Unusual offset instruction?

Anything Cheat Engine related, bugs, suggestions, helping others, etc..
Post Reply
mjolnir07
What is cheating?
What is cheating?
Posts: 3
Joined: Sat Mar 07, 2020 7:22 pm
Reputation: 0

Unusual offset instruction?

Post by mjolnir07 »

Hi friends! Long time lurker, been teaching myself how to use cheat engine, but so far only for the real basics for over a decade now.

I've gotten pretty comfortable with finding pointers, but have been having trouble with one since the latest update to the game.
I'm looking for an ammunition pointer, and pointermaps and pointer scans just weren't giving reasonably reliable results, so I decided to
track it down the old fashioned way, and here's what I ran into.


First, the probable pointer address is strangely the same address as the 4byte scan each time. But, and this is important, it isn't actually the pointer.
Second, the probable address turns out zero results in a 4byte hex scan, or over a million results in a 2byte or a single byte scan.
Lastly, the offset instruction looks like this:

mov [rcx+r14*4], esp

I understand that this is probably pretty elementary for a lot of folks, but I've simply never encountered this and had to bypass it before, I suppose it may be because of anti-cheat obfuscation? The game has an online competitive mode (which I cannot access, I am on satellite internet with a laughable ping), but this is for the single-player campaign, so I was hoping that the code would behave differently without an internet connection.


Any tips?

mjolnir07
What is cheating?
What is cheating?
Posts: 3
Joined: Sat Mar 07, 2020 7:22 pm
Reputation: 0

Re: Unusual offset instruction?

Post by mjolnir07 »

I'd like to add here that my primary obstacle is how do you enter r14*4 as an offset into a pointer address?

DrummerIX
ViP
ViP
Posts: 1720
Joined: Wed Mar 22, 2017 6:15 pm
Reputation: 2300

Re: Unusual offset instruction?

Post by DrummerIX »

My guess is that r14 is a specific value when it points to the value you want. Just find out what the value is and it's a constant mathematical equation.

Another option would be to inject some code at that offset instruction and then do the calculation of your pointer there like the following:

Code: Select all

mov [MyPointer],r14
imul [MyPointer],4
add [MyPointer],rcx
jmp originalcode
You would probably have to compare that r14 is the value you need though to make sure to only update when you need.

mjolnir07
What is cheating?
What is cheating?
Posts: 3
Joined: Sat Mar 07, 2020 7:22 pm
Reputation: 0

Re: Unusual offset instruction?

Post by mjolnir07 »

Oh man, duh, thanks! I knew it would be something obvious and simple that I was somehow overlooking. Also, thanks DrummerIX! Big fan of your work.

User avatar
kantoboy69
Expert Cheater
Expert Cheater
Posts: 90
Joined: Fri Aug 30, 2019 5:33 am
Reputation: 40

Re: Unusual offset instruction?

Post by kantoboy69 »

lea rax, [rcx+r14*4]

User avatar
Dread_Pony_Roberts
Fearless Donors
Fearless Donors
Posts: 351
Joined: Sun Dec 09, 2018 8:46 am
Reputation: 214

Re: Unusual offset instruction?

Post by Dread_Pony_Roberts »

kantoboy69 wrote:
Mon May 04, 2020 7:33 pm
lea rax, [rcx+r14*4]
This.

Post Reply

Who is online

Users browsing this forum: No registered users