Jump to content
  • 0

Can a group search be done for encrypted value or any other way to speed up the process?


Question

Posted (edited)

Hello,

The value I need is encrypted.  So I perform a search on the exact value and I check the "value is encrypted" option. Then I do the usual decrease, refine....etc until I find the correct value. I know it's encrypted because if I don't use the "value is encrypted" option I can't find it.  My question is, how can I speed up or automate the process? Normally for a non-encrypted value I would perform a group search and then create a script and done. But unfortunately in this case the value is encrypted and once I type in my group search the "value is encrypted option" disappears. And no matter what I use for a group search does not find the value. So when I close and reopen the game I am forced to repeat the whole search then decrease then refine process every time which is time consuming. Any trick to speed up or automate this situation?  Thank you very much

Edited by Sami1982

Recommended Posts

  • 0
Posted
2 minutes ago, nok1a said:

Thanks for the vote but that's more about status. Account status not that relevant but perhaps it can work as a backbone regarding the reliability of the information provided and as well the individual his contribution in the forum. Positive votes always better then negative ones to.

Aside from that most important to me is that the information shared is done good enough in a way that the person communicating to understands it. And of course to use the knowledge obtained for himself and improve so the person becomes a even better person.

Understood my friend.  One question regarding the emulator, what emulator are you using?  Is i Bluestacks? I am using 2 phones but I'd like to try an android emulator on PC. When I installed the modded apk using Bluestacks and tried to launch it, i got a message saying "Download failed because the user is not signed in".  I figured maybe Bluestacks doesn't support modded apks? How did you get it installed on the emulator?

  • 0
Posted (edited)

But i also think that regarding voting it's more efficient to use it as accordingly as possible. Like for example i don't think you have to upvote every comment because you received a solution or want to show gratitude (of course it's appreciated), personally i believe only the solution should be upvoted or liked or answers that answer questions. Multiple answers can answer multiple questions so each of it should receive a vote if all those answers are well detailed enough in a way that the other person understands. (personal opinion)

Edited by nok1a
  • 0
Posted
4 minutes ago, nok1a said:

But i also think that regarding voting it's more efficient to use it as accordingly as possible. Like for example i don't think you have to upvote every comment because you received a solution or want to show gratitude (of course it's appreciated), personally i believe only the solution should be upvoted or liked or answers that answer questions. Multiple answers can answer multiple questions so each of it should receive a vote if all those answers are well detailed enough in a way that the other person understands. (personal opinion)

Yeah that makes sense👍

  • 0
Posted
8 minutes ago, Sami1982 said:

what emulator are you using?  Is i Bluestacks?

LDPlayer

8 minutes ago, Sami1982 said:

When I installed the modded apk using Bluestacks and tried to launch it, i got a message saying "Download failed because the user is not signed in".

Make sure you deleted any installed dead trigger 2 versions from the emulator using the uninstall option in the play store.

Sign in to the play store with your google account. Then create new folder in 0/android/obb/

name folder: com.madfingergames.deadtrigger2 and then store the .obb file (main.15020074.com.madfingergames.deadtrigger2.obb) from the modded apk in it.

Should resolve the issue.

  • 0
Posted
2 minutes ago, nok1a said:

LDPlayer

Make sure you deleted any installed dead trigger 2 versions from the emulator using the uninstall option in the play store.

Sign in to the play store with your google account. Then create new folder in 0/android/obb/

name folder: com.madfingergames.deadtrigger2 and then store the .obb file (main.15020074.com.madfingergames.deadtrigger2.obb) from the modded apk in it.

Should resolve the issue.

I'll do that. Much obliged 👍

  • 0
Posted (edited)
9 hours ago, nok1a said:

Thanks for the vote but that's more about status. Account status not that relevant but perhaps it can work as a backbone regarding the reliability of the information provided and as well the individual his contribution in the forum. Positive votes always better then negative ones to.

Aside from that most important to me is that the information shared is done good enough in a way that the person communicating to understands it. And of course to use the knowledge obtained for himself and improve so the person becomes a even better person.

Sorry I have another question.  When you added 4 bytes, then subtracted 4 bytes then added 4 bytes again, is all of this because the health value was 4 bytes below the closest/final pointer?  So if my health value is 12 bytes above the closest/final pointer then essentially I should reverse what you did? So in other words I should subtract 12 bytes then add 12 bytes then subtract 12 bytes?  When I did this it didn't work.

Edited by Sami1982
  • 0
Posted
1 hour ago, Sami1982 said:

Sorry I have another question.  When you added 4 bytes, then subtracted 4 bytes then added 4 bytes again, is all of this because the health value was 4 bytes below the closest/final pointer?  So if my health value is 12 bytes above the closest/final pointer then essentially I should reverse what you did? So in other words I should subtract 12 bytes then add 12 bytes then subtract 12 bytes?  When I did this it didn't work.

Indeed, just make sure that your using hex and not decimal. 12 bytes = 0xC

  • 0
Posted (edited)
53 minutes ago, nok1a said:

Indeed, just make sure that your using hex and not decimal. 12 bytes = 0xC

Okay. I apologize if I am being a pain but I'm still trying to grasp this thing and pull all the pieces together to make sense of it. Now when I run your script and get the health value, shouldn't I theoretically be able to go to the nearest pointer, which is 4 bytes above your health value and click "go to pointer" and find that block that you used for your group search? I mean since they are static they should appear on my device too just like they did on your 2 devices, right? Well I went up and down the list and I didn't find that block of numbers.   

But regardless, going off of your health value, I found the same distance pointer (nearest one that has the same static block of numbers on 2 devices) and I got the group search and it works fine, then I refine this number: 1,900,544 and get 55 results. This is all fine. But when I run the script (used yours as a template for my values) I find no pointers.

If you're curious why I am refining to this number (1,900,544) please check the attached video

 

Here's he script (based it on yours but with my numbers):

gg.setRanges(gg.REGION_ANONYMOUS | gg.REGION_C_BSS | gg.REGION_C_ALLOC)
gg.searchNumber("17A;1,075,642,368A;1,900,544A;1,310,728A;589,828A;1,703,957A;1,703,969A;1,376,289A;1,920A;469,762,048A::185", gg.TYPE_DWORD)
gg.refineNumber("1,900,544", gg.TYPE_DWORD)
print("Group search: ", gg.getResultsCount())
local grp = gg.getResults(1)
gg.loadResults({{address = grp[1].address - 0xc, flags = gg.TYPE_DWORD}})
gg.searchPointer(0)
print("First Pointer search: ", gg.getResultsCount())
gg.searchPointer(0)
print("Second Pointer search: ", gg.getResultsCount())
local t = gg.getResults(gg.getResultsCount())
local sensitivity = {}
for i, v in ipairs(t) do
  sensitivity[i] = {address = v.address + 0xc, flags = gg.TYPE_FLOAT}
end
sensitivity = gg.getValues(sensitivity)
local healthPointer = {}
for i = 1, #sensitivity do
  if sensitivity[i].value == "1.0" then
    healthPointer[i] = {address = t[i].address, flags = gg.TYPE_DWORD}
  end
end
gg.loadResults(healthPointer)
print("Results healthPointer: ", gg.getResultsCount())
gg.searchPointer(0)
print("Third Pointer search: ", gg.getResultsCount())
local res = gg.getResults(1)
local health = {[1] = {address = res[1].address - 0xc, flags = gg.TYPE_FLOAT, name = "Health"}}
gg.addListItems(health)
gg.loadResults(health)
 

 

Any ideas?

 

EDIT:

I first accidentally pasted the script with 0x12 for the 12 bytes, but I definitely tried it with 0xc (hex) and it still gave me no pointers

Edited by Sami1982
corrected the 12 bytes from 0x12 to 0xc (in hex)
  • 0
Posted (edited)
38 minutes ago, Sami1982 said:
gg.setRanges(gg.REGION_ANONYMOUS | gg.REGION_C_BSS | gg.REGION_C_ALLOC)
gg.searchNumber("17A;1,075,642,368A;1,900,544A;1,310,728A;589,828A;1,703,957A;1,703,969A;1,376,289A;1,920A;469,762,048A::185", gg.TYPE_DWORD)
gg.refineNumber("1,900,544", gg.TYPE_DWORD)
print("Group search: ", gg.getResultsCount())
local grp = gg.getResults(1)

Perhaps use the code snippet option when adding code in your post for readability.

The script only performs pointer search on 1 address. You have more then 50 results left after refining and probably the first result in the result list is not the right address...but sure the right address is in there

. Although it's better to have your group search as accurate as possible to prevent any kind of issues later on. Use

local grp = gg.getResults(gg.getResultsCount())

so that all results are selected. Then

gg.searchPointer(0)

will perform pointer search on all the addresses in the result list instead of 1.

 

 

Edited by nok1a
  • 0
Posted
gg.loadResults({{address = grp[1].address - 0xc, flags = gg.TYPE_DWORD}})
gg.searchPointer(0)
print("First Pointer search: ", gg.getResultsCount())

You also will need to change this gg.loadresults() since it only subs 0xC to one address in the result list. But you want it to happen to all the addresses in the result list before you load their new addresses in the result list. So use loop.

For example:

for i, v in ipairs(grp) do
  v.address = v.address - 0xC
  v.flags = gg.TYPE_DWORD
  end
gg.loadResults(grp)
gg.searchPointer(0)
print("First Pointer search: ", gg.getResultsCount())
gg.searchPointer(0)
print("First Pointer search: ", gg.getResultsCount())

 

  • 0
Posted (edited)
58 minutes ago, Sami1982 said:
gg.searchNumber("17A;1,075,642,368A;1,900,544A;1,310,728A;589,828A;1,703,957A;1,703,969A;1,376,289A;1,920A;469,762,048A::185", gg.TYPE_DWORD)
gg.refineNumber("1,900,544", gg.TYPE_DWORD)

Make sure that when you do a group search you specify it's data type. When you put Auto in front of it GG will look for all possible data types for that specific value and then needs to match it also with the other values to see if the group search can be found.

61133896_Capturadepantalla2024-01-05235748.thumb.png.0ba83de281204fdffcd0ec1205c4c315.png

You could have results you don't need.

For example do this:

gg.searchNumber("17D;1,075,642,368D;1,900,544D;1,310,728D;589,828D;1,703,957D;1,703,969D;1,376,289D;1,920D;469,762,048D::185", gg.TYPE_DWORD)

 Or you can ignore the data types next to the value and only use

gg.TYPE_DWORD

If your only searching 1 value you don't put a data type for that specific value aside from adding the gg.TYPE_DWORD as any normal search.

 

Edited by nok1a
added info about data types for single value
  • 0
Posted (edited)
13 minutes ago, nok1a said:

Make sure that when you do a group search you specify it's data type. When you put Auto in front of it GG will look for all possible data types for that specific value and then needs to match it also with the other values to see if the group search can be found.

61133896_Capturadepantalla2024-01-05235748.thumb.png.0ba83de281204fdffcd0ec1205c4c315.png

You could have results you don't need.

For example do this:

gg.searchNumber("17D;1,075,642,368D;1,900,544D;1,310,728D;589,828D;1,703,957D;1,703,969D;1,376,289D;1,920D;469,762,048D::185", gg.TYPE_DWORD)

 Or you can ignore the data types next to the value and only use

gg.TYPE_DWORD

For refine you don't need to put a data type anymore aside from adding the gg.TYPE_DWORD

 

Thank you so much for all the info and instructions. You're too generous as always 🙂

Okay, I tried to break up the script to go only as far as the first pointer search (to not overwhelm myself) but I am still getting no results and I don't know what I'm doing wrong:

gg.setRanges(gg.REGION_ANONYMOUS | gg.REGION_C_BSS | gg.REGION_C_ALLOC)
gg.searchNumber("17A;1,075,642,368A;1,900,544A;1,310,728A;589,828A;1,703,957A;1,703,969A;1,376,289A;1,920A;469,762,048A::185", gg.TYPE_DWORD)
gg.refineNumber("1,900,544", gg.TYPE_DWORD)
print("Group search: ", gg.getResultsCount())
local grp = gg.getResults(gg.getResultsCount())
for i, v in ipairs(grp) do
  v.address = v.address - 0xC
  v.flags = gg.TYPE_DWORD
  end
gg.loadResults(grp)
gg.searchPointer(0)
print("First Pointer search: ", gg.getResultsCount())

 

Edited by Sami1982
  • 0
Posted (edited)
1 hour ago, Sami1982 said:
local healthPointer = {}

for i = 1, #sensitivity do
  if sensitivity[i].value == "1.0" then
    healthPointer[i] = {address = t[i].address, flags = gg.TYPE_DWORD}
  end
end
gg.loadResults(healthPointer)

Here there was a mistake from my side but @CmP has warned me for that.

When comparing 2 values they must be of same type. I tried editing it in my previous posts:

1441379627_Capturadepantalla2024-01-06001634.thumb.png.60dd1ae9bdc421bdcdd6e000c3b46d57.png

but it seems you still uses the script i sended, my fault. Comparison of 2 different types in Lua will cause issues.

Correct it to:

if sensitivity[i].value == 1.0 then

 

Edited by nok1a
  • 0
Posted (edited)
20 minutes ago, Sami1982 said:

Thank you so much for all the info and instructions. You're too generous as always 🙂

Okay, I tried to break up the script to go only as far as the first pointer search (to not overwhelm myself) but I am still getting no results and I don't know what I'm doing wrong:

gg.setRanges(gg.REGION_ANONYMOUS | gg.REGION_C_BSS | gg.REGION_C_ALLOC)
gg.searchNumber("17A;1,075,642,368A;1,900,544A;1,310,728A;589,828A;1,703,957A;1,703,969A;1,376,289A;1,920A;469,762,048A::185", gg.TYPE_DWORD)
gg.refineNumber("1,900,544", gg.TYPE_DWORD)
print("Group search: ", gg.getResultsCount())
local grp = gg.getResults(gg.getResultsCount())
for i, v in ipairs(grp) do
  v.address = v.address - 0xC
  v.flags = gg.TYPE_DWORD
  end
gg.loadResults(grp)
gg.searchPointer(0)
print("First Pointer search: ", gg.getResultsCount())

 

Why are you doing 0x0C  ? Your value 1,900,544 is not 12 bytes away from the pointer you just whent to, it's 4 bytes away.

68621037_Capturadepantalla2024-01-06002910.thumb.png.1ea20a982bde4bf72340bcfb1fec73ad.png

If you enable byte view in the memory viewer you can see every address in memory:

imagen.thumb.png.6f2ebd850d28ee7087ce34a6ee0ab16e.png

Or you can select both addresses and use the offset calculation to see distance from start address to destination address.

imagen.thumb.png.7f3f38b84bf168bee20c8f9c055736d5.png

Edited by nok1a
  • 0
Posted (edited)
30 minutes ago, nok1a said:

Why are you doing 0x0C  ? Your value 1,900,544 is not 12 bytes away from the pointer you just whent to, it's 4 bytes away.

68621037_Capturadepantalla2024-01-06002910.thumb.png.1ea20a982bde4bf72340bcfb1fec73ad.png

If you enable byte view in the memory viewer you can see the actual distance between the addresses:

imagen.thumb.png.6f2ebd850d28ee7087ce34a6ee0ab16e.png

Or you can select both addresses and use the offset calculation to see distance from start address to destination address.

imagen.thumb.png.7f3f38b84bf168bee20c8f9c055736d5.png

Wait maybe I misunderstood about the pointer.....when I click on the health value and click GOTO, this is the line that I long pressed on and clicked GOTO pointer.  So from 5C to 68 is 12 bytes right?

capture5.jpg

24 minutes ago, Sami1982 said:

Wait maybe I misunderstood about the pointer.....when I click on the health value and click GOTO, this is the line that I long pressed on and clicked GOTO pointer.  So from 5C to 68 is 12 bytes right?

capture5.jpg

Okay when I changed all the 0xC to 0X4 the first and second pointer searches are successful but i get 0 results for the third pointer search

gg.setRanges(gg.REGION_ANONYMOUS | gg.REGION_C_BSS | gg.REGION_C_ALLOC)
gg.searchNumber("17A;1,075,642,368A;1,900,544A;1,310,728A;589,828A;1,703,957A;1,703,969A;1,376,289A;1,920A;469,762,048A::185", gg.TYPE_DWORD)
gg.refineNumber("1,900,544", gg.TYPE_DWORD)
print("Group search: ", gg.getResultsCount())
local grp = gg.getResults(gg.getResultsCount())
for i, v in ipairs(grp) do
  v.address = v.address - 0x4
  v.flags = gg.TYPE_DWORD
  end
gg.loadResults(grp)
gg.searchPointer(0)
print("First Pointer search: ", gg.getResultsCount())
gg.searchPointer(0)
print("Second Pointer search: ", gg.getResultsCount())
local t = gg.getResults(gg.getResultsCount())
local sensitivity = {}
for i, v in ipairs(t) do
  sensitivity[i] = {address = v.address + 0x4, flags = gg.TYPE_FLOAT}
end
sensitivity = gg.getValues(sensitivity)
local healthPointer = {}
for i = 1, #sensitivity do
  if sensitivity[i].value == 1.0 then
    healthPointer[i] = {address = t[i].address, flags = gg.TYPE_DWORD}
  end
end
gg.loadResults(healthPointer)
print("Results healthPointer: ", gg.getResultsCount())
gg.searchPointer(0)
print("Third Pointer search: ", gg.getResultsCount())
local t = gg.getResults(gg.getResultsCount())
local health = {[1] = {address = res[1].address - 0xc, flags = gg.TYPE_FLOAT, name = "Health"}}
gg.addListItems(health)
gg.loadResults(health)

 

Edited by Sami1982

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.