Article How to find addresses with ROE

JayCoder

Premium Member
Staff member
Premium Member
Messages
345
Points
328
Quick search:
[0001] - how to dump game
[0002] - opening dump in Ida
[0003] - updating addresses
[0004] - downloads

Wiki:
You have to be logged in to view links Log in or register now.


First, let's get our tools together, not going to go over doing anything in c++ or c# (will go over this on a another topic) yet, Just how to dump, and find test address, and getting started finding things, testing as well.

I want to go head and say this for any game developers reading this, I only intended an educational learning use.

Tools:
Ida pro hex ray x86,
Undetected version of cheat engine or a different memory viewer, I suggest using memory viewer or another tool,
Last update dump bottom of page,
Current update dump bottom of page,
Previous update dump bottom of page,
Last update addresses collection bottom of page,
Current update addresses collection bottom of page

Cheat engine doesn't seem to be detected so you could use it, you could also use a plugin for cheat engine
idk never got banned using cheat engine no idea why so I mean....

Scylla for dumping the memory

When I want to know everything about a register or operation in x86 I use

I usually nop it or change it to a different register, or operation depending on what I'm changing

A common one for roe is movss:

Another common one is divss:

I usually find more addresses when I mess with scalar single precision floating point values "operation + ss"
You can find a lot of stuff before and after the seh macros in the game

here is a link to seh macros:
Not sure if that will help but it does issue the problem at hand.

How to dump the game [0001]

Step 1:
Opening the x86 version of Scylla and running as admin.

Step 2:
Attaching to the process of the game.

Step 3:
Pressing this button and choosing where to dump it
Then waiting for this message

Opening in ida pro [0002]

Step 1:
You need to open the dump file in x86 ida hex ray edition
< file , location>
Just click ok
Click cancel

Step 2 once open:
If loading has finished, you can see it in bottom left corner of application : number value stops changing, to au: idle
Click x on structures
Click x on enumeration types
Click x on imports
Click x on exports
Click Shift+f12 for string view will take a min or 2
When everything is ready it should look like this

Addresses [0003]

Remove trees search this as text with all occurrences
Code:
divss   xmm0, dword ptr [ebp+0B94h]
Going down its the 2nd movss
Should look like this:
We want to nop this address
If you highlight you should see if look in the hex view:
We want to change the bytes from that to these bytes
Code:
 90 90 90 90 90 90 90 90
Remove water search this as text with all occurrences:
Code:
movss   xmm0, dword ptr [ebp+1C9Ch]
Going up would be first movss
Should look like this:
We want to nop this address
If you highlight you should see if look in the hex view:
We want to change the bytes from that to these bytes
Code:
 90 90 90 90 90 90 90 90
Remove grass search this as text with all occurrences:
Code:
mov     esi, [ebp-0A8h]
Going up would be first movss
Should look like this:
We want to nop this address
If you highlight you should see if look in the hex view:
We want to change the bytes from that to these bytes
Code:
 90 90 90 90 90 90 90 90

I usually use a version of cheat engine to test addresses.

Using this method, it takes like 2 or 3 mins to update addresses if that
I tested the old addresses myself and the new ones myself
If anything isn't working comment below

Here are videos of some of the addresses:

Downloads [0005]
Old update dump don't remember:
You have to be logged in to view links Log in or register now.

Old update addresses don't remember:
You have to be logged in to view links Log in or register now.


dump release date 2.23.2019:
You have to be logged in to view links Log in or register now.

addresses release date 2.23.2019:
You have to be logged in to view links Log in or register now.


addresses 2.28.2019 ( current update ) :
You have to be logged in to view links Log in or register now.

roe dump 2.28.2019 ( current update ) :
You have to be logged in to view links Log in or register now.


i write it out like this
Address | Description | some instruction to find address

Scylla:
You have to be logged in to view links Log in or register now.


Cheat engine:
You have to be logged in to view links Log in or register now.


Will update soon, fix errors and grabbing more addresses and new ones​
 
Last edited:
Top