Jump to content
Sign in to follow this  
Bunta

Using Offsets

Recommended Posts

I have the latest version (8.10.2) of GG but I think I must be missing something in it.

There is a lot of functionality for finding offsets between two addresses by using either the "Caluculate Offset" or "Offset Calculator" functions.

I was expecting though that there would be a way to apply an offset against a list of saved values but I can't seem to find a way to do that.

 

Since there is no way to do pointer searches in the app, the next logical way of keeping a list of addresses useable for a game would be to apply a global offset to all the saved values.

Is this possible or does this functionality not exist in the program?

 

If it doesn't exist then I'd like to raise a feature request for the below functions:

1) Ability to calculate offset between a saved value and a searched value

2) Ability to apply an offset to all saved values to change all their addresses at once

3) Ability to select a saved address and searched address and apply the offset between them to all saved addresses (This would combine the function of both the above two options)

 

The idea here is that even though the memory addresses change each time a game is started the position of the values is generally always relative. If I have searched and found a large number of values and saved them for a game I would want to be able to load those values the next time I start the game and apply an offset to all of them to correct their position to the right memory region.

 

Preferably, the most ideal process would be as follows:

1) Find memory values you want to edit and freeze

2) Save those values to a list for that game

3) Next time you play the game you load the list of saved memory addresses (that no longer point to the right location)

4) Perform a search and find the location of one of the saved memory addresses

5) Select the saved value and search result that matches and choose an option in the app to apply the offset between those values to all addresses in the saved list

 

The option I indicate in the last step is the function we need as an alternative to having the ability to search for memory pointers.

If that is too hard, having at least an option to apply an offset to the saved list manually would be terrific!

 

Edited by Bunta

Share this post


Link to post
Share on other sites

Long press value. 

Offset Calculator

Enter the offset distance in blank space (or paste if copied). 

Click goto.

 

Share this post


Link to post
Share on other sites
1 hour ago, NoFear said:

Long press value. 

Offset Calculator

Enter the offset distance in blank space (or paste if copied). 

Click goto.

 

 

Yes, I figured out how I can manually add values one at a time using the calculator but thats a real pain in the ass when you have a long list of saved values to update (and then remove the old values etc). I'm looking for a way to apply that offset to all saved values at once.

Share this post


Link to post
Share on other sites

We have some plans about this and similar features and some magic behind it. Once we implement this.

 

About pointer search - you can copy address value and search them. Rhis is be pointer search.

Share this post


Link to post
Share on other sites
52 minutes ago, Enyby said:

We have some plans about this and similar features and some magic behind it. Once we implement this.

 

About pointer search - you can copy address value and search them. Rhis is be pointer search.

 

I thought I read a reply from you in another thread that said pointers are basically unuseable on android?

Does that work properly with GG?

Share this post


Link to post
Share on other sites

@Bunta Depends of memory structure of game and what is pointer you search.

See picture:

scr_1476572000.png

If you search direct pointer without any offset it easy. But in most cases exists some unknown offset and you can not find pointer.

 

If you want find chain of pointers from base to Gold3 it is very hard.

If you want find Gold1 it is more easy and so on.

Even if you need Gold2 then very hard because you need find offset4 for search pointer to Player object.

Share this post


Link to post
Share on other sites
3 hours ago, Enyby said:

We have some plans about this and similar features and some magic behind it. Once we implement this.

 

About pointer search - you can copy address value and search them. Rhis is be pointer search.

 

I thought I read a reply from you in another thread that said pointers are basically unuseable on android?

Does that work pro

1 hour ago, Enyby said:

@Bunta Depends of memory structure of game and what is pointer you search.

 

If you search direct pointer without any offset it easy. But in most cases exists some unknown offset and you can not find pointer.

 

If you want find chain of pointers from base to Gold3 it is very hard.

If you want find Gold1 it is more easy and so on.

Even if you need Gold2 then very hard because you need find offset4 for search pointer to Player object.

 

Yea, not very easy with current GG.

It would need a way to dump pointer tables like cheatengine does to be able to narrow down the results.

Share this post


Link to post
Share on other sites

@Bunta It does not matter with GG or not. No pointer table exists. if app need pointer to something it can be stored in any place: stack, heap, global scope like data or bss.

You can not know what is that pointer or int with big number. It is only bytes in memory.

 

And this happens everywhere not only in Android. On Windows too.

Share this post


Link to post
Share on other sites

What I meant was saving the memory values that could potentially be pointers to the value you are after as a "pointer table" the way CE does.

You specify a maximum offset and maximum count of pointers and then search through memory to find all locations that could potentially be pointers to all offsets within that range and save them to a file. Then restart the game and search through those memory addresses from the file to see if they still point to the same data value.

 

Regardless, without that functionality, I would be happy with the ability to apply an offset to a group of saved values for now.

Edited by Bunta

Share this post


Link to post
Share on other sites

Arm arch work in different way from x86. On x86 your method can get some results. On arm it get more worsed results because in most cases offset included inside code.

But you can search in this way currently.

Just use range search for desired address. For example if address 12345678 and max offset is 200 then you need search 12345478~12345678. All of found items can be pointers.

Share this post


Link to post
Share on other sites

@Bunta CE doesn't find a pointer table as it makes one itself using debugging and organizing techniques, and pointers aren't entirely the same in Android as it is in Windows,  possible but bleh.But I know it would be so useful but that's asking a lot from the dev team as well. (maybe in the future as @Enyby mentioned magic) 

 

But I agree, range searching helps with finding certain things, if you're looking for a more permanent way for your hacks look into byte signatures and reversing Android so you can make a mod, or .so injection (;

Share this post


Link to post
Share on other sites

@3113 Yea, I've made mods by editing libgame.so before but sometimes I just want to use memory edits... would just be nice to be able to do that without searching for the value each time :)

Share this post


Link to post
Share on other sites

Similar to what Enyby mentioned, I look for nearby values that are always same and search for that with hopes of it having only 1 result.  If not, then a union search of a few that are unique. Then begin the offset from one of them. 

Still time consuming but works. 

Share this post


Link to post
Share on other sites
21 minutes ago, Bunta said:

@3113 Yea, I've made mods by editing libgame.so before but sometimes I just want to use memory edits... would just be nice to be able to do that without searching for the value each time :)

 

Have you tried going old school and searching the address that holds the value as the value than using the offset calculator?

Other than that sig scanning would be your best bet for now. I'm hoping the devs (crossing my fingers) might throw in an external scripting framework that may incorporate that kind of feature ^^ 

 

3 minutes ago, NoFear said:

Similar to what Enyby mentioned, I look for nearby values that are always same and search for that with hopes of it having only 1 result.  If not, then a union search of a few that are unique. Then begin the offset from one of them. 

Still time consuming but works. 

 

This has always worked pretty well for me on the go (:

Share this post


Link to post
Share on other sites
28 minutes ago, 3113 said:

 

Have you tried going old school and searching the address that holds the value as the value than using the offset calculator?

Other than that sig scanning would be your best bet for now. I'm hoping the devs (crossing my fingers) might throw in an external scripting framework that may incorporate that kind of feature ^^ 

 

 

This has always worked pretty well for me on the go (:

 

@3113 By sig scanning, do you mean what @NoFear mentioned about looking for nearby values that are always the same? ie a signature of bytes that don't change?

Edited by Bunta

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Similar Content

    • By Un_Known
      I found a value in Game located at  libgame.so + 0x8AE13.
      But when I would open lib in IDA what should be base address to which I have to add this offset to find that value?
      would it be 0000000 OR something else
    • By Rastakiwi
      Name of Game: Blade Crafter
      Game Version: 2.10
      Name of Cheat: money and gems
      Search type: Dword (group search)
       
      Video:
       
      More details in the youtube video description. Take care when changing gems value (game is protected). Also I apologize for the bad quality.
      Ask if you want to know something, I'll try to help ;).
    • By RogerAngell2018
      Great job with your new feature `record script` devs. It would be awesome if you guys make it to recognize offset. It is great feature to auto because sometimes the value we need to chage is not a constant but nearby values is. @Enyby@d2dyno
    • By Scrayil
      Hello everyone,
      This is the situation: i would like to find a particular value that is encrypted.
      There is actually no way to find out the encryption method.
      8 is equal to 167117 and 43 is equal to 818796
      I can easily find the value using fuzzy search, but it requires too much time.
      The address is not static, and i can't even search for a part of it.
      Group search is not possible, because near values are different between devices.
      I tried using pointer scan, but there are no pointers for it.
      is there something else i can try?
      I would like to create a script for it.
      Is there anyone who can help me?
      thank you in advance!
       
    • By antip0is0n
      idk how to find a base pointer in Gameguardian please help
×
×
  • Create New...