FearLess Cheat Engine

Community Cheat Tables of Cheat Engine
https://fearlessrevolution.com/

Unusual offset instruction?

https://fearlessrevolution.com/viewtopic.php?f=16&t=11793

Page 1 of 1

Unusual offset instruction?

Posted: Sat Mar 07, 2020 8:00 pm
by mjolnir07
Hi friends! Long time lurker, been teaching myself how to use cheat engine, but so far only for the real basics for over a decade now.

I've gotten pretty comfortable with finding pointers, but have been having trouble with one since the latest update to the game.
I'm looking for an ammunition pointer, and pointermaps and pointer scans just weren't giving reasonably reliable results, so I decided to
track it down the old fashioned way, and here's what I ran into.


First, the probable pointer address is strangely the same address as the 4byte scan each time. But, and this is important, it isn't actually the pointer.
Second, the probable address turns out zero results in a 4byte hex scan, or over a million results in a 2byte or a single byte scan.
Lastly, the offset instruction looks like this:

mov [rcx+r14*4], esp

I understand that this is probably pretty elementary for a lot of folks, but I've simply never encountered this and had to bypass it before, I suppose it may be because of anti-cheat obfuscation? The game has an online competitive mode (which I cannot access, I am on satellite internet with a laughable ping), but this is for the single-player campaign, so I was hoping that the code would behave differently without an internet connection.


Any tips?

Re: Unusual offset instruction?

Posted: Sat Mar 07, 2020 8:01 pm
by mjolnir07
I'd like to add here that my primary obstacle is how do you enter r14*4 as an offset into a pointer address?

Re: Unusual offset instruction?

Posted: Sat Mar 07, 2020 8:24 pm
by DrummerIX
My guess is that r14 is a specific value when it points to the value you want. Just find out what the value is and it's a constant mathematical equation.

Another option would be to inject some code at that offset instruction and then do the calculation of your pointer there like the following:

Code: Select all

mov [MyPointer],r14
imul [MyPointer],4
add [MyPointer],rcx
jmp originalcode
You would probably have to compare that r14 is the value you need though to make sure to only update when you need.

Re: Unusual offset instruction?

Posted: Sat Mar 07, 2020 8:36 pm
by mjolnir07
Oh man, duh, thanks! I knew it would be something obvious and simple that I was somehow overlooking. Also, thanks DrummerIX! Big fan of your work.

Re: Unusual offset instruction?

Posted: Mon May 04, 2020 7:33 pm
by kantoboy69
lea rax, [rcx+r14*4]

Re: Unusual offset instruction?

Posted: Mon May 04, 2020 11:02 pm
by Dread_Pony_Roberts
kantoboy69 wrote:
Mon May 04, 2020 7:33 pm
 lea rax, [rcx+r14*4]
This.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited