Skip to content

Unknown Search

Jump to bottom
tomvita edited this page Apr 22, 2024 · 7 revisions

When you can't guess what format is the value you want to find this is the last resort

Get a starting list of candidates

  1. First do a memory dump
  • SearchManager
  • memory dump
  1. Go to game and get it changed
  2. Search for difference
  • SearchManager
  • Search Setup
  • Diff
  • Continue
  1. Repeat step 2 and 3

Some ways to converge the list of candidates faster

Perform a sameB search if you are able to get the same value in game

  • place the cursor on the file that has the same value (You can see the value by looking at the screen shot, the first file produced with diff with a dump have the value of the dump, you need to do diff twice to get both the value of the dump and the current value)
  • Select B
  • place the cursor on the file that has the candidate list you want to shorten
  • SAMEB

Perform same search

  • perform some game action so memory gets modified but make sure that your target don't change
  • SAME

Perform bit flip search ( do this when you suspect the game code simply flip some bits to hide the target from you )

  • Take note of the value in game ( this is A )
  • Play the game so the value change ( this is B )
  • Search Setup
  • Set A
  • Set B
  • A bflip B
  • Continue
Clone this wiki locally