-
Notifications
You must be signed in to change notification settings - Fork 10
Unknown Search
tomvita edited this page Aug 12, 2024
·
7 revisions
When you can't guess what format is the value you want to find this is the last resort
- First do a memory dump
- SearchManager
- memory dump
- Go to game and get it changed
- Search for difference
- SearchManager
- Search Setup
- Diff
- Continue
- Continue (note that for latest version of Breeze you need to continue twice, the first time it makes a file with the dumped content and the second make a file with the current content, you can see the difference in screen shot if your target is visible. In older version of Breeze the value at the time the dump was performed was lost, now if you don't continue twice the current value is not captured)
- Repeat step 2 and 3
- place the cursor on the file that has the same value (You can see the value by looking at the screen shot if you set CapturedScreen=1, the first file produced with diff with a dump have the value of the dump, you need to do diff twice to get both the value of the dump and the current value)
- Select B
- place the cursor on the file that has the candidate list you want to shorten
- SAMEB
- perform some game action so memory gets modified but make sure that your target don't change
- SAME
Perform bit flip search ( do this when you suspect the game code simply flip some bits to hide the target from you )
- Take note of the value in game ( this is A )
- Play the game so the value change ( this is B )
- Search Setup
- Set A
- Set B
- A bflip B
- Continue