Memory Hacking Software

by **trialusert** » Thu Jul 02, 2009 7:33 pm

I found a position address, which happened to be static:

Then I tried to change its value, and noticed that the previous value returned. So I ran a pointer search, and found the pointer with the closest offset. It was also a static pointer:

This was the complex address I built:

When I changed the value of that address, its previous value returned. Just like before.

What am I doing wrong...?

by **SpeedWing** » Thu Jul 02, 2009 9:03 pm

that pointer is wrong..

by **WhiteHat** » Thu Jul 02, 2009 9:19 pm

Most likely you’ve found the wrong coordinate (position) address...

Talk about your screen-shot, looks like yours were a static address:
"ET.exe"+0xFEF6D0 or 0x13EF6D0.

I can tell from what i’ve been through that the closest pointer is not
always the right one. Moreover, you’ve picked a far far address as
your complex address base: 0x7F040E7C, which most likely a
different module...

Don’t bother to make pointer path for an address unless you’re sure
the address is the working one. Otherwise it’ll be an unworthy effort.

Try to find the correct one for your coordinate, that is an address
with which if you freeze it then the player in-game won’t be able to
move..

CMIIW...

by **L. Spiro** » Thu Jul 02, 2009 9:45 pm

Addresses beginning with 0x7* are never useful.
This range is reserved for system modules. Ignore them, or modify your search range not to include them. They are worthless.

Your pointers are wrong.

L. Spiro

by **trialusert** » Thu Jul 02, 2009 10:02 pm

There's no 1 address that controls my position, only if I change all of those addresses together it changes.

I know my pointers are wrong, but how should I find the right pointers? Point me... =)

by **SpeedWing** » Thu Jul 02, 2009 10:32 pm

well if it changes when you lock them all, then just unlock some and try stuff out?

by **trialusert** » Thu Jul 02, 2009 10:56 pm

Why can't I just choose one address and find its pointer? Afterall there must be at least 1 pointer to all of those addresses.
Watch this video for example:
http://www.youtube.com/watch?v=o3690R8B4JM
Even if you find the address that holds the right value, you can't change it untill you find its pointer. How is this different from my case? Please help me out here, guide me so I can find what's needed

by **SpeedWing** » Thu Jul 02, 2009 11:34 pm

trial,

just try each address at the time and lock then. and look what happens.

by **WhiteHat** » Fri Jul 03, 2009 11:31 am

trialusert wrote:Why can't I just choose one address and find its pointer? Afterall there must be at least 1 pointer to all of those addresses.

You right about one address at least have one pointer path. Some addresses are multilayer deep and few are static. But you really don’t have to find pointer path of an address to modify its value. As long as it’s the right address (the working one), you can modify it directly via MHS table or MHS Hex Editor...

trialusert wrote:Even if you find the address that holds the right value, you can't change it untill you find its pointer. How is this different from my case? Please help me out here, guide me so I can find what's needed

That youtube video shows how to find pointer path for an address, which purpose in common is to beat DMA. It has nothing to do with value modification directly...

trialusert wrote:There's no 1 address that controls my position, only if I change all of those addresses together it changes.

There should be only one address valid among them which if you change it, then the rest also changed. It only matter of how to find this valid one...

Here is what i’ve always do to find one: (Suppose your found address are between 0x1108DD0C ~ 0x22299D98)
- I’ll lock address 0x1108DD0C ~ 0x11094130
- Get back to game and see if the player able to move
- If it cannot, then the valid address must be between those address i’ve locked previously.
- Repeat the step, this time i’ll lock about the first half of them: 0x1108DD0C ~ 0x11090C2C
- Back to game. Again see if the player able to move.
- If it still able to move, then my previous locked addresses are invalid. DELETE them from table.
- Repeat this filtering process, until there is one address left.
- If you do it right, you’ll find the real address that holds your position...

Mind you that this method may crash your PC. But still it’s worth to try unless you’re willing to test to Lock it one address at a time. Your choice...

One common tip to find player 3D coordinate:
Best choice is to find its vertical (perpendicular to ground) coordinate. Some say it is Y coordinate, the other say it is Z coordinate. The rest two coordinates are usually stored next to it (study it via Hex Editor)...

trialusert wrote:I know my pointers are wrong, but how should I find the right pointers? Point me... =)

There are some tutorials about pointer (Complex Address) in this forum.

by **trialusert** » Fri Jul 03, 2009 3:37 pm

Thank you SpeedWing and WhiteHat. I locked down the addresses till I found the right coordinate position, here it is:

I tried to search for its pointer, but there were just too many. Every search splits to more and more searches... Look what it found in the first search (all-nonstatic):

I can't attach the debugger because the game is protected. What should I do?

by **WhiteHat** » Fri Jul 03, 2009 8:13 pm

From your latest screen shot, I think your address is a static one: qagame_mp_x86.dll+0x2296B88, that is at Modify Address > Normal Address > Systematic Address > Simple, in Module + Offset part. A static address means that you don’t have to search for its pointer path..

In any case that we want to build pointer path but can’t attach debugger to target process, you can use Josese’s method explained in his tutorial here:
http://www.memoryhacking.com/forums/vie ... php?t=2592

Please keep in mind that it won’t always be easy...

Memory Hacking Software

[Help] Pointers again

[Help] Pointers again

Who is online