Hello guys.
I recently started playing around with Cheat Engine and C++ to create a trainer for the game Eternium ( ).
I'm currently trying to find a way to replicate what was done in the table created by the awesome @MBRKiNG (viewtopic.php?t=17749) regarding the Cosmetics as the AoB pattern has changed.
I've tried to put more wildcars to find it again, but I got no no results.
I've tried to perform changed/unchaged value scans and even tried debugging to check which istruction was performing this but I had no success.
Could someone point me in the right direction?
How can I determine the exact point where a function happens?
Once I attach cheat engine, or x64dbg, the game just keeps running and the events I get are always late.
Is there a way to stop the game step-by-step without setting breakpoints?
Thanks in advice!
New to game hacking, lost in the process
Re: New to game hacking, lost in the process
"How can I determine the exact point where a function happens?" -> There is no 'automatic' way if there are no debugging symbols.
"'Ive tried to put more wildcars to find it again, but I got no no results." -> Likely the game has updated 'too much' and newer compilations broke the old pattern beyond repair.
"Is there a way to stop the game step-by-step without setting breakpoints?" Suspend all threads of the process. You can use process hacker for this from what I remember.
Cheers
"'Ive tried to put more wildcars to find it again, but I got no no results." -> Likely the game has updated 'too much' and newer compilations broke the old pattern beyond repair.
"Is there a way to stop the game step-by-step without setting breakpoints?" Suspend all threads of the process. You can use process hacker for this from what I remember.
Cheers
Re: New to game hacking, lost in the process
^^ concentrate on:
mageandminions.s86+23360D: 8D 8F 70 02 00 00 - lea ecx,[edi+00000270]
// ---------- INJECTING HERE ----------
mageandminions.s86+233613: 89 9F 7C 02 00 00 - mov [edi+0000027C],ebx
=> search aob for: "8D 8F * * 00 00 89 9F * * 00 00"
If still too many results, just add additional bytes (front/end), but any possible offset change must be wildcard-ed...
Once results return < 100, compare for "near" exactness...
ps: i generally start with them '02's still in there; hoping offsets are not thàt far off
ps: if you can get back to a working vs, that would allow you collect more opcode_scripts, AND have some datastruct examples to compare/expect...
mageandminions.s86+23360D: 8D 8F 70 02 00 00 - lea ecx,[edi+00000270]
// ---------- INJECTING HERE ----------
mageandminions.s86+233613: 89 9F 7C 02 00 00 - mov [edi+0000027C],ebx
=> search aob for: "8D 8F * * 00 00 89 9F * * 00 00"
If still too many results, just add additional bytes (front/end), but any possible offset change must be wildcard-ed...
Once results return < 100, compare for "near" exactness...
ps: i generally start with them '02's still in there; hoping offsets are not thàt far off
ps: if you can get back to a working vs, that would allow you collect more opcode_scripts, AND have some datastruct examples to compare/expect...
Who is online
Users browsing this forum: No registered users