kiseki_ten wrote: ↑Fri Apr 23, 2021 5:47 am
I'm a beginner of cheat engine.
The item in the inventory could not be increased or decreased.
<Details>
(1) I tried pointer scan, multi-level pointer, and assembler script, but when I restart the game, the address fluctuates. It works fine before rebooting.
(2) With the current approach, the number of clicked items in the inventory is changed. But what I really want to do is to fluctuate the number of items in the 1-5 slots in the inventory to any number.
Please help someone.
First, this is a game that was programmed with the Unity engine. So, instead of searching for a multi-level pointer, it's easier to click Mono -> Dissect Mono. Look for Assembly-CSharp, open that up. Then, scroll down and take it all in. You're looking for something to do with the inventory or ItemInstance, or ItemManager, or something similar. When you want to browse some code, drop it down and you'll see fields (offsets), then methods (the game code). Right click on a method you want to browse and click "Jit," and it'll bring you to the start of that method in the game code.
Also, it sounds like you're talking about item count, or amount, in those slots, but I'm not sure. Your request isn't very clear. Regardless, here's a trick to always get a pointer to that number, quickly.
First, find the number while the game is running. Do your search as it increases and decreases and you narrow down search results to get the one location you're looking for. Make sure that you can change the number in CE, and that it changes in-game. Sometimes it'll appear changed until you go to use the item, and then it'll go back to the original count, or it'll keep count where you left it off, but once the *real* count zeroes out, you'll be out - even if it says you have X amount more. This is the most crucial step. You have to find the correct location that keeps track of the number you're trying to change. Make sure you temporarily add it to your code list. You'll be deleting it later, but you need it now. Once that's done....
Right click on that address and click "Find out what accesses this address." This will return every single code that accesses that value. So, if the game needs to constantly check to see that there is an item in the slot, you'll watch as it constantly ticks up the number of times that address is accessed by a different address.
Side note: I know this sounds confusing, but it's step by step and won't be confusing once you see it.
You'll find two types of results, usually. They'll follow a pattern like this:
Or...
Please keep in mind these are examples from my head. You're going to have to find the real code. The registers can be esi, edi, eax, edx, ecx, esp, ebp. They can also be the same, except instead of "e", it's "r." The difference isn't really important to you, just make sure you don't try doing something like:
If you're working with "e"s, keep using "e"s. If you're working with "r"s, keep using "r"s.
That said, you're looking for an address that moves a register into a register with an offset. That's what the first example is doing. Usually, you will only find one or two of these no matter what you mess with. Also, switching inventory spots can screw up everything sometimes so it's important to eliminate variables as you do your first step to search for the right address, and then as you mess with things further, don't change inventory slots around unless you find, as you test things out, that you totally can with no hindrance to your coding.
So, you've found your address that you want to check out. Double-click it in its little box and it'll open up the location where that address is happening. Now, you want to be able to find this every time, without effort. So, right click on that line, and click "Copy to Clipboard -> Address Only". Then, press Ctrl+A on your keyboard. This opens the assembler when you're looking at the game code. Look at the top bar, click "Template -> Full Injection." Press Ctrl+V at the first prompt, then hit enter. It should fill in a bunch of fancy stuff.
You're looking for:
newmem: - this is where you're code will go
code: - this is where the normal game code goes
Also, there is a gap for you between alloc(xxxxxxxxx), and label(code). In there, you'll put your variable so that you can call on it in your table. One of the quickest and easiest ways is to use globalalloc, but another is label. If you use label, you'll need to use registersymbol and unregistersymbol later in the script so, rather than explain that much, I'll just show you this.
Your code will look something like this:
DO NOT USE THIS - IT'S AN ARBITRARY EXAMPLE
Code: Select all
define(address,Class:Method+offset)
define(bytes,F3 0F 10 86 8C 00 00 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,Class:Method+offset)
globalalloc(_item,4) //This is where you will put your globalalloc command. 4 is memory space
//you're reserving for the variable. The variable "_item" can be whatever you want it to be
label(code)
label(return)
newmem:
mov [_item],esi //This is where your variable gets the pointer to the base address.
//Please note, we're not using "eax," We want the one with the offset
code:
mov [esi+10c],eax
jmp return
address:
jmp newmem
nop 3
return:
[DISABLE]
address:
db bytes
// mov [esi+10c],eax
dealloc(newmem)
Now, there is a button on the bottom that says "Execute." Don't click that. Instead, go to File -> Assign to Current Cheat Table. Then, close that window (the assembler).
Now, you should have a line that says "Auto Assembler Script." Rename that whatever you want, but you can click on the word, "Script," to the right, to edit it. Any edits you do can be committed by simply clicking the "Ok" button at the bottom now. In this case, the OK button has replaced what used to be the Execute button. It's a safe button for you now. Just don't commit changes while you've activated the script. Always deactivate it, edit it, then reactivate it. It'll save you a headache... Trust me
Still, we don't have the pointer. So we're going to make up our own! Click the button, "Add Address Manually." It's just above the word, "script," in your table at this point. Check the, "Pointer," box. The bigger, blank box is where you put your variable (_item, in this case). The smaller box with a zero in it is where your offset goes (10c, in this case). Once you do that, name it something in the Description box, and click OK. Now, if you want, you can nest that underneath your script. I do this because your pointer is dependent on that script running. Right click it and hit, "Group Config -> Hide Children When Deactivated." This is just a recommended step to help with organization. Once you activate your script, the pointer will pop out underneath it. If you deactivate the script, the pointer will be hidden from view.
There. Now you have a pointer that should load anytime you run your script, and every time you run the game. This should be an identical match to the address you added to your table earlier. If it matches, you can delete the original one you searched for. From there, you can do more things, but I think I'll leave that up to you.
Also, if you don't understand what "xmm5" means, you might have a difficult time with my instructions. My example is more of an integer example. However, Raft uses floats all the time. If you move numbers around, they need to match what the game is expecting. Your mono dissector can show you what your offset is, if you're unsure. However, if you see xmm registers in your code, you'll probably not see a, "mov," command accompanying them. You'll see the, "movss," command. If you don't understand this, hit up the search engines and YouTube. It'll be more succinct. Note that this doesn't affect your mov command into your globalalloc variable. The variable you created is to be treated like an integer.
Finally, I recommend SneakyMofo's channel on YouTube. Google that name, you'll find his channel as the first result. His videos are tutorials and they're extremely helpful. He's also much more educated on this so you'll likely learn more there than you will from my wall of text. Have fun!