It seems there are 30 different addresses accessing this instruction, 10 of them are continious updates while the other 20 only update when the player is damaged or hit. I decided to check what addresses are accessed by the shared instruction 09CEBF2F. Putting the addresses into the data dissecter does not help me out much. Not really sure where it's getting the data and what the data is. Here is the disassembler for the address that is hared amongst the 10 health addresses.īack-tracing the assembly a bit, I get lost at the 'mov rax, ' at 09CEBEE0 instruction after the two jumps. When I see what writes to these addresses it seems to be a one shared instruction from the same address.Īlthough the one address that actually freezes the health is being accessed by three. it's not always the first / third one / last one / etc).Ĭhecking 'What Accesses This Address' on all 10 found health addresses I find that they're all being accessed by the same instruction in memory.
In the list of 10 addresses that come up for health(I.E. Unfortuantely it is not always in the same spot Through ticking them all and unticking them one by one I am able to find the single address that actually freezes the value. Unfreezing it makes the player take damage again, so that's good. When I freeze the values, it seems that my health goes down but instantly goes back to the frozen value. Looking through the value's I select 10 addresses that look good and are sitting close together in a block. until I get the list down to about 63 results found. I start by trying to find the player's health by doing an 'Unknown Initial Value' scan with the value type of Float, taking damage, 'Decreased Value' scan, 'Unchanged Value' scan, repeat. I am trying to find the player base address. Posted: Sun 2:00 pm Post subject: Finding Base Address - Paint The Town Red