Solved Base pointer / adress trouble

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

user123

Newbie
Full Member
Jul 8, 2014
17
142
0
Im trying to get the base pointer/ base adress/whatever you want to call it.
I already found a working dynamic adress for the health variable.
So I can already change my health to whatever I want, but I just need the base pointer so I can use it in a C++ trainer or so.
The game in question is Serious Sam double D XXL.

Problem is: When I attach the debugger, I cannot find any mov /add / sub assembly instructions.
It gives me really weird thing, look at these screenshots:
screenie2.png
screenie3.PNG
Anyone knows what I am doing wrong?
 

Attachments

Last edited:

Kyte

Newbie
Full Member
Jul 9, 2014
5
398
0
I gave it a try and that's what I got too, I couldn't get further with manual scan so used CE's pointer scan option at 5 levels. I narrowed it down to a handful of pointers with the base address of 'xnavisualizer.dll +0000A4BC'. Just find out the base address of the dll in SSGame and add that offset and you've got your pointer base address. I done this and tested it in a basic trainer and it worked fine, updating the health to 100 every x milliseconds.

C#:
string HealthPointer = "73CAA4BC";
int[] HealthOffset = {0x144, 0x4C, 0xBC, 0x04, 0x08};
int HealthInc = 100;
Oh yeah and don't forget it's a float value, so when converting to byte for the value you're writing I used:
C#:
byte[] valueToWrite = BitConverter.GetBytes((float)HealthInc);
Edit:
Just reread your post. Did you attach the debugger with 'find out what writes to this address' or 'find out what access this address'? I used the latter and had 1 extra operation in my debugger which was an "fsubr dword ptr [eax]" just before the fstp. fsubr is a subtraction instruction, I nop'd it and it had the same effect of unlimited health, though the health value was locked at about 10.
 
Last edited:

user123

Newbie
Full Member
Jul 8, 2014
17
142
0
I gave it a try and that's what I got too, I couldn't get further with manual scan so used CE's pointer scan option at 5 levels. I narrowed it down to a handful of pointers with the base address of 'xnavisualizer.dll +0000A4BC'. Just find out the base address of the dll in SSGame and add that offset and you've got your pointer base address. I done this and tested it in a basic trainer and it worked fine, updating the health to 100 every x milliseconds.

C#:
string HealthPointer = "73CAA4BC";
int[] HealthOffset = {0x144, 0x4C, 0xBC, 0x04, 0x08};
int HealthInc = 100;
Oh yeah and don't forget it's a float value, so when converting to byte for the value you're writing I used:
C#:
byte[] valueToWrite = BitConverter.GetBytes((float)HealthInc);
Edit:
Just reread your post. Did you attach the debugger with 'find out what writes to this address' or 'find out what access this address'? I used the latter and had 1 extra operation in my debugger which was an "fsubr dword ptr [eax]" just before the fstp. fsubr is a subtraction instruction, I nop'd it and it had the same effect of unlimited health, though the health value was locked at about 10.
I tried the pointer scan, but got like a million results. I must have done something wrong.
When trying "find out what accesses this adress" I get this:
screenie4.PNG
Which returns again the dynamic adress that is useless...
I have no idea what to do now, please help.
 

Kyte

Newbie
Full Member
Jul 9, 2014
5
398
0
If you look at your debugger results you will see an instruction with the offset [eax+edx*4+08], since EDX has a value of 0 the level 1 pointer is just eax with offset 08. Following the manual method for finding base addresses and search for the hex value of that pointer, I got 1 result. Manually add the address of that result as a pointer with the offset of 8 (as type float) and it should point to the health. Keep following it back repeating as normal to find your base address.


Hope this helps some, heres a screenshot incase I haven't explained very well.

 
Last edited:

user123

Newbie
Full Member
Jul 8, 2014
17
142
0
Wow, I think I finally found it.
I will probably get this to work, if not, ill let you know.
But this whole process was really confusing, so many different values, what to add to what etc.
I found it out of dumb luck, I just tried every possible combination and accidently got it to work.
Anyways thanks for the help, ill update later.
screenie8.jpg
 

user123

Newbie
Full Member
Jul 8, 2014
17
142
0
If you look at your debugger results you will see an instruction with the offset [eax+edx*4+08], since EDX has a value of 0 the level 1 pointer is just eax with offset 08. Following the manual method for finding base addresses and search for the hex value of that pointer, I got 1 result. Manually add the address of that result as a pointer with the offset of 8 (as type float) and it should point to the health. Keep following it back repeating as normal to find your base address.


Hope this helps some, heres a screenshot incase I haven't explained very well.

Dammit, I was wrong, I did not find the base pointer. Ignore my reply earlier.
I can get the results just like in your screenshot, but the adress that is supposed to be the base pointer changes every time you restart the game.
if I do "view what accesses this adress" on the "fake pointer", I get another useless dynamic adress pointer.
Ive done this like 5 or 6 times, each time with different dynamic useless adresses.
Do you know what I have done wrong?
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods