Solved Understand Pointers & Offset

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

Shinao

Newbie
Full Member
Sep 10, 2012
6
254
0
Hello,

I followed the first videos tutorials from Fleep about "How to hack any game", and because I don't like to follow instructions I can't fully understand I need your help :

The first thing I would like to know is how an address is detected as static (see green text in CE).
C++:
int nb = 15; // Apparently not static...
Then I would like to understand the term offset : Why is there a gap between two pointers ?
When I think pointers it's all about :
C++:
int nb = 15; // still not static
int *pNb = &nb; // pNb have the address of nb as a value = no gap
If somebody can enlighten me about that, like a little code where I can find a static address and a gap (offset) between a pointer and his value.

Thanks in advance

Sorry for my spelling,
I'm also working on my English.
 

c5

Kim Kong Trasher
Dank Tier VIP
Dank Tier Donator
Jul 19, 2012
1,187
12,638
76
Also whether the address pops up as static or dynamic can also be dependent on in which context it's called in the program code. For example:

C++:
#include <iostream>

using namespace std;

int x = 15291;

int main()
{
	cin.get();
	cout << "x is: " << x << endl;
	cin.get();
}
In the code above, the address of the holder of x value is static. But in the context below:

C++:
#include <iostream>

using namespace std;

int main()
{
	cin.get();
	int y = 15292;
	cout << y is: << y << endl;
	cin.get();
}
The address of y appears to be dynamic. I can't explain why it is so, I'm sure someone will :)
 

c5

Kim Kong Trasher
Dank Tier VIP
Dank Tier Donator
Jul 19, 2012
1,187
12,638
76
Offset can also be considered as a gap between program's "entrypoint" and an address.
 

Shinao

Newbie
Full Member
Sep 10, 2012
6
254
0
Hello,

First of all, thank you for your reply.
I understand now that the offset are the jump needed from the static base (thanks for the examples) to the wanted dynamic address.
But technically, what is an offset ? 1 offset = one address (Memory speaking ?)

With the video I have seen (Assault Cube), to get AMMO Address we need to do : BASE Address + 378 + 14 + 0. You can't do BASE Address + 392. So I'm wondering how it works ?
It goes to the BASE then jump of 378 offset, where there is a pointer (it gets the value) then go to this address to again jump of 14 offset etc... ?

Thank you again for your help,
and sorry if my sentances are incorrect.

PS : I see my thread at the second page (bug ?)
 
Last edited:

Shinao

Newbie
Full Member
Sep 10, 2012
6
254
0
A little.

I just don't understand : what an offset is reffering to. One offset = ?
I understand that an address can be dynamic : malloc() can allocate differently when the program is restarted for example.
But in what an offset is different in the way you are SURE that BASE + offset = your address ?

1 offset cannot be 1 address, else it will not be static.

Thanks in advance
 

c5

Kim Kong Trasher
Dank Tier VIP
Dank Tier Donator
Jul 19, 2012
1,187
12,638
76
Offset = A number between something

BASE + Offset = Overall distance

lets assume that | is one slot, therefore:

| + ||| = ||||

Now we can see that our offset is 3 because it's 3 slots away from the |

or we can do it like that:

||| + |||| = |||||||

Now the offset is 4 because the end result is 4 (||||) away from 3 (|||)

Sorry, I can't really explain any better :D
 
Last edited:

Shinao

Newbie
Full Member
Sep 10, 2012
6
254
0
Okey, I think I was wrong from the beginning.

I understand now that the base got a dynamic value, and from there, we can jump thanks of the offsets.
Why the value is different, is another question now... ?

Strange thing I got when I tried something on your code :
C++:
#include <iostream>

using namespace std;

int x = 15291;

int main()
{
	cin.get();
	cout << "x is: " << x << endl;
	cout << "&x is: " << &x << endl;
	cin.get();
}
From your code, address of x is static and is green in CE (logic).
From my code, address of x is dynamic but is also green in CE.
If somewhere in the code I put &x, boom, static to dynamic.

Thanks for yours answers, it's becoming clearer, even if there are some dark corners.
 

Anton2k

Newbie
Full Member
Jan 26, 2013
5
192
0
Sorry to bump an old thread but i kinda get where Shinao is coming, i am also having a hard time trying to understand how offsets and pointers and all that work in general, i have read but i just keep forgetting, its allot to take in when you haven't looked at them before. So let me explain what i am understanding and then maybe you guy's can help me.



1. You search for some value in a game e.g. Ammo Number (since that's the easiest one for me to understand).

2. After searching for the ammo value a few times i narrow it down to 2 addresses. (these are dynamic addresses right? and only 1 of the addresses is what i am looking to manipulate right? or could it be 2 or more depending on the game?)

3. I play about with the addresses freezing them and changing there values until i figure out which address is the one i am looking for. (presuming i am only looking for one address and not 2.)

4. Now just to clarify these addresses are not static, they are dynamic, so now i need to find the static addresses of these dynamic addresses. (am i right?)

5. In order to do this (and the only way i know how to), is to right click on the dynamic address in cheat engine, and click "find out what writes to this address".

6. This takes me to a new window that is searching for what writes to the dynamic address. So i go back in game and fire a round.

7. After firing the down i see this and address along with some assembly e.g. 0045B75F - FF 0E - dec [esi]

8. I right click on 0045B75F - FF 0E - dec [esi] and click "more info" this takes me to another windows where the address and assembly from the previous window are highlighted in red.

9. In this windows under the address and assembly that is highlighted in red there is some text that reads, the value of the pointer needed to find the address is probably 008A8CE4 (is this address my static address for the ammo meaning i could simply write somthing to it? what would i write to it? an int? i.e. 100 for 100 bullets aka ammo or would i write some thing else? this is where i get confused)

Thank's Again.
-Anton.
 

Ollie

Newbie
Full Member
Feb 2, 2013
11
202
0
I'll try to help you.

Here's an example:

You have 100 ammo, and you will need to find the dynamic address of that.
This address is dynamic, meaning it will change when you restart the game.

Now you will need to find the offsets, so you can always find the correct address from the BASE address.
To find the offsets, you will need to check what accesses/writes to this address.

Now it might say something like the value of the pointer needed to find the address is probably 0x12345.
Also save the offset in notepad or something. Offset is the hex value you see after the OP command.

mov eax,[ESP+10]

10 (Hexadecimal) would be your offset in this case.

So 0x12345 is the value of the pointer, not the pointer's address it self, so you will need to search that 0x12345 with CE.
In the best case, it will give you one result, an address in the other column and 0x12345 in the other.

Now that address is the address of the pointer that points to AMMO.
Let's say that the address of the pointer is 0x5555.

Now you can test it by clicking add custom address.
You will tick the pointer check box, because we are using a pointer here, not a direct value.

Now you need to put 0x5555 in the address slot, and add one offset.
You found the offset (0x10), and you will put that in the offset slot.
Then click OK.

Now if you did everything correctly and you had the right addresses, you should see the ammo value.
P->SomeAddress Value: 100 (Your ammo)

P-> Indicates that it is a pointer pointing to an address where the ammo is stored.

You will need to repeat this over and over and keep adding new offsets and modifying the address, until you find "RandomExe.exe"+0xSOMETHING and that would be your static address.

Pointer's value is the address it is pointing to, not the ammo.

In multilevel pointers it would go something like this:

You have your base address with the offset, and (BASE+OFFSET) memory holds a pointer, that points to a pointer, that points to a pointer that points to the final memory address holding your ammo.

I hope you understood at least something, pointers can be really confusing at first but they are just memory addresses that hold another memory address in them. (Could be anything from integer to another pointer)
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods