How to retrieve a hidden variable ?

Memory scanning, code injection, debugger internals and other gamemodding related discussion
Post Reply
KevinDA
Cheater
Cheater
Posts: 34
Joined: Thu Apr 16, 2020 12:28 pm
Reputation: 0

How to retrieve a hidden variable ?

Post by KevinDA »

Hello, in the table with the selected value. I would like to recover edi but below is not its value. How to do ?

Image

JohnFK
Cheater
Cheater
Posts: 49
Joined: Tue Aug 29, 2017 10:50 am
Reputation: 16

Re: How to retrieve a hidden variable ?

Post by JohnFK »

Set a breakpoint to the instruction before yours to retrieve EDI value (CE only shows the register values after the instruction has been executed which in your case overrides EDI).

KevinDA
Cheater
Cheater
Posts: 34
Joined: Thu Apr 16, 2020 12:28 pm
Reputation: 0

Re: How to retrieve a hidden variable ?

Post by KevinDA »

How do I do ?
I do not understand

KevinDA
Cheater
Cheater
Posts: 34
Joined: Thu Apr 16, 2020 12:28 pm
Reputation: 0

Re: How to retrieve a hidden variable ?

Post by KevinDA »

I would like to get the address of edi.
Isn't there a way to display its value?
example in PHP you echo

User avatar
SunBeam
Administration
Administration
Posts: 2919
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 2053

Re: How to retrieve a hidden variable ?

Post by SunBeam »

You are in x64 land. You can't get a static address like in x86 where the setup would be this:

mov eax,[805060] == xx 60 50 80 00

Where the endianness gives away the static pointer between the brackets.

In x64 you have to calculate it based on rip, length of instruction and where that DWORD's position is in the instruction.

If your problem is that the address always changes, then use module + offset, just like CE puts it: "WWE2K20_x64.exe+2CC3F18" and not "7FF729203F18". The reason for this is something called ASLR ([Link]). Because of that the module base of WWE2K20_x64.exe will be different with every re-run of the game or every PC reboot.

Post Reply

Who is online

Users browsing this forum: No registered users