Creating a cheat table - Player Base

From Cheat Engine
Revision as of 16:55, 30 December 2017 by TheyCallMeTim13 (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

This page is a sub page of: Creating a cheat table - Full guide

So now after a restart this is my table, I'm using a script to quickly find the coordinates base.


Step 1[edit]

Let's scan for the base address.


On the first scan I got a static address but then I move around in game just to see if I can get any values to change.


Now I find it's best to save as much information as possible, so in a text file save the debugger outputs.

Here is the code of the first level's instruction.

Dishonored.AK::SoundEngine::StartOutputCapture+2040C8 - F3 0F5C 8E C8000000   - subss xmm1,[esi+000000C8]
Dishonored.AK::SoundEngine::StartOutputCapture+2040D0 - F3 0F10 83 C4000000   - movss xmm0,[ebx+000000C4]  <<<<
Dishonored.AK::SoundEngine::StartOutputCapture+2040D8 - F3 0F5C 86 C4000000   - subss xmm0,[esi+000000C4]
Dishonored.AK::SoundEngine::StartOutputCapture+2040E0 - 0F28 DA               - movaps xmm3,xmm2

Here is the debugger output for the 2nd level.

0056A09B - 0B C2  - or eax,edx
0056A09D - 75 22 - jne Dishonored.AK::MemoryMgr::GetPoolName+917B1
0056A09F - 8B 41 24  - mov eax,[ecx+24]  <<<<
0056A0A2 - 8B 49 48  - mov ecx,[ecx+48]
0056A0A5 - 3B C8  - cmp ecx,eax


I managed to find a static address with the first try, all i can do is set it up and keep an eye on it to see if it keeps working.

So let's setup our pointer we found, it only has one offset of +24.

X Coord.
Z Coord.
Y Coord.

Then at this point I will restart the game a few times and see if it still works.

Step 2[edit]

So after some restarts my pointer is still good.


But this may not be the real player base the only way to know is to find more values and connect then as best we can, and we can also use the dissect data structure tool (in the memory view form press Ctrl+D.


I prefer to do some basic checking with the dissect data structure tool, but count on finding other values and connecting them to the base address.

You could also use the pointer scanner for a base address, if you keep hitting dead ends, but these my only point to dead ends and have no results after a few rescans.

So now let's find the player health: Finding the player health