Solved CE Memory Viewer it's showing me some "function"+offset

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

KISKE

Game Developer
Meme Tier VIP
Fleep Tier Donator
Jul 27, 2016
168
3,938
16
Hi,
I'm trying to make a 'No Damage' cheat and I found the respective JMP, now I'm trying to do it in a Trainer, but I have a problem.


How can I get the value of 'GSGE.Code.Things.LifeComponent::TakeDamage' from code ?
And, by the way, what does that mean, it's not an .exe, it's not a .dll, what is it ?
 

Traxin

Escobar Tier VIP
Dank Tier Donator
Aug 3, 2015
1,041
25,378
154
Wait... I'm kind of confused by what you're trying to accomplish right now.
If you're trying to find a pointer to your player with no luck you could one of the following.
If you're right-clicking on the JNE instruction that's highlighted that's more then likely wrong. The actual code that does the work is most likely the one right beneath it. You'd want to right-click that instruction and see addresses it's modifying, you can test it by just nopping it and checking if your health gets updated.

Or you can hook something else and see if it has a pointer to your player and just save it. Gotta get creative now lol.
 

Traxin

Escobar Tier VIP
Dank Tier Donator
Aug 3, 2015
1,041
25,378
154
The whole "GSGE.Code.Things.LifeComponent::TakeDamage" thing means the function TakeDamage is a class method belonging to the class(or object?) LifeComponent, LifeComponent in turn belongs to the Things object (or class? lol...).

I think these are nested classes...

the +E3 is the offset from the start of the function that particular instruction resides at.

This game just happens to have all the symbols perfectly intact... I think XNA and .NET games will do this... IIRC Terreria is one of those and it also had all of it's symbols intact.
You can press Ctrl+G with that instruction highlighted and the Goto dialog will popup with that instruction's address highlighted in the box... Just have to Ctrl+C that bitch.
You can also go up to the menu and select View and disable some of the Symbols options to get it back to just regular ol' addresses.
 
Last edited:

KISKE

Game Developer
Meme Tier VIP
Fleep Tier Donator
Jul 27, 2016
168
3,938
16
You can press Ctrl+G with that instruction highlighted and the Goto dialog will popup with that instruction's address highlighted in the box... Just have to Ctrl+C that bitch.
Hi Traxin,
It's the first thing I tried, but that address it's not static, it should be ?



 

JMP

Newbie
Full Member
Dec 7, 2016
22
228
0
Put the hole name in the add adress manually so you will get the address of the string (without +E3).

If does not work try find out what instruction acceses this address and will can catch the pointer using the registers. You have a 64b game there my friend.
 

KISKE

Game Developer
Meme Tier VIP
Fleep Tier Donator
Jul 27, 2016
168
3,938
16
Put the hole name in the add adress manually so you will get the address of the string (without +E3).
That works in CE obviously, but I can't do that from code.
 

Traxin

Escobar Tier VIP
Dank Tier Donator
Aug 3, 2015
1,041
25,378
154
Hi Traxin,
It's the first thing I tried, but that address it's not static, it should be ?



Actually some .NET games will also do that.. you can just pattern scan that shit though.
Sometimes you gotta make the game tell you where something's at lol ;)
 

KISKE

Game Developer
Meme Tier VIP
Fleep Tier Donator
Jul 27, 2016
168
3,938
16
Actually some .NET games will also do that.. you can just pattern scan that shit though.
Sometimes you gotta make the game tell you where something's at lol ;)
Ok, I made it, and it's my first time with Pattern Scan, I'm happy.
Just one question, I open the game like eight times and that function always start with 7FE8, I'm scanning from 7FE 8000 0000 to 7FE 8FFF FFFF, it's working of course, but I don't know, that 7FE8 it's most probably that always be there ?


PD: I know that this is for my Project_x64 and of course I need to change the signature and build another project for Project_x86.
 
Last edited:

Traxin

Escobar Tier VIP
Dank Tier Donator
Aug 3, 2015
1,041
25,378
154
To answer your question... maybe. For the current version of the game, it will most likely stay in the same area I believe.

BUT! There's always a better way! In CE select Show Module Addresses and make sure it's the only one selected, no symbols or nothing.
If that shows what we were talking about earlier then you can probably just scan the GSGE module (main module?) and say fuck it.
It it shows something else than that's the module that instruction is in, scan that module only and you'll have an update-resistant god mode ;) (theoretically... )

BTW Congrats on the first time pattern scanning, getting more advanced errday KISKE!
 

KISKE

Game Developer
Meme Tier VIP
Fleep Tier Donator
Jul 27, 2016
168
3,938
16
BTW Congrats on the first time pattern scanning, getting more advanced errday KISKE!
Thank you!


BUT! There's always a better way! In CE select Show Module Addresses and make sure it's the only one selected, no symbols or nothing.
If that shows what we were talking about earlier then you can probably just scan the GSGE module (main module?) and say fuck it.
It it shows something else than that's the module that instruction is in, scan that module only and you'll have an update-resistant god mode ;) (theoretically... )
Ok, about this, just as I guess, it's just an address:

And I went for the simple path too, where I can manually see what access to that address and find the base address of my health value, but I can't figure it out. The manually path it's just confusing AF, so many levels I think.
And then just go directly to Pointer Scan but when I reach the second Scan, just show me ("THREADSTACK0"-address + offsets) and I see this post from Вroihon and I just don't want more problems.

And I notice something new, that code that you see in the images, all that portion of code only loads when I get hit the first time, then stays loaded. I don't know if this is relevant for something.
 

KISKE

Game Developer
Meme Tier VIP
Fleep Tier Donator
Jul 27, 2016
168
3,938
16
Wait... I'm kind of confused by what you're trying to accomplish right now.
If you're trying to find a pointer to your player with no luck you could one of the following.
If you're right-clicking on the JNE instruction that's highlighted that's more then likely wrong. The actual code that does the work is most likely the one right beneath it. You'd want to right-click that instruction and see addresses it's modifying, you can test it by just nopping it and checking if your health gets updated.

Or you can hook something else and see if it has a pointer to your player and just save it. Gotta get creative now lol.
No no, of course, I just mixed up the text without explain, sorry.
The instruction that change the health it's below in the opcode 'ucomiss'.

And then get the address of my health, and then I tried with that address everything I said before.
 

Traxin

Escobar Tier VIP
Dank Tier Donator
Aug 3, 2015
1,041
25,378
154
I think I get you, either way what I said before still stands.
What does the call to that function look like? You may be able to just hook the function and rewrite a parameter...
IDK It's getting difficult to help without having the target in front of me because I can only assume what's going on by just looking at the code.
If I could step through it I could check what's in the registers and what all the structs contain.
What game is this? I'll take a look at it later tonight.

In the meantime....

https://guidedhacking.com/showthrea...-Look-Up-Your-Addresses-Without-Pointer-Scans
https://guidedhacking.com/showthrea...d-Following-Assembly-Code-To-Get-More-Options

I think these two videos MIGHT help you proceed.
But either way, post back with the game name so I can check it out later tonight if you still need help.
 

KISKE

Game Developer
Meme Tier VIP
Fleep Tier Donator
Jul 27, 2016
168
3,938
16
Ok Traxin, thank you for that, I will see those videos tomorrow because Christmas and bla bla bla, I need to stop for today.
The game is Transistor by the way, maybe you can get it for free somewhere else :smile:

I really appreciate it what you are doing for me.
 

Traxin

Escobar Tier VIP
Dank Tier Donator
Aug 3, 2015
1,041
25,378
154
Ok Traxin, thank you for that, I will see those videos tomorrow because Christmas and bla bla bla, I need to stop for today.
The game is Transistor by the way, maybe you can get it for free somewhere else :smile:

I really appreciate it what you are doing for me.
Welp, can't find a copy that'll run on my machine so there's that! lol
And I'm not willing to pay for a game I'm only going to reverse for a few minutes.
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods