Solved How do you find offsets?

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat


Jan 14, 2013
First off I'm very new to memory hacking and using CE and Ollydbg, so I hope I make sense with what I'm saying lol.

I was looking at the source of one of the hack releases (for CSS) here and it had some addresses/offsets, and I wanted to go about finding them myself so that if the game updated and pointers changed or something like that I'd be able to update it.

Specifically speaking I was looking at this part of a script and trying to find these values for practice,

const DWORD dw_LocalBaseEntity         = 0x74575C;  //cheat engine pointer scan = local player base
const DWORD dw_Health			= 0x90;     //ollydbg + client.dll = m_iHealth 
const DWORD dw_Flags                   = 0x314;   //ollydbg + client.dll = m_fFlags
const DWORD dw_Jump                    = 0x7711E8;  // cheat engine scan 4 for on ground in game console +jump then scan for 5 in air
For Health and Flags I found those with Ollydbg but from there how do I find or calculate the offset?

Also for Jump I found a static (green) address with Cheat Engine fairly quickly, so I don't understand how I would find '0x7711E8'. Also for 'LocalBaseEntity I have no idea where I would start.

I've looked at a few tutorials but I'm still confused.
Last edited:


Cesspool Admin
Jan 21, 2014

Your question is either covered in our Beginner's Guide or it is too vague. This guide was made so we didn't have to answer the same questions year after year. It is one of the most important resources here at GH.

Everything you need to know in the first 3-6 months you will learn from doing this guide. It is very thorough, even if you already have some experience you will still learn much from doing the lessons. There is no reason for us to have to answer these questions when they're covered in extreme detail in the guide.

Please do the Beginner's Guide and if you still have questions please be as specific and detailed as possible.

Last edited:

Chuck E

Dank Tier Donator
Jan 2, 2013
If I were you, which I was a couple of weeks ago, I'd run through the Trainer creation tutorials before trying to diagnose other people's hacks (diagnosing is good though). It can be a bit off putting if you come across stuff you cannot figure out, and may not figure out without good guidance/help.

Before I done anything hack related, I ran through this series of tutorials on YouTube, which proved to be very enlightening:

Fleep's tuts are excellent, and I believe there are ones on CE and OllyDbg use on this forum somewhere, but give those PerfectsDaily vids a go, you'll come out at the end with a better understanding of what's what :)

I'm going to make a start on Fleep's OllyDbg tutorial later today.

I'm on the Trainer creation stage myself... locating static addresses and offsets, getting to grips with C++ and the Windows API.... all good fun :)
Once I have the first Trainer done, I'll then create more for other games, then once happy with that, move on to Aimbots, Wallhacks, etc.

Good luck, matey :)


Full Member
Dec 18, 2012
1) Join CT on a public server.
2) Scan your health 100
3) Take some dmg
4) scan now your new health

Do like this until you have some address left.
Take all of these address and put it in the address table
Go throug every address, mark 1 of the address, press CTRL + B, now, the first row u see... we are going to look for a number 03, ( 03 = Team CT, 02 = TEAM T, 01 = SPECC MODE)
The address with the 03 in the row in CTRL+B, is the one you want.
Right click on it and pointer Scan, and you will get some address out like
clinent.dll + 0xAddress and a offset, in this case its cs source, so its 0x90
To get this information with a program all u do is

ReadProcessMemory(....... client.dll + 0xAdress + 0x90 ) to get the health for example :)


Jan 14, 2013
Thx for the replies, I was able to find everything and i'm now more experienced with olly and ce for finding pointers and offsets.

I have another question. I was trying to do nosmoke and was able to do it by finding the offset for r_drawparticles and then writing a 0 to it; is there any other address to write to, so that it doesn't go away completely? (kind of like m_flflashmaxalpha for flashbangs).


Meme Tier VIP
Dank Tier Donator
Oct 29, 2012
I have another question. I was trying to do nosmoke and was able to do it by finding the offset for r_drawparticles and then writing a 0 to it; is there any other address to write to, so that it doesn't go away completely? (kind of like m_flflashmaxalpha for flashbangs).
What was the value before you changed it to 0? If it was higher than 1 then you could try lowering the value. If it was one maybe try 0.5 or something. It's hard for me to tell without knowing what datatype it is.


Full Member
Aug 27, 2012
It's a boolean 0 = off, 1 = enabled. Basicly it doesn't render the smoke if it's 0. But if you go into it, your screen will still smoke out.
Last edited:


Meme Tier VIP
Sep 3, 2012
There are ways, but they are externally very hard / not really achievable.
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods