[教程][原创] Cheat Engine 6.4 Tutorial —— 闯关教程 #1
09 Dec 2014大家都知道Cheat Engine 是啥吧?(以下简称CE)
如果你不知道..
咳咳..
你估计应该可以跳过这篇文章了.. xD
Cheat Engine 是啥?
如果你真的真的不知道,或者你已经知道了,也就读读看吧
Cheat Engine is an open source tool designed to help you with modifying single player games running under window so you can make them harder or easier depending on your preference(e.g: Find that 100hp is too easy, try playing a game with a max of 1 HP), but also contains other usefull tools to help debugging games and even normal applications.
It comes with a memory scanner to quickly scan for variables used within a game and allow you to change them, but it also comes with a debugger, disassembler, assembler, speedhack, trainer maker, direct 3D manipulation tools, system inspection tools and more.
For new users it is recommended to go through the tutorial(The one that comes with Cheat Engine, you can find it in your programs list after installing) and at least reach step 5 for basic understanding of the usage of Cheat Engine
If you need help on Cheat Engine , you can always contact me at dark_byte@hotmail.com , msn supported as well(don’t ask about online games, I don’t know anything about that) Or on irc: server: irc.p2p-network.net channel: #cef (Web-based irc)
Note: It will most likely not work on online games, so don’t bother asking me that Local Cheat Engine WIKI
Note that since cheat engine is open source, everyone is welcome to contribute to the project. Contact dark_byte@hotmail.com for more information about helping.
不翻译了哈 xD
Cheat Engine 下载
如果你还没有下载Cheat Engine,这里是下载地址:
- 下载地址:http://www.cheatengine.org/downloads.php
- 版本:6.4
Cheat Engine Tutorial?
看到那个第三个quote我bold起来的Tutorial 字样么?
你表示:神马?Cheat Engine 有自带的Tutorial?
我表示:有!
我第一次看到那个CE Tutorial的时候是N年前,不小心开到的..(不过当时没兴趣玩.__.)
好吧,那东就在这里:Help > Cheat Engine Tutorial
打开后,继续往下看呗
现在我运行的CE是版本6.4 教程版本3.2
Step 1
Welcome to the Cheat Engine Tutorial. (v3.2)
This tutorial will try to explain the basics of cheating on games, and getting you more familiar with Cheat Engine.
First open Cheat Engine if it hasn’t been opened yet. Then click on the ‘open process’ icon. (top left icon, with the computer on it)
When the process window is open find this tutorial. The process name is probably ‘tutorial.exe’ unless yourenamed it.
Select it, and click ok. Just ignore all the other buttons right now, but experiment with them later if you feel like it.
When everything went right, the process window should be gone now and at the top of CE the processname is shown.
Now, click NEXT to continue to the next step. (Or fill in the password to proceed to that particular step you want)
很简单罢了
在使用CE之前
你必须得要有一个目标
在这里呢,你的目标就是一个个Process 也就是进程
简单来说
打开Windows Task Manager
看到那个Processes的tab了么
恩
点进去
那一堆就是Processes(进程们)
你表示:我不是新手了… 可以不要解释那么多么…
我表示: 不 xD 罗嗦点好 娃哈哈
你有了目标
就可以锁定目标了 xD
首先点击CE上那个一闪一闪的电脑图标:
然后就会弹出一个窗口,里面有一堆的进程
选择 Tutorial-i368.exe
然后点击Open
回到CE,界面就变成这样了:
这里就不会一一解释每个按钮的功用了
(但是大部分都会用到的)
顺带一说
看到CE Tutorial 界面上右下角的Password 吗?
CE Tutorial每一关都会有一个密码的
记起来 (或者写下来)
就可以直接跳到那一关了
然后就可以点击Next
到Step 2 去了:
Step 2
Step 2: Exact Value scanning (PW=090453)
Now that you have opened the tutorial with Cheat Engine lets get on with the next step.
You see at the bottom of this window the text Health: xxx
Each time you click ‘Hit me’ your health gets decreased.
To get to the next step you have to find this value and change it to 1000
To find the value there are different ways, but I’ll tell you about the easiest, ‘Exact Value’:
First make sure value type is set to at least 2 bytes or 4 bytes, 1 byte will also work, but you’ll run into an easy to fixproblem when you’ve found the address and want to change it. The 8-byte may perhaps works if the bytes after the address are 0, but I wouldn’t take the bet.
Single, double, and the other scans just don’t work, because they store the value in a different way.
When the value type is set correctly, make sure the scantype is set to ‘Exact Value’
Then fill in the number your health is in the value box. And click ‘First Scan’
After a while (if you have a extremely slow pc) the scan is done and the results are shown in the list on theleft
If you find more than 1 address and you don’t know for sure which address it is, click ‘Hit me’, fill in the newhealth value into the value box, and click ‘Next Scan’
repeat this until you’re sure you’ve found it. (that includes that there’s only 1 address in the list…..)
Now double click the address in the list on the left. This makes the address pop-up in the list at the bottom,showing you the current value.
Double click the value, (or select it and press enter), and change the value to 1000.
If everything went ok the next button should become enabled, and you’re ready for the next step.
Note:
If you did anything wrong while scanning, click “New Scan” and repeat the scanning again. Also, try playing around with the value and click ‘hit me’
看到上方的(PW=090453)了么?090453就是Password,在Step 1 的时候就可以直接跳到该关卡哦
主界面上呢
有两个按钮
一个是Hit Me
一个是灰色的Next按钮
现在你的目标是:把Health 改成1000,然后Next按钮就可以点击到下一关啦
这是一个Exact Value Scanning
怎么说呢
就是这个Health 是直接储存进内存里的
这个功能对于一些相对简单的游戏是非常管用的
所以回到CE的主界面
Value下的输入框输入100
Scan Type 为 Exact Value
Value Type 为 4 Bytes
你可能会问
4 Bytes是啥?
4 bytes (32-bits / DWORD) a “4 byte” value can hold a number between 0..4294967295 or -2147483648 and 2147483647 (The last one if it is a signed value )
“4 byte” values are the standard way of storing information in a windows system. So doing a 4-byte scan will normally give the best results.
摘自CE自带的Help file
明白了么?xD
然后就狠狠的按下Enter (或者First Scan的按钮也行)
然后在左边的列表上
你就看到了灰常多的Address (这里的Address就是那个数值在内存中的地址,你可以把内存看成一条街,那些地址就是数值的门牌)
你:这TM那么多地址,叫我怎么找啊?
冷静冷静
很简单,只要让我们要的地址中的数值不一样不就好了么?
现在回到CE Tutorial的界面
点击Hit Me
然后Health 就减少了
再回到CE
然后在Value 内输入99
在大大力的按下Enter(或者Next Scan)
(其实CE检测到数值变化的话,会将他highlight 红的:
)
现在只剩下唯一的值啦
不用怀疑,那个就是Health的储存地址了
Double Click 它,然后你就会发现他在下方的框框内了:
现在就是修改Value的时候了
在Value 的那个栏目下
Double Click就会跳出一个框框给你输入新的value
输入1000:
按下Enter
在回到Tutorial 的界面
你就会看到Next 按钮已经可以按了
点下去吧
进入下一关
总结来说:
如果说,你在游戏中,假设有一个游戏非常简单,有一个value叫Health
初始值是100
你要查找他的地址的基本步骤就是:
首先在CE中scan 100
如果你很幸运的话,只有一个地址,那个就是Health的地址啦
如果你不幸运,列表之中有一堆Address,那现在你要做的就是设法改变Health的值,比如说,给怪物打,扣了1滴Health,现在的Health值就变成了99
然后在回到CE,Value 为99,点击Next Scan
然后CE就会在之前搜索出来的Adress当中,再次搜索,值为99的地址
如果你幸运的话,只剩下唯一一个地址,那个就是啦
如果你不幸运,那你就得重复步骤 —— 在游戏中设法改变Health的值(给怪物打),然后搜索
一直到只剩下一个值为止,那个就是你要修改的了
注意:请紧记如何搜索一个值的地址,因为一步一步解释的话,篇幅太长了,篇幅太长就没人要看了…所以记起来吧,下次我就直接跳过了
Step 3
Step 3: Unknown initial value (PW=419482)
Ok, seeing that you’ve figured out how to find a value using exact value let’s move on to the next step.
In the previous test we knew the initial value so we could do a exact value, but now we have a status bar where we don’t know the starting value.
We only know that the value is between 0 and 500. And each time you click ‘hit me’ you lose some health. The amount you lose each time is shown above the status bar.
Again there are several different ways to find the value. (like doing a decreased value by… scan), but I’ll only explain the easiest. “Unknown initial value”, and decreased value.
Because you don’t know the value it is right now, a exact value wont do any good, so choose as scantype ‘Unknown initial value’, again, the value type is 4-bytes. (most windows apps use 4-bytes)click first scan and wait till it’s done.
When it is done click ‘hit me’. You’ll lose some of your health. (the amount you lost shows for a few seconds and then disappears, but you don’t need that)
Now go to Cheat Engine, and choose ‘Decreased Value’ and click ‘Next Scan’
When that scan is done, click hit me again, and repeat the above till you only find a few.
We know the value is between 0 and 500, so pick the one that is most likely the address we need, and add it to the list.
Now change the health to 5000, to proceed to the next step.
Step 3 主界面
现在的情况
你在游戏中也有一个值叫Health,但是你现在不知道Health的值
要怎么办呢?
现在回到CE的界面
点击New Scan
然后在Scan Type 那儿选择 (Value Between似乎也可以)
按下Enter
然后你会发现到你的Address List 之中没有显示任何地址
但是上方有一个Found:xxx的字样,就可以了
现在回到CE Tutorial 里面
点击Hit Me
下方就会显示Health 减少的多少
然后回到CE的界面
Value 输入减少的值(我这里是6)
然后Scan Type 选择 Decreased value by…
然后就Enter
然后列表就有一些Address了:
现在list中有多个地址
哪一个是我们要的呢?
有两种办法:
- 就是重复步骤,在点击Hit Me,再用CE搜索减少了多少的值,知道只剩下一个Address(Address = 地址)位置
- 如果你知道Health 的值在多少与多少之间,那就很简单了
在这里我们用办法2,为什么呢?(因为是公主病啦~ ——《公主病》周杰伦)
因为在之前已经有写了啊:
We only know that the value is between 0 and 500.
所以看看列表,介于0到500之间的值只有一个:那就是229了!
Double Click 那个值
然后在下方的框框内更改值为5000:
点击OK
回到CE Tutorial
可以点击Next 啦!
Step 4
Step 4: Floating points (PW=890124) In the previous tutorial we used bytes to scan, but some games store information in so called ‘floating point’ notations. (probably to prevent simple memory scanners from finding it the easy way) a floating point is a value with some digits behind the point. (like 5.12 or 11321.1)
Below you see your health and ammo. Both are stored as Floating point notations, but health is stored as a float and ammo is stored as a double. Click on hit me to lose some health, and on shoot to decrease your ammo with 0.5
You have to set BOTH values to 5000 or higher to proceed.
Exact value scan will work fine here, but you may want to experiment with other types too.
Hint: It is recommended to disable “Fast Scan” for type double
主界面:
之前呢,所有储存的data 都是4 bytes 的
但是,4 bytes 储存的只能是整数
如果碰巧你的Health值是198.123呢?
这个时候Floating Point 就来了 —— 浮点数
至于浮点数是啥,看看CE 的 Help File 吧 xD
Float/Single (32-bits) (IEEE standard)
a “Single” value can hold a number between 1.5 x 10^-45 and 3.4 x 10^38
This is one of the 2 standard floating-point value allocations. (IEEE) The other one is DOUBLE
A Single consists of 4 bytes, which is build up in a special way, which is VERY different from normal variables! (so normal byte scanning wont work)
Cheat Engine rounds values up/down till the number of digits you specify in the scan value box.
e.g.:if you scan for 12 it will find all values between 11.5 and 12.4 and 12.0 results in values between 11.95 and 12.04
Double (64-bits) (IEEE standard)
Basically the same as Single, except the data-length is longer (more precise) but the range is between 5.0 x 10^-324 and 1.7 x 10^308
你可以简单理解为
floating point 类型的值,就差不多算是有小数点的
现在Step 4 中有两个值:
- Health : 以float 储存
- Ammo : 以double 储存
我们就来先修改Health
回到CE界面
Value 输入 100
Value Type就选择float
然后就First Scan 吧:
然后就有一堆的地址:
回到CE Tutorial,点击Health 的 Hit Me:
在回到CE Next Scan 新的值:
然后把它修改到5000:
现在就是修改Ammo了:
Value : 100
Value Type : Double
只有一个,就是它了:
修改:
就可以Next了:
这个分割线表明,接下来的步骤会越来越难了,要有心理准备哦
咳咳..
Step 5 开始有点难了..
对于没有任何基础的人来说,理解Step 5 以及后面的Steps需要更长的时间(我也是没有基础的…)
所以此篇就停在Step 4 吧
Step 5 以后的笔者我应该会另开篇幅
期待哦 xD
不过也开始试试自己的功力吧!(拿一些游戏来开刀吧,不过先说明,大多数的上线游戏、网页游戏等等是不能用的哦)
Published by Gary Ng