|(11 intermediate revisions by 3 users not shown)|
Initial Research== |+|
| || |
|−|So far, I cannot tell how in the heck you are supposed to find the money value. At first, I was able to find it by searching in the Text area, but now it is nowhere to be found. If anyone has any input on hacking SimTower, it would be great if you added. |+|
to the . to the on
| || |
|−|Just added: Windows runs SimTower through NTVDM, which is a "16- bit Virtual Machine", since SimTower was originally designed for Windows 95. NTVDM could be screwing with the memory addresses. |+|
is -.the .
| || |
|−|Because it is running in the 16 bit virtual machine ntvdm the memory range to scan should be set to all (00000000 -ffffffff) |+|
the range to scan to all (00000000 )
Latest revision as of 08:20, 5 October 2009
Simtower is a 16-bit game designed for windows 3.1
This causes 32-bit versions of windows to run it inside a virtual 8086 mode. In NT-Based OS'es this is the ntvdm.exe process. Because 64-bit versions of windows don't have a similar emulation layer the only way to run this game on there is through the use of virtual machines like vmware and install a 32-bit os on there
To cheat in simtower with Cheat Engine the first thing you have to do is go to settings->scan setting and tick the MEM_MAPPED box. (Probably because the image of the loaded .exe is mapped inside the virtual machine instead of actually loaded there, but not 100% sure. Correct if wrong)
Also, you have to set the range to scan to all (00000000 to FFFFFFFF)
Money is stored divided by 100. So if you have 175000 money, it is stored in memory as 1750
For scanning you can just use a 4 byte scan, but make sure that fastscan is off. The game aligns memory on a 2 byte boundary instead of 4 byte.
Population is also stored as a 4 byte value, but there's nothing special about it. 100=100 (just don't do fastscan)
Memory address changes whenever the program is started up. Only memory address that writes to the money value is FFFFFFFF with an add[eax],al operation. The value of the EAX address seems unrelated to anything though.