First pointer Scan finding 0 pointers - HELP Please !!

Memory scanning, code injection, debugger internals and other gamemodding related discussion
Post Reply
KillSwitch
What is cheating?
What is cheating?
Posts: 2
Joined: Fri Apr 26, 2019 12:13 pm
Reputation: 0

First pointer Scan finding 0 pointers - HELP Please !!

Post by KillSwitch »

Hi,

I`m modding Halo MCC PC Reach Flight (Single Player Mission test).

I have found multiple Dynamic addresses.
EG: [Link]
magazine size.
recoil bloom.
fire recovery rate.
initial projectile.
and other weapon tag related stuff but if i pointer scan any of the addresses it finds no pointers.

Any ideas why or what i may be doing wrong ?

Any help or advise would be awesome.

Cheers

User avatar
SunBeam
Administration
Administration
Posts: 4932
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4630

Re: First pointer Scan finding 0 pointers - HELP Please !!

Post by SunBeam »

I suggest learning to debug and finding a pointer path that the game actually uses. Pointerscan is prone to returning pointers that might work only in your OS. Yes, even after game restart or OS reboot. Safest way is to find a path the game engine uses the levels of.

MartaLabieniec
Expert Cheater
Expert Cheater
Posts: 312
Joined: Sat Oct 06, 2018 3:19 pm
Reputation: 137

Re: First pointer Scan finding 0 pointers - HELP Please !!

Post by MartaLabieniec »

SUNBEAM, show any tutorial about that :-D

User avatar
SunBeam
Administration
Administration
Posts: 4932
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4630

Re: First pointer Scan finding 0 pointers - HELP Please !!

Post by SunBeam »

Find a pointer, say level 4 pointer. You then add to the list all of the pointer levels (as in the addresses the levels point to) and debug each. If the game uses each level, you'll see instructions in the debugger showing like this, with each debug:

- mov eax,[ecx+5F0] - for level 3 -- this means your level 3 offset in the pointer path is accessed
- mov ecx,[edx+284] - for level 2 -- this means your level 3 offset in the pointer path is accessed
- mov eax,[ebx+350] - for level 1 -- this means your level 3 offset in the pointer path is accessed

(note that those don't follow one another; they are individual debug actions)

While your pointer tree looks like this:

5F0 = address 2A56822
284 = address 24785F0
350 = address 2699120
game.exe+2F4500 - level 0

So what you actually have to add to your list to get all those debugs are: 2A56822, 24785F0 and 2699120.

Post Reply

Who is online

Users browsing this forum: No registered users