New to game hacking, lost in the process

Memory scanning, code injection, debugger internals and other gamemodding related discussion
Post Reply
barcelona
What is cheating?
What is cheating?
Posts: 1
Joined: Mon Aug 28, 2023 11:01 pm
Reputation: 0

New to game hacking, lost in the process

Post by barcelona »

Hello guys.
I recently started playing around with Cheat Engine and C++ to create a trainer for the game Eternium ( ).
I'm currently trying to find a way to replicate what was done in the table created by the awesome @MBRKiNG (viewtopic.php?t=17749) regarding the Cosmetics as the AoB pattern has changed.
I've tried to put more wildcars to find it again, but I got no no results.
I've tried to perform changed/unchaged value scans and even tried debugging to check which istruction was performing this but I had no success.

Could someone point me in the right direction?
How can I determine the exact point where a function happens?
Once I attach cheat engine, or x64dbg, the game just keeps running and the events I get are always late.
Is there a way to stop the game step-by-step without setting breakpoints?


Thanks in advice!

Firev2
What is cheating?
What is cheating?
Posts: 2
Joined: Thu Mar 07, 2024 9:19 am
Reputation: 0

Re: New to game hacking, lost in the process

Post by Firev2 »

"How can I determine the exact point where a function happens?" -> There is no 'automatic' way if there are no debugging symbols.

"'Ive tried to put more wildcars to find it again, but I got no no results." -> Likely the game has updated 'too much' and newer compilations broke the old pattern beyond repair.

"Is there a way to stop the game step-by-step without setting breakpoints?" Suspend all threads of the process. You can use process hacker for this from what I remember.

Cheers

Paul44
RCE Fanatics
RCE Fanatics
Posts: 887
Joined: Thu Jul 27, 2017 9:02 am
Reputation: 566

Re: New to game hacking, lost in the process

Post by Paul44 »

^^ concentrate on:
mageandminions.s86+23360D: 8D 8F 70 02 00 00 - lea ecx,[edi+00000270]
// ---------- INJECTING HERE ----------
mageandminions.s86+233613: 89 9F 7C 02 00 00 - mov [edi+0000027C],ebx

=> search aob for: "8D 8F * * 00 00 89 9F * * 00 00"
If still too many results, just add additional bytes (front/end), but any possible offset change must be wildcard-ed...
Once results return < 100, compare for "near" exactness...

ps: i generally start with them '02's still in there; hoping offsets are not thàt far off
ps: if you can get back to a working vs, that would allow you collect more opcode_scripts, AND have some datastruct examples to compare/expect...

Post Reply

Who is online

Users browsing this forum: No registered users