Solved Can't find Instructions into IDA

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

Daviex

Newbie
Full Member
Apr 23, 2016
5
52
0
Hello.
First of all, I wants to thanks the website for your videos, those are awesome!
I'm trying to do something like the one did by Raka into the videos "How to use IDA Pro" with a game that I took as example ( Enter the Gungeon ).
I got a problem on CE Side, because, I found the pointer to health, BUT, if I try to see what accessess to the pointer value, it gave me an address, that doesn't exist into IDA.
Now, this is an example:



From this, I can't find anything to do something over IDA.

Can someone explain me where I'm wrong?

Thanks
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,140
78,998
2,394
BUT, if I try to see what accessess to the pointer value, it gave me an address, that doesn't exist into IDA.
The memory address you're looking at is allocated dynamically and will not exist in IDA when doing static analysis of the binary on disk. You need to find a static pointer to it in cheat engine, then you look at the static pointer in IDA.

Watch this tutorial to learn how to find pointers:
https://guidedhacking.com/showthread.php?7194-C-Hacking-Any-Game-1-10-Difficulty-Part-1-2
 

Daviex

Newbie
Full Member
Apr 23, 2016
5
52
0
Rake;42295 said:
The memory address you're looking at is allocated dynamically and will not exist in IDA when doing static analysis of the binary on disk. You need to find a static pointer to it in cheat engine, then you look at the static pointer in IDA.

Watch this tutorial to learn how to find pointers:
https://guidedhacking.com/showthread.php?7194-C-Hacking-Any-Game-1-10-Difficulty-Part-1-2
If you meant with pointer scanner, already did for the money pointer:

But I can't get anything from this.
OR, there's something more interesting about the pointer of the instruction apart of the pointer scanner?

Anyway, I will look those tutorials too, thank you.
 

Daviex

Newbie
Full Member
Apr 23, 2016
5
52
0
Rake;42298 said:
Do the tutorial I sent you and you will learn the correct way to find a pointer
I looked at the video and is exactly what I tried. The pointer result with this, is another dynamic pointer, so, I tried to find myself a static pointer with the Pointer Scanner and I found some.

What I wanted to do, was to look at instructions of this type into IDA to understand how the program would works over it, not really the pointer to create a trainer.

If you need more info, just ask.

Thank you for the replies ^^

EDIT: Maybe I had to say this from beginning, and I'm sorry for this:
What I want to do, is to find the instruction pointer to look it over IDA, not the money pointer.
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,140
78,998
2,394
What I want to do, is to find the instruction pointer to look it over IDA, not the money pointer.
You're looking for the address of an the x86 instruction that modifies your money but you can't find it in IDA?

Looks like a unity game
 

mambda

headass
Escobar Tier VIP
Trump Tier Donator
Jun 25, 2014
2,298
37,938
269
It does exist in ida,the difference is that the game is loaded at a different place in memory each time, ida by default loads binaries at 0x400000(zeros) , so you can either rebase ida to the games current address base ( check with cheat engine -> add address manually -> gungeon.exe/whatever the name is .exe ) , or just do some math and subtract the address from the games base, then add it to ida's base
 

Daviex

Newbie
Full Member
Apr 23, 2016
5
52
0
So, thanks both for the answers.
Rake:
Yea, exactly, and yes, it's probably a UnityGame, because it has some calls to Unity in Strings References.

mambda:
So, I tried it.
With Cheat Engine, I obtained the address 0x00905A4D, but, as this an Odd numer, IDA won't rebase the program over it.
Also, the instruction pointer I found accessing the memory, is really high, and it seem to be a dynamic or "fake" pointer to real instruction... Any other idea?
 

mambda

headass
Escobar Tier VIP
Trump Tier Donator
Jun 25, 2014
2,298
37,938
269
your game base is 905A4D ? thats strange, can you show an image of that?
 

PwndDepot

I has a status
Dank Tier VIP
Trump Tier Donator
Dank Tier Donator
Nov 5, 2014
239
7,748
19
Why not just attach IDA's debugger instead of doing a static analysis?
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods