What would this offset be?

Anything Cheat Engine related, bugs, suggestions, helping others, etc..
Post Reply
DellianEnt
Noobzor
Noobzor
Posts: 5
Joined: Tue Aug 03, 2021 1:54 pm
Reputation: 1

What would this offset be?

Post by DellianEnt »

Firstly apologies. I know these questions get asked a lot but I've really done my best trying to figure this out. It's just well above my very novice skill level at this stage.
The game is Hoard. Simple 2d game on steam.

I can find all my values, fire strength, health, gold capacity, speed etc. I'm trying to make a pointer map to keep it there but I can't narrow it down enough without the offset value.

Image

I'd appreciate any help on this.

DrummerIX
Expert Cheater
Expert Cheater
Posts: 2885
Joined: Wed Mar 22, 2017 6:15 pm
Reputation: 0

Re: What would this offset be?

Post by DrummerIX »

Your probably looking at code that is shared. Either the edx*8 is telling it exactly where to go and edx is probably a number between 0 and some max number. It is probably always the same for whatever value you found.

so it goes something like

Code: Select all

cmp edx,1 (assume edx is 1 for what you want)
jne originalcode
mov [MyPointer],edx
imul [MyPointer],8
add [MyPointer],edi
add [MyPointer,30

originalcode:
  blah blah (original code goes here)

aSwedishMagyar
Table Makers
Table Makers
Posts: 670
Joined: Mon Jul 06, 2020 3:19 am
Reputation: 1190

Re: What would this offset be?

Post by aSwedishMagyar »

More than likely it is an array and you can simply store the base (EDI) in your allocated pointer and make a record with an offset of 0x42*8+30. Check to see if all of the addresses that go through that instruction have the same base. If they do then that's all you need, no reason to do the multiplication in ASM.

If you want to only get that address and don't care about the rest then just do:
cmp edx,42
jne originalcode
lea eax,[edi+edx*8+30]
mov [MyPointer],eax
originalcode:
mov eax,[edi+edx*8+30]

But it still would make more sense to just get the base, especially since it's easier.

User avatar
Marc
Table Makers
Table Makers
Posts: 378
Joined: Mon Mar 26, 2018 2:35 pm
Reputation: 377

Re: What would this offset be?

Post by Marc »

Of course, copying the pointer with code injection is the best way, like DrummerIX and aSwedishMagyar already pointed out.

But since you asked for narrowing down your pointer list: to my knowledge, you can not reliably use the "offset must be xx" filtering in your case.
Instead, you can try two things:
1. reboot the pc, run the game again, search your value, invoke pointerscan and load your last results. filter out all pointer pathes which are wrong by filtering for the new address (not value, address filters out more wrong results)
2. click on the last offset-column of the result list. (Offset 6 or whatever). Cheat Engine will then sort the table by the pointer-length. Try the shortest pathes

DellianEnt
Noobzor
Noobzor
Posts: 5
Joined: Tue Aug 03, 2021 1:54 pm
Reputation: 1

Re: What would this offset be?

Post by DellianEnt »

Really appreciate the replies. Thank you! Great opportunity for more learning.

Post Reply

Who is online

Users browsing this forum: henee21