've also tried to find the XOR key. Nothing works once the game restarts. And I can find it fairly easily again using the whole "search, increase, refine...etc" process. I just wanted to speed it up/automate it if possible.

Re: Encrypted value

Posted: Tue Feb 06, 2024 5:12 am
by SunBeam
Like everyone here explained to you, there's no such thing as "scanning for an encrypted value". Cheat Engine already has the "unknown search", so that's what you want: scan for an unknown value, get it to change, search for "has changed" (not increased, not decreased). If it's 'encrypted', then how do you know the encrypted value for the next scan is a decrement from the first? Encryption modifies data so it wouldn't follow that rule. Go with: unknown, has changed, has not changed till you find it.

You can't speed it up, because really, there is not universal logic behind it. Scanning FULL memory takes time, scanning in sequences to filter out values that have changed, have not changed, etc. also takes time. That's that.