From Cheat Engine
Revision as of 08:15, 1 October 2009 by Dark Byte (talk | contribs)
Jump to navigation Jump to search

Initial Research

So far, I cannot tell how in the heck you are supposed to find the money value. At first, I was able to find it by searching in the Text area, but now it is nowhere to be found. If anyone has any input on hacking SimTower, it would be great if you added.

Just added: Windows runs SimTower through NTVDM, which is a "16-bit Virtual Machine", since SimTower was originally designed for Windows 95. NTVDM could be screwing with the memory addresses.

Because it is running in the 16 bit virtual machine ntvdm the memory range to scan must be set to all (00000000-ffffffff) since the paging in ntvdm is memory mapped to simulate a real dos environment

Big find

I was able to find 8 different values that all either changed with the money changed, or didn't when the money didn't. Here's what they look like:

Memory Address Value Type Value
02CCE4AB 8 Bytes 4899916395183079435
02CCE4AB Double 3.68934930952215E19
02CCE4AC 8 Bytes 91197892456611840
02CCE4AC Double 1.45822440452241E-302
02CCE4AD 8 Bytes 356241767408640
02CCE4AD Double 1.76006818890377E-309
02CCE4AE 8 Bytes 1391569403940
02CCE4AE Double 6.87526636290535E-312

This equals an array of byte starting from address 02CCE4AB : 0B 00 00 24 00 00 00 44 01 00 00
Assuming it is a 16-bit game and the memory addresses ARE aligned on 2 byte boundaries this means: 0 - 36 - 0 - 324 (or 17409) - 0

I'm sure most of you can see the first correlation. There are groups of two of the same memory addresses, each with an 8 Byte value and a Double value. As the memory addresses increase, the 8 byte value drops by two digits. Other correlations, or how this relates to my original money value, (which is 2066500) I cannot see. If there is some master code cracker out there, your help is still appreciated.

And I just noticed that decreasing my original money value by 40,000 has somehow increased all of these values by a lot, generally increasing the number in their highest placeholder by one, while the other placeholders changed too.