Cheat Engine tutorial - Unknown initial value search
In this section of the Cheat Engine Tutorial i’ll talk about pointers (Pointers).
Using the Code Finder, we can modify the code with fake instructions to prevent the value from changing.
However, this is not enough if we also want to change the value as we wish.
For this reason in this section i will explain how to find pointers (Pointers) used in the piece of code that modifies our value.
By combining the two techniques, we can either block the value by replacing the code, or by changing its value to our liking.
Here’s the video tutorial for this lesson:
Cheat Engine Tutorial – Pointers – Target
To achieve the desired result, we must find the pointer (hence the title of this lesson) that is used by the assembler code to access the memory area of the value we are interested in editing.
I understand the difficulty of less technical readers, and I will try to be as clear as possible, but these last lessons of the Cheat Engine Tutorial are certainly the most technical and complex to understand.
However if you have the patience to try and follow the tutorial carefully, you will certainly get much more exciting results with Cheat Engine.
Going back to what we were saying.
If we can figure out what this pointer is and block it using the Cheat Engine’s basic technique at a constant value, we will have a double advantage.
On one side we can change the value of our statistics, parameter, or what it is, present in our game.
On the other hand, we will be sure this address will not change, because our cheat will determine what is the pointer’s value.
Cheat Engine Tutorial – Pointers – The research
First, let us go to step 6 of the Cheat Engine tutorial.
The screen will appear as in the figure.
Below you can see three buttons (the third is the usual button that unlocks after completing all the steps in the tutorial)
The first one will serve to change the value (simulates how in the other cases the change of statistic or parameter)
The second, instead, changes the pointer and simulates the change of the pointer from our game.
After that, we will have to connect to the Cheat Engine tutorial process as seen in previous lessons, and look for the value of this field in the tutorial using Cheat Engine.
We start searching and find a lot of addresses.
Modify the value of the tutorial field using the button.
We continue the search using this new value.
We can get a single address or more than one, in the latter case, we continue searching until the result fails and we find the correct address.
Add the address found (1) to the list (2) of the addresses.
Right-click on the address and select the item “Find out what accesses this address”.
Debug mode will be activated and will capture the instructions that access the found address.
By changing the value of the tutorial input field (1), the code table that access to that address will populate (2).
So far, what we did, we had already seen the last lesson.
From now on instead pay special attention, because the procedure changes and becomes more complex.
From the list of assembler codes found, you should try to “sense” the correct code for analysis.
The Cheat Engine Tutorial Guide suggests that you only look for instructions that have populated square brackets, this is because the square brackets in assembler is equivalent to reading the parameter value shown in parentheses.
I add that in the list you see in the figure, only one statement has the basic feature that interests us, that is, the pointer reads, the other instructions access the pointer but do not read its value to store it elsewhere.
So let’s continue by selecting the second item in the list (1) with a double click of the mouse on the entry.
This will open a new window where you will find state the address to use for the next research step (2).
We use this value for search on cheat engine, but by activating the hexadecimal research, because the address is in this format.
Then, use the value (1) shown in the figure to populate the search field (2) on Cheat Engine.
Activate check Hex (3) to enable hexadecimal search.
We start searching, almost always will get a single value, if that was not the case, often our element searched is the first of the list.
Add, as before, this address to the address list.
Now we make a click on the “Add Address Manually” button (1) to add an address to the list, manually.
This will open a new window and selecting the check “Pointer” (2), will be modified as in the previous figure.
At this point we will have to enter the address value found previously (3) in (4) of the window.
Let’s continue with “Ok” and the game is done.
Note that there may be the most complex cases because the instructions are not as simple as the one you see.
There may be sums or subtractions of addresses, in this case you need to have a hex calculator and enter the value obtained from these calculations.
If everything has gone well, we will find a situation like this in the figure:
Note the address in paragraph (1) of the figure, compared to the other it is preceded by a P.
Moreover, the values (2) and (3) are equal, this will not change at least until the pointer.
To complete the tutorial step, we will need to click on the “Change pointer” button and within five seconds change the pointer value (2) to 5000.
By doing so we can proceed to the next step of the tutorial.
If you have found the guide useful, share the article and subscribe to my pages.
It costs you nothing, but for me it is an incentive to keep the blog updated.