FearLess Cheat Engine

i'm trying to find the pointer address and i'm getting result the problem
is that every time the game rest or i die in the game all the address are change
and the same for the pointer i get the address there but not for the address that i want?
i tried to do find what access this address and i get these when my health is changed or decreased?

0105384C - C7 07 00000000 - mov [edi],00000000
010538A6 - F2 0F11 07 - movsd [edi],xmm0


the search type is Double?

any ideas?

Try something like this and look into code injection. Just copy code and paste in the address list.

ShyTwig16 wrote: ↑

Thu Mar 12, 2020 10:21 pm

Try something like this and look into code injection. Just copy code and paste in the address list.

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>0</ID>
      <Description>"Health Hook  ()-&gt;"</Description>
      <Options moHideChildren="1"/>
      <LastState/>
      <Color>008000</Color>
      <VariableType>Auto Assembler Script</VariableType>
      <AssemblerScript>{
	Health Hook

0105384C - C7 07 00000000 - mov [edi],00000000
010538A6 - F2 0F11 07 - movsd [edi],xmm0
}

{$STRICT}

define(bytes, C7 07 00 00 00 00)

////
//// ------------------------------ ENABLE ------------------------------
[ENABLE]
aobScanModule(aobHealthHook, C7 07 00 00 00 00 F2 0F 11 07)
define(injHealthHook, aobHealthHook)
assert(injHealthHook, bytes)
registerSymbol(injHealthHook)

alloc(memHealthHook, 0x400, injHealthHook)

label(ptrHealthHook)
registerSymbol(ptrHealthHook)

label(n_code)
label(o_code)
label(exit)
label(return)

memHealthHook:
	ptrHealthHook:
		dd 0
	align 10 CC
	n_code:
		mov [ptrHealthHook],edi
	o_code:
		mov [edi],00000000
	exit:
		jmp return


////
//// ---------- Injection Point ----------
injHealthHook:
	jmp n_code
	nop
	return:



////
//// ------------------------------ DISABLE ------------------------------
[DISABLE]
////
//// ---------- Injection Point ----------
injHealthHook:
	db bytes

unregisterSymbol(injHealthHook)

unregisterSymbol(ptrHealthHook)

dealloc(memHealthHook)

</AssemblerScript>
      <CheatEntries>
        <CheatEntry>
          <ID>1</ID>
          <Description>"Health"</Description>
          <VariableType>4 Bytes</VariableType>
          <Address>ptrHealthHook</Address>
          <Offsets>
            <Offset>0</Offset>
          </Offsets>
        </CheatEntry>
      </CheatEntries>
    </CheatEntry>
  </CheatEntries>
</CheatTable>

sorry i'm not that good with cheat engine i was not able to add it to the Auto Assemble
and the value type is double with that make any deterrent in the code?
this is the opcode address "PoliceStories.exe"+CD384C i don't know if i need it?
thank you

Boxs wrote: ↑

Thu Mar 12, 2020 11:08 pm

sorry i'm not that good with cheat engine

Then you should probably read a tutorial about this topic first. (At least the "Injection Copies" part.)
[Link]

Keep in mind that the instruction that writes to your health probably writes the health for all other entities too.