Remember that I was doing auto-hack to address 0x18610164 and got those 2 codes (pic 6a and 6b):
the result in Auto-Hack window as follows:
Here is pic 6a:
from the highlighted code, we can’t easily determine the value of EAX since it was written after the code executed..
But we can determine the value of EDX from Registers Window below, which was 0x18610010..
In other word, the value of EAX in the Registers Window below was not the one we were looking for (false EAX)..
Here is pic 6b:
from the highlighted code, we can’t easily determine the value of EDX since it was written after the code executed..
But we can determine the value of EAX from Registers Window below, which was 0x2A..
In other word, the value of EDX in the Registers Window below was not the one we were looking for (false EDX)..
Using those two codes and their registers info, we get the correct value of EDX and EAX:
0x18610164 = EDX+(EAX*0x8)+0x4
- EDX = 0x18610010
- EAX = 0x2A
0x18610164 = 0x18610010+(0x2A*0x8)+0x4
0x18610164 = 0x18610010+0x150+0x4
0x18610164 = 0x18610164
.. to boldly go where no eagle has gone before...