AntiWPA Forum / Community Grounds / Reverse Engineering v / Decompiling CheatEngineFiles & GamesTrainers

Post Reply 
 
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Decompiling CheatEngineFiles & GamesTrainers
11-14-2012, 07:19 AM (This post was last modified: 11-18-2012 02:23 AM by punjab5.)
Post: #7
punjab5 Offline
Junior Member
**
 		Posts: 3
Joined: Nov 2012
Reputation: 0
RE: Decompiling CheatEngineFiles & GamesTrainers
@cw2k Can u please decompile this one with screen shots of steps then i will be able to decomple myself http://rghost.net/41559179

(11-07-2012 08:18 PM)cw2k Wrote:  Trainer are often written in asm or C.
These are zero terminate strings so it's not delphi...

maybe follow the references around ' drunk drive' like unk_100034d8.

However the API to write changes to another process is Kernel32.WriteProcessMemory find it in the Trainer and explorer what's happening around.

Or load it in Ollydebug set a breakpoint there (Ctrl+N -> WriteProcessMemory,...)
Maybe work with log-breakpoints however takes some time and is annoy to set them and write in cryptic Expression like [[esp+8]] to just get on fancy argument - and do it again to log an other.

Dumpers - well I use pretty old LordPE and somethings the little hidden dumper inside Import REConstructor(RC/advCmd/Select Code Section->Fulldump) or when in Olly the plugin Ollydump
Find all posts by this user
Quote this message in a reply
Post Reply 


Messages In This Thread
RE: Decompiling CheatEngineFiles & GamesTrainers - punjab5 - 11-14-2012 07:19 AM

Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us | Homepage | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication