To install them, paste the AA scripts into the text prompt that appears when right clicking the “Value Type” dropdown box from the main scan window settings: Mov ,eax //write the value into the address Mov ,ecx //place the integer the 4 bytes pointed to by rdx Mov eax, //place the bytes into eax so it's handled as a normal 4 byte valueīswap ecx //convert the little endian input into a big endian input Mov eax, //eax now contains the bytes 'input' pointed to Mov ,ax //write the value into the address Mov ,cx //place the integer the 4 bytes pointed to by rdx Xchg ch,cl //convert the little endian input into a big endian input function declared as: stdcall void ConvertBackRoutine(int i, unsigned char *output) The convert back routine should hold a routine that converts the given integer back to a row of bytes (e.g when the user wats to write a new value) Mov ax, //place the bytes into eax so it's handled as a normal 4 byte value Mov eax, //place the address that contains the bytes into eax Mov ax, //eax now contains the bytes 'input' pointed to Note: Keep in mind that this routine can be called by multiple threads at the same time. function declared as: stdcall int ConvertRoutine(unsigned char *input) The convert routine should hold a routine that converts the data to an integer (in eax) Try these settings if you’re using Dolphin 4.0+ There are other possible ranges that can be used, but I’ve found some of them to be inconsistent and haven’t had any trouble with this location across versions-so I assume it is the start of the logical cached region. In every case I’ve seen of 64-bit Dolphin 4.0+ the base address for logical cached RAM appears to be represented by 0x7FFF0000 in Cheat Engine. I’ve only recently learned about this, and using CE without it is a sort of hell. This adds an indispensable menu item called “Emulator Memory” to the main menu bar, which allows you to adjust the base memory address used by Cheat Engine when looking at a process.
We fix that in the next step~ĭownload emurpm.zip (an addon written by Dark Byte) and extract its contents into the autorun folder of your Cheat Engine directory. Notice that none of these are from address 80000000 like they are in the emulation. The addresses may differ, and the amount might not be the same but you should see an increase in the “found” count. Open it up and click on the flashing icon for a prompt to select your running Dolphin process.
It’s also got a github if you’d like to noodle with the source.
I recommend the portable version, which you don't even need to install. I should also make a note that while my examples will be for Melee, this can be used for a lot more than just Melee/Dolphin.ĭownload Cheat Engine. I plan to make some additional posts after this guide about some specific examples of how Cheat Engine can be used.
This might be a serious boon to any code writers out there looking for some tools to supplement their memory browsing experience-but it may also benefit anyone just looking to reverse file data or learn more about Melee mechanics in general. Specifically, its memory editing/searching toolset can be very useful in place of Dolphin’s cumbersome equivalent.
Cheat Engine is a disassembler/debugger/memory editing GUI that works with little-endian x86/圆4 architectures.Īs a free program, it comes with a wealth of surprisingly powerful features that can be used for the purpose of reversing a lot of which do not work with Dolphin (to the best of my knowledge.)