Home
Maybe useful links:
Scanmem-examples
Installing-gameconqueror
Some hints about using GameConqueror(Linux)
scanmem is a console program to search the memory of a process using cryptic commands
GameConqueror is a graphical user interface(GUI) which makes the use of scanmem much more easier
Do not expect GC to do the cheating stuff for you or to do so just by hitting a button!
Its not as easy like that!
Using GC will let you search the memory of a program for values or just plain text.
Unlike old plain dos games which stores game data at the "same" place any time you reload a game, modern games tend to move stuff around.
GC is not yet able to let you use relative addresses like (gamename.exe+$0bfe20). Which would be very sweet..
In short: Even if you already have found parts of the "structure" how your game stores stuff, every reload will make your address-list invalid due to this "memory wandering".
Some game data may appear in the same order.
So if you are able to find the "gold" value(like buying/selling stuff in game) there may be other interesting data stored around that very address.
For example a game like.. Stellaris stores data like:
xxxxxx4 INT32 energy credits
xxxxxx8 INT32 minerals
xxxxxxc INT32 food
xxxxx1c INT32 power?
xxxxx20 INT32 unity
--and some more--
As I don't want to spend my time over and over again by typing in those names of addresses or whatever I made a script which automate the process of filling a table usable by GC.
With this little crap of code I now have to find ONLY the valid address of minerals in the game once(every time after a reload). Run the script, insert the minerals address(lowered by 4) and load the table into GC. Sweet.
You are free to use the script, alter it to your wishes, whatever.
But watch the ending of line "999-something" as.. it is important as it differs from the lines above. It acts as an ending code for the table. So removing it completely(without altering the line above it accordingly) will stop GC from using it!
If you really don't get it how it works.. try to SAVE a GC table and examine that.. kind of thing. One missing space, one "," too many and it wont work. Just alter the script to your needs.
You DON'T have to use that script. If you are after just one value(gooold!) then just using GC without it will do better!
Its just an example how to get plenty(already found) addresses with little work into a table.
And: It wont work for your game! You have to alter anything accordingly to your game!!
Please! Don't ask me about those table thing. I don't know anything about those syntax and how it works.
I just created and changed stuff to my likening. Somehow it works. That's enough for me :)
#!/bin/bash
# this script creates a GameConqueror-cheat-file for Stellaris(ressources)
# Attention!
# You have to find the address of minerals for yourself EACH time you play the game!
# You MUST type 0x first followed by your minerals address minus 4!
# For example: Found address is 123458 so your entry must looks like: 0x123454
# I was too lazy to automate the 0x and -4 thing, sorry.. Hey, it just works :D
# And please ignore the german stuff below, you know i AM lazy! ^^
clear
FILENAME="stellaris1"
START=0
LAST=0
echo "Stellarischeat: Script to create GameConqueror Cheat-Adresslist"
echo "It creates an addresslist(local path) with name: $FILENAME"
echo.
echo "Baseaddress for minerals (empty input cancels):"
echo " minerals : (address has to be decreased by 4)"
echo "!Input MUST start with 0x !"
read RES_ADDRESS_HEX
if [ ${#RES_ADDRESS_HEX} == 0 ]; then
echo "I wont do anything!"
else
RES_ADDRESS_DEZ=$(printf "%d\n" $RES_ADDRESS_HEX)
echo '{"cheat_list": ['>$FILENAME
START=1
echo -ne '["=", false, "001 Energie-Credits 70000k", '$(( RES_ADDRESS_DEZ + 0 ))', "int32", "69858535", true], '>>$FILENAME
echo -ne '["=", false, "002 Mineralien 35000k", '$(( RES_ADDRESS_DEZ + 4 ))', "int32", "34900000", true], '>>$FILENAME
echo -ne '["=", false, "003 Nahrung 35000k", '$(( RES_ADDRESS_DEZ + 8 ))', "int32", "35000000", true], '>>$FILENAME
echo -ne '["=", false, "007 Einfluss 1000k", '$(( RES_ADDRESS_DEZ + 24 ))', "int32", "970000", true], '>>$FILENAME
echo -ne '["=", false, "008 Einigkeit ", '$(( RES_ADDRESS_DEZ + 28 ))', "int32", "1439274", true], '>>$FILENAME
echo -ne '["=", false, "009 Legierungen 35000k", '$(( RES_ADDRESS_DEZ + 32 ))', "int32", "21706709", true], '>>$FILENAME
echo -ne '["=", false, "010 Konsumg\u00fcter 35000k", '$(( RES_ADDRESS_DEZ + 36 ))', "int32", "34000000", true], '>>$FILENAME
echo -ne '["=", false, "011 Fl\u00fcchtige Teilchen", '$(( RES_ADDRESS_DEZ + 40 ))', "int32", "1024000", true], '>>$FILENAME
echo -ne '["=", false, "012 Exotische Gase ", '$(( RES_ADDRESS_DEZ + 44 ))', "int32", "1998400", true], '>>$FILENAME
echo -ne '["=", false, "013 Seltene Kristalle ", '$(( RES_ADDRESS_DEZ + 48 ))', "int32", "2992800", true], '>>$FILENAME
echo -ne '["=", false, "014 Lebendes Metall ", '$(( RES_ADDRESS_DEZ + 52 ))', "int32", "0", true], '>>$FILENAME
echo -ne '["=", false, "015 Zro ", '$(( RES_ADDRESS_DEZ + 56 ))', "int32", "0", true], '>>$FILENAME
echo -ne '["=", false, "016 Dunkle Materie ", '$(( RES_ADDRESS_DEZ + 60 ))', "int32", "28800", true], '>>$FILENAME
echo -ne '["=", false, "017 Naniten ", '$(( RES_ADDRESS_DEZ + 64 ))', "int32", "0", true], '>>$FILENAME
echo -ne '["=", false, "999 --------------------", 0, "string", "?", true]'>>$FILENAME
fi
if [ $START == 1 ]; then
echo -ne ']}'>>$FILENAME
fiHint: Since gameconqueror v.18dev+ the above table will not work as the(now unnessessary) "=", has been removed!
# old table setup(up to debian 10 stable gameconqueror(v.17)):
{"cheat_list": [["=", false, "Gold", 139904338223572, "int32", "35738", true]]}
# new table setup(from gameconqueror ~dev v.18+):
{"cheat_list": [[false, "Gold", 139904338223572, "int32", "35738", true]]}Steam will BAN your account if they detect such .. utilities are running on your system!
Various companies thread you with permanent bans:
You may have paid for the game.. but you will never be able to play it again due to cheating..
It seems safe(at the moment) to use them while playing solo. But this may change in the future.
All you have to do is to run a program(game) and also run GameConqueror.
-
First you have to tell GameConqueror which process you want to examine
Lets say you want to play a game like The Forest (using steams proton whatever)
Its IMPORTANT to not just run the game(launcher), you have to be IN the game(after reloading a save game f.ex.)
Hit CTRL+F (or click the monitor icon in GC) to open the process window
Sort the PID(process ids) so the highest PID number is on top (not necessary but may be helpful)
Select the process field to enter the name of the game (here: The Forest; typing forest will do)
You may find not only one process with this name as there may be more due to config or emulation
Steam proton running games looks usually like Z:\path\steamapps\common\The Forest\TheForest.exe (letter/path may vary) -
Decide which TYPE of data you are looking for
Most people are looking for stuff like gold(money!!) or stats like life points, stamina, strenght,..
You can search for everything. But alas! It will take some time to figure out HOW it is stored..
Older games(dos!) tried to spend as little memory as possible. Therefore they used UINT8 for most values.
Obviously its impossible to store the value of 100000 pieces of gold in two bytes(max:65535).
So they used a different type for the gold like INT32(if +/- were important) otherwise UINT32.
To keep things EASY have a look at the following list, decide depending on game(dos/win/win32/whatever):
1.) DOS-games using dosbox: INT8/UINT8/INT16/UINT16
Be warned: DOS games tend to save values on ODD addresses sometimes, so search for INT16/UINT16 may fail
2.) Windows games(older ones): INT16/UINT16/INT32/UINT32
3.) Windows games(recent ones): INT32/UINT32(mostly) INT64/UINT64(up today never seen)
4.) Unity driven games: a pain in the .. try FLOAT32 -.-
see https://en.wikipedia.org/wiki/List_of_Unity_games -
The first search..
Lets search for the address which contains the value of stamina.
To get a quick overview about possible search parameters hover the mouse pointer over the quotation mark.
You may enter one value like 100 OR a value range like 75..100 (watch the two full stops between the numbers!)
I had already figured out that the value of stamina in this game(the forest) is stored as a FLOAT32 number.
And it is near 100.0 so if the stamina is already maxed(at the moment) it should be between 97..100!
01.) hit the reload button (or press CTRL+R) located right of the search symbol
02.) change the value type(from INT32) to FLOAT32
03.) leave the search "depht" at normal
04.) enter 97..100 in the search field
05.) hit the search symbol or press CTRL+ENTER to start the search (DO NOT hit the reload button!)
The search takes between a couple of seconds up to some minutes. Be patient!
Usually there will be hundreds of thousands(if not millions) possible addresses found
Don't panic! We will see soon how to narrow the possibilities to a more "usable" size
06.) Change something in the game
In this case you should run around to drop your stamina
Hit ESC to stop your game and switch back to GC
07.) Enter < in the search field
This will look for any changes of already "found" addresses which has their values been decreased
08.) hit the search symbol once more to search for decreased values (DO NOT hit the reload button!)
This search will take some more time due to comparison of plenty addresses
09.) Get back to the game, "unpause" it and let the stamina increase until full(stand still)
Hit ESC to stop your game and switch back to GC
10.) Enter > in the search field
This will look for any changes of already "found" addresses which has their values been increased
11.) hit the search symbol again to search for increased values (DO NOT hit the reload button!)
12.) enter 97..100 in the search field again and perform the next search
As the stamina should be near maximum this will cut any values below 97.0 and above 100.0
If the possible entries are below 10000 you can finally VIEW all of them
Set the sort order to values(not addresses) (hit the value colon once)
Go back to entry 06 and repeat until you get <50 entries
13.) Finally narrowed down to some dozens of addresses..
In this game there are TWO addresses which store the same value!
But only ONE of them is usable, it should be the one ending on xxxC.
Double click this address to add it into the right window(or use contextmenu)
FREEZE the address(hit the box left of the entry)
Go back to the game and see if the value changes while you are running. If not then.. congrats!
There are various ways of storing data on a computer. The following list covers the "easier" integer values:
1.) INT8(byte) 1 Byte ; Integer signed value from -128 to 127; Very old(DOS-games?)
2.) UINT8(byte) 1 Byte ; Integer UNsigned value from 0 to 256; Very old(DOS-games)
3.) INT16(word) 2 Bytes; Integer signed value from -32768 to 32767; Old(DOS/Win3.11)
4.) UINT16(word) 2 Bytes; Integer UNsinged value from 0 to 65535; Old(DOS/Win3.11)
5.) INT32(dword) 4 Bytes; Integer signed value from -2147483648 to 2147483647
6.) UINT32(dword) 4 Bytes; Integer UNsigned value from 0 to 4294967296
7.) INT64(dword) 8 Bytes; Integer signed value from -9223372036854775808 to 9223372036854775807
8.) UINT64(dword) 8 Bytes; Integer UNsigned value from 0 to some pretty large number, longer than this text..
Unity-driven games stores data using floating point values (FLOAT32 should be tried first for them)
Depending on your linux distribution(Debian/Fedora/Ubuntu/..) and also your desktop environment(KDE/Mate/XFCE/..) it may be possible that switching from your game to GC(also known as "tabbing out" by windows users) makes your game hang(black screen, maybe the game music plays on.. but you cant see anything).
To make one thing clear: There ARE some games which don't like being switched from fullscreen and then "tabbed out". You can try running problematic games in "windowed" mode to see if switching work.
While testing Linux Mint 19.2 I activated COMPIZ and from that moment on.. playing a game was working but "tabbing out" left me always with a black screen -.- Switching back to Marco/Komposit solved this :)
Games may crash due to wrong usage of GC. Few games do just because of being scanned.
Adding a second virtual "desk" is very useful as you could switch to the "working desk" without problems.
Depending on configuration CTRL+ALT+ arrow key(left or right, up or down) switches around to other desks.
Then you may kill the hanging process of the game.
If your mouse has also disappeared and keyboard seems non-working(blind typing), try CTRL+ALT+BACKSPACE.
WARNING! This will restart the X-Server! You get back to login screen and ALL other programs will have been terminated!