Raised This Month: $12 Target: $400
 3% 

finding adress by using cheat engine


Post New Thread Reply   
 
Thread Tools Display Modes
Author Message
javalia
Senior Member
Join Date: May 2009
Location: korea, republic of
Old 12-08-2011 , 13:30   finding adress by using cheat engine
Reply With Quote #1

i was started this work because of
http://forums.alliedmods.net/showthread.php?t=173650

anyway, when i finished my work, they already finished all the works done.

this tutorial uses cheat engine, so, install it(it is free to use)and
if u dont know how to use it,u can do few of tutorials that included on it.

and now, lets start the tutorial.

now we want to find where is the adress that saves reserved ammo of gun
when gun is dropped.

1.turn srcds on(we need to be on windows, cuz cheat engine is working on windows), connect and hook cheat engine to srcds.exe

2.than now, in game, spawn some weapon or get any weapon on ground.
it is enough if u already have some gun on hand.

3.now, in this case, i had glock on ma hand. and it`s reserved ammo was 120.
at this moment, by work of other scipter, i known dropped gun`s reserved ammo is not saved on any netprop/datamaps.
so, lets drop that glock.

4.and find exact 120 value that is in 4 byte format. from srcds.exe.
it will show us many memory adress that contains 120.

5.now, grab gun and reload it so changing it`s reserved ammo to 119.
throw it again and now do next search with condition of exact value 119.
at this moment, u will get 1 real adress and that is where the reserved ammo is saved. if u still get 2 or more adress, u just can do this step again.
i got adress 0AABD9EC.

6.absolute position of the adress will not help as to use it with SM.
so we need to get some relative position of the adress against some well known netprop/datamap. lets find m_iclip1 in this case.

7.by doing like step 1 to5 again, u will easily get m_iclip1`s adress. it was 0AABD92C on my case.

8. now lets do some math. if u r not good at hex, dont worry, we have many calculators for it. just subtract m_iclip1`s adress from reserved ammo`s adress . so sentence is 0AABD92C - 0AABD9EC

9. we got c0, and it is 192 in decimal.
now we can use this relative adress by this way
SetEntData(target, FindSendPropOffs("CWeaponCSBase", "m_iClip1") + 192, 4);
or like this
SetEntData(target, GetEntSendPropOffs(target, "m_iClip1") + 192, 24);
or like this
SetEntData(target, FindDataMapOffs(target, "m_iClip1") + 192, 48);
all the three way is working because m_iclip1 is datamap while it is a netprop.

h.m....bye.
__________________

Last edited by javalia; 12-08-2011 at 14:36.
javalia is offline
McFlurry
Veteran Member
Join Date: Mar 2010
Location: RemoveEdict(0);
Old 12-09-2011 , 15:10   Re: finding adress by using cheat engine
Reply With Quote #2

I'm pretty sure both client and server(or at least client) should be insecure if you don't want to be vac banned, also exit the cheat engine process when playing securely.
__________________

Last edited by McFlurry; 12-09-2011 at 15:11.
McFlurry is offline
Send a message via Skype™ to McFlurry
Peace-Maker
SourceMod Plugin Approver
Join Date: Aug 2008
Location: Germany
Old 12-09-2011 , 16:57   Re: finding adress by using cheat engine
Reply With Quote #3

You should always only use this on the server. No need to deactivate VAC, since the server is not tied to any account it could ban

Nice approach javalia!
__________________
Peace-Maker is offline
asherkin
SourceMod Developer
Join Date: Aug 2009
Location: OnGameFrame()
Old 12-09-2011 , 19:58   Re: finding adress by using cheat engine
Reply With Quote #4

FWIW, TSearch is a similar tool to Cheat Engine designed specifically for finding values like this.
It's no where near as powerful in respect to CE's other features, but it's a much simpler UI just for this.
__________________
asherkin is offline
GoD-Tony
Veteran Member
Join Date: Jul 2005
Old 04-13-2012 , 03:57   Re: finding adress by using cheat engine
Reply With Quote #5

I'm attempting to use this method to find out where the game stores its Team Scores.



These are the correct addresses, but using the hex math to get an offset gives huge differences. How can I find a closer (and valid) reference point?

From: https://forums.alliedmods.net/showthread.php?t=182290
__________________

Last edited by GoD-Tony; 04-13-2012 at 03:57.
GoD-Tony is offline
Silvers
SourceMod Plugin Approver
Join Date: Aug 2010
Location: SpaceX
Old 04-13-2012 , 04:02   Re: finding adress by using cheat engine
Reply With Quote #6

Quote:
Originally Posted by Peace-Maker View Post
You should always only use this on the server. No need to deactivate VAC, since the server is not tied to any account it could ban

Nice approach javalia!
Unless your server is locally installed, then I would recommend disabling VAC.

Are the memory addresses not DMA?

P.S. I prefer Art Money over Cheat Engine.
__________________

Last edited by Silvers; 04-13-2012 at 04:03.
Silvers is offline
GoD-Tony
Veteran Member
Join Date: Jul 2005
Old 04-13-2012 , 09:06   Re: finding adress by using cheat engine
Reply With Quote #7

Quote:
Originally Posted by GoD-Tony View Post
How can I find a closer (and valid) reference point?
I found that they are part of the gamerules class, and are found here:
Code:
CCSGameRulesProxy:
 Sub-Class Table (1 Deep): DT_CSGameRulesProxy
  Sub-Class Table (2 Deep): DT_GameRulesProxy
  Sub-Class Table (2 Deep): DT_CSGameRules
  -Member: m_bFreezePeriod (offset 580) (type integer) (bits 1)
  -Member: m_iRoundTime (offset 584) (type integer) (bits 16)
  -Member: m_fRoundStartTime (offset 588) (type float) (bits 0)
  -Member: m_flGameStartTime (offset 592) (type float) (bits 0)
  -Member: m_iHostagesRemaining (offset 596) (type integer) (bits 4)
  -Member: m_bMapHasBombTarget (offset 600) (type integer) (bits 1)
  -Member: m_bMapHasRescueZone (offset 601) (type integer) (bits 1)
  -Member: m_bLogoMap (offset 602) (type integer) (bits 1)
  -Member: m_bBlackMarket (offset 603) (type integer) (bits 1)
Code:
m_iNumCTWins | offset 632 | m_iHostagesRemaining + 36
m_iNumTWins | offset 634 | m_iHostagesRemaining + 38
I think this information is correct. Is it possible to read/write to an arbitrary offset inside gamerules?
__________________

Last edited by GoD-Tony; 04-13-2012 at 09:11.
GoD-Tony is offline
Powerlord
AlliedModders Donor
Join Date: Jun 2008
Location: Seduce Me!
Old 04-13-2012 , 10:33   Re: finding adress by using cheat engine
Reply With Quote #8

Quote:
Originally Posted by GoD-Tony View Post
I found that they are part of the gamerules class, and are found here:
Code:
CCSGameRulesProxy:
 Sub-Class Table (1 Deep): DT_CSGameRulesProxy
  Sub-Class Table (2 Deep): DT_GameRulesProxy
  Sub-Class Table (2 Deep): DT_CSGameRules
  -Member: m_bFreezePeriod (offset 580) (type integer) (bits 1)
  -Member: m_iRoundTime (offset 584) (type integer) (bits 16)
  -Member: m_fRoundStartTime (offset 588) (type float) (bits 0)
  -Member: m_flGameStartTime (offset 592) (type float) (bits 0)
  -Member: m_iHostagesRemaining (offset 596) (type integer) (bits 4)
  -Member: m_bMapHasBombTarget (offset 600) (type integer) (bits 1)
  -Member: m_bMapHasRescueZone (offset 601) (type integer) (bits 1)
  -Member: m_bLogoMap (offset 602) (type integer) (bits 1)
  -Member: m_bBlackMarket (offset 603) (type integer) (bits 1)
Code:
m_iNumCTWins | offset 632 | m_iHostagesRemaining + 36
m_iNumTWins | offset 634 | m_iHostagesRemaining + 38
I think this information is correct. Is it possible to read/write to an arbitrary offset inside gamerules?
sm_dump_datamaps blah.txt will dump a file (blah.txt) with all the current entities on the server. I assume this includes a cs_gamerules entity for the CCSGameRulesProxy class, much like TF2 has tf_gamerules entity for the CTFGameRulesProxy class.

Presumably, you can use FindEntityByClassname and SetEntProp / GetEntProp to manipulate the team scores through it directly.

Interestingly, I can't find properties in the CTFGameRulesProxy class to read the current team scores, despite having inputs to add to them.
__________________
Not currently working on SourceMod plugin development.

Last edited by Powerlord; 04-13-2012 at 10:40.
Powerlord is offline
napalm00
Veteran Member
Join Date: Jun 2011
Location: Italy, sadly
Old 04-13-2012 , 10:37   Re: finding adress by using cheat engine
Reply With Quote #9

Quote:
Originally Posted by Powerlord View Post
sm_datamaps_dump
Maybe you meant sm_dump_datamaps
__________________
napalm00 is offline
Powerlord
AlliedModders Donor
Join Date: Jun 2008
Location: Seduce Me!
Old 04-13-2012 , 10:57   Re: finding adress by using cheat engine
Reply With Quote #10

Quote:
Originally Posted by napalm00 View Post
Maybe you meant sm_dump_datamaps
Yeah, I eventually fixed it even before I saw your reply.
__________________
Not currently working on SourceMod plugin development.
Powerlord is offline
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 08:12.


Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode