I'm using CE to find the pointer signature. But sometimes I'm unable to retrieve the pointer offsets.
With the pointer base address I don't have a problem, I can easily retrieve it.
The problem is that I can't use the debugger of CE fully, the game got patched and inside the main EXE file was placed an anti-cheat(Anti-debugger actually) thingy. When attaching the debugger the game closes immediately. I tinkered with the debugger setting and I managed to make the debugger work with an old mehod of it. So I can use it to only find the end offset sometimes. That's because when I try and use "Find out what access this pointer" the game crashes(There are certain addresses that do this, I guess they are the ones that the game uses a lot).
Anyway, when I try to see the offset through the assembly code, I see it comes from ebp, reading on the internet what it is I found that it is the content that is passed to the one of the perameter of the function. I think it was (ebp-4) or (ebp-8) not sure though.
So what to do?
When I use the CE scan feature for pointers the offset changes every patch.
Last edited by Jabberwock; 08-29-2012 at 12:01 PM.
Even familiar landscapes will
reveal a different kind of beauty
if you change your viewpoint.
Where these new encounters
and new bonds will lead you...
Such dazzling golden days.
I, too, look forward to
what I might behold.