![]() ![]() There should be far less than before, but the number itself tends to vary greatly. CE should now show everything that was 5 last scan, and is now 120 this time around. Now we should have 120 points, so we scan for that value. We'll have to keep scanning.Īn expensive 115-point M1A1 Abrams gets destroyed instantly from infantry anti-armor weapons. If it was something like 85, there might be less, but oh well. There's a lot, but a lot less than there are 0's. Now we start a scan for a 4 byte value of 5. Because of this, we'll find player 2's kills first. So we wait until the first kill.įirst blood is drawn by the second player when a 5-point APC gets blown up by a tank. ![]() However, scanning for 0's takes forever since there is probably a ton of 0's in memory. It is likely that the kills variable starts at 0, because nobody has gotten a kill yet. Also, this is also a 32-bit game, so the pointers should also be 32-bit. It's also unlikely that the developers would try to save 3 bytes worth of memory, so it's likely that it's a 32-bit integer. However, since it always shows up as a positive integer at the end of the game, it can be assumed that it's an integer. We don't exactly know what type of data the "kills" variable is. So we've got the game running, a replay loaded, and Cheat Engine (henceforth referred to as CE) or whatever running and attached to the game. As far as I'm concerned, there's no point to reinventing the wheel when the wheel is perfectly suitable. However, it's perfectly suited to finding the location in memory of variables, unsurprisingly. Personally, I've always avoided using Cheat Engine because it has a reputation for being used by script kiddies. The first order of business is to find the location in memory of the relevant variables. 0x prefix is used to designate a hexadecimal number.esi, eax, ecx, etc: Different registers.address: A specific location in memory.Each variable has a unchanging offset in memory from the base address of the struct. struct: A composite data type where multiple variables are grouped together in a contiguous block of memory.pointer: A variable whose value is a memory address of another variable (even another pointer).Some vocabulary for those with less familiarity with software: ![]() Even if the variable is dynamically allocated, pretty much everything can be traced back to a statically allocated piece of data. We know the data is there- we just have to find it. This is a fairly simple task, but on a real piece of software, so some may find it interesting. The general gist of it is to find the location in memory where the variable that tallies up kills is stored, then make a program that reads the relevant data from that place in memory. Experts in reverse engineering will probably be bored or have a lot of things to nitpick about, so this is more geared towards those who are vaguely familiar with the internal workings of software and want to see how something like this is made. This post will be about how I created this tool, for those who may be interested. Maybe that's fair during a game, but it would be interesting to see during a replay. The thing with this gamemode is that it does not show players how many points worth of enemy units they have killed. Whoever reaches the limit first or has the most at the end of the game wins. In this Real-Time Strategy game there is a gamemode called Conquest where the player captures sectors and accumulates victory points. Wargame: Red Dragon Destruction Points Display
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |