-1

I'm trying to find the memory address of XYZ so that I can use it on CE to create Teleport script I have found the movement function "movementX" and "movementY" by using Ollydbg I would guess that I could use Ollydbg somehow to find this function or memory address but I'm unsure of where to start and I usually just use cheatengine to find all of my values.

https://i.stack.imgur.com/qiyib.png

Dhia Ben Mansour
  • 1
  • 2

2 Answers2

0

The "movementX" in the screenshot is a string value not a function.If you want to find the movement functions try:

  1. Finding the position variables first with a memory scanner (e.g cheat engine).
  2. Attaching a debugger to that variable to find out what lines of code are accessing that variable (cheat engine has a built-in debugger for that).
  3. One of the address of code you find will probably be in the movement function you are looking for, that address will probably change everytime you restart the game so make sure to note its offset (Address-BaseAddress) somewhere so that you could debug or disassemble it.
KiKoS
  • 428
  • 1
  • 7
  • 18
0

OllyDBG is not required to find the coordinates, in fact Cheat Engine is a better tool for finding variables in almost every case.

So start in Cheat Engine:

  1. Start by looking for Z
  2. Stand somewhere on a hill, stairs or near a ladder
  3. Scan for a float value using "unknown initial value"
  4. Go Up, scan for increased
  5. Go Down, scan for decreased
  6. Repeat this again and again until you have less than 50 results

Once you have reduced your scan to less than 50 results:

  • Keep re-scanning until the number of results does not change
  • Now add them all to your cheat table

Your "correct" position address SHOULD be writable.

Select all the addresses in your Cheat Table. Try changing all variables at once to a value within that is plus or minus 5.0f. If your position has changed then the address is in your table. Now to find the correct address, use the divide and conquer method. Select half of the addresses, change them. If your view doesn't change, delete this half. If your view does change, delete the un-selected half. You will eventually only had one correct pitch address. Check the X and Y and make sure they also change when you move around.

You now have your writable position address. Your local writable position and the coordinates of your character which are sent to all the other players on the server, are not necessarily the same address. Sometimes they use different structures for networking and local information.

Once you have the correct address, right click and do "Find what writes" and this will list all instructions which modify your coordinates. These instructions will be inside of "movement" functions. Using "find what writes" is the same thing as setting a write breakpoint in any other debugger just without the fancy output that CE provides.

Also I would recommend checking out x64dbg which is superior in almost every way to ollydbg.

GuidedHacking
  • 3,628
  • 1
  • 9
  • 59