Cheat Engine Tutorial: Introduction to Mono Dissector [Example Game: Golf With Your Friends]
► “Like” Me on Facebook for More Stuff!:
► Cheat Engine Tutorial Series:
In this video, I introduce the power of the Mono Dissector in Cheat Engine! With it, you can save time AND end up with cheats you otherwise wouldn’t have from traditional memory scanning methods.
Here are additional links I reference in the video:
• MONO on the Cheat Engine Wiki:
• Unity Script Compile Order:
• Unity Scripting API Documentation:
Give me a thumbs-up if you enjoyed the video, don’t forget to subscribe, and please let me know your thoughts in the comments below. Thanks for watching!
Cheat Engine Tutorial: Introduction to Mono Dissector [Example Game: Golf With Your Friends]
what's going on everyone sticky mofo here and today we're gonna talk about the mono dissector and sheet engine I'm gonna go ahead and assume that you are comfortable with the idea of things like functions so if that freaks you out then this may not be the video for you but it is for beginners so it should at least give you an idea of what you're up against and what you'll need to get into initially when you plan on doing this so this is very very handy I'm playing golf with your friends and so I'm going to go ahead and attach cheat engine to the game and once I've done that all right if the game like games made in unity all right they use mono so cheat engine is smart with mono and dotnet and it can disassemble assemblies compiled with say unity which is a game engine and so what you can do is you can just jump right into the mono assemblies and see if you can find functions related to whatever you're wanting to hack okay so you can click mono and you can either click activate mono features or if you clicked or click dissect mono it will go ahead and activate for you so you'll get this window up here I'm gonna bring it over here because it tends to fall behind the cheat engine window here alright and so right off the bat I'll have some URLs down in the description below the mono dissect on the cheat engine wiki it has a little bit of outdated information on there but fundamentally most of the stuff is is exactly the same so here where it says what the structure here domain which you don't really have to worry about what that is per se and then we will bring that down into the please each of these individual assemblies are I'm gonna go into the game data here and go into managed and each of these dll's these are assemblies and so cheat engine has disassembled these assemblies so we can dig through them look through their classes and find functions and fields so yeah that's what we're going to start now a lot of interesting stuff tends to be in assembly – c-sharp and assembly – c-sharp – first pass and I will include this page in the URL below which kind of explains compilation order and you can dig through here and basically see why relevant information is here information related to whatever you're looking for could be in any of these presumably but we're just gonna focus on these two so the first thing you can do is say alright well I'm interested in looking for stuff related to money or health maybe it's money maybe you you know think of other words for money you know cash whatever you think they might use when they were developing the game to reference money or something like that right so then what you can do is I'm gonna extend this down you could go search find and instead of searching the entire file if you just want to start digging through like this assembly here you can uncheck that and here you could type in money or something like that for me in this game there's a particular stage where your ball will glow and so I wanted to try to find something related to that to see if I could enable it myself right so I could start off by typing something like glow and find and here it took me to ball glow which you may have already seen that on the screen but yeah so that's a quick way for you to search for possibly related things and you may find a ton of different things that go by something like money or whatever so it can take you time to dig through this stuff but whereas otherwise you might not be able to find anything because you've got to go through the disassembler and break and trace and all this other stuff this can give you a frame of reference for things to immediately start delving into alright so with that done here I'm at the ball glow class and so I can click this and I can look at its methods which are functions and then we have fields here and the cool thing about fields is a lot of them are named things that make sense and here these numbers represent offsets that we're going to be looking for all right so you know you want to find the function and then you basically want to you know so these are function these are all functions so any of these functions could work how we intend to do a code injection based off of right so after taking around I found that update is the one I was interested in for what I'm going to try to do here so you can right click on that method and you can sage it and it will take you and the memory viewer and the disassembler here it will take you to the beginning of that method or function okay and so what you can do then is look at the fields up here and say well I'm interested in which one here well I want to see if I can just enable it or disable it lights which sounds pretty good on off one zero right light switch and another cue to let me know I'm on the right track here is its type system dot boolean true or false one or zero that's sounding pretty good so what might I want to do here I might want to look for offset eighteen somewhere in this function and some functions are massive you know this can take you a lot of time to go through but you could try to find something in break and trace or see like you know find out what addresses this instruction accesses and see what values are there so you know you can get a lot of information by looking at registers and doing break and trace yeah so anyway so starting here I started looking down for anything with offset 18 mentioned in it and I came across this EDI plus 18 right and look what's happening here it's a move instruction where one is being moved into here that looks pretty good to me because this is a boolean so we're looking for 1 or 0 presumably one might mean turn on the glow and here we have a conditional right that's jumping over that so how could we test that let's try not being the jump let's get rid of the jump and let control flow just go straight to here so I'm gonna go replace with code that does nothing watch the ball over there all right boom all right and there's glow it's on so perfect you know like how might I have found my way to that otherwise yeah I could have done searches unknown value you know possibly start with 0 and 1 for exact value hoping for it to be a boolean maybe you know all those ways instead of doing that I came through here and did this right so I'm gonna restore with original code and see what happens all right it's still on it's still glowing so if we were to write a cheat to try to just get rid of that jump and then replace the jump that wouldn't be good enough for turning glow on and disabling it so what do we need to do well let's go ahead and replace with code that does nothing again let's try having zero B written here and let's see what happens and the ball turns off now we could say restore with original code try to put this a1 back in there go okay and we have restored how this was before we came along and started fussing with it all right so now with that I'm ready to try to make a cheat based on this so I am going to go here and well no pecks I'm gonna go tools Auto assemble all right and if you wanted to give others this cheat and you wanted to reference things by names like this and you definitely wanted it to work you want to enable or have cheat engine enable its mono features activate mono features so how do we do that you can do that from within the script so the approach I ended up taking was creating a header script or a parent script and then a child script so the child script will enable and disable the glow the parent of that scripts will take care of restoring this to what it should be all right so I'm just gonna go ahead and go define ball glow ba glow dot update I'm sorry all glow : update plus 22 because I'm gonna base my cheat off of right here this jump right alright and then I'm gonna go enable just a bowl here and the first thing I'm gonna tell the Auto assembler here is we're speaking Lua now alright so what you can do is say launch mono data collector and this is going to if the if you enable this script here it is the equivalent of going to tools and I'm sorry mono activate mono features that's all it's going on here so now we're gonna switch back to assembly all right and I'm gonna register a symbol that can be used outside of the script I'm gonna be using this and the child script all right register symbol ball glow I'm also gonna create a label and now I'm going to say under disable ball glow DB let's see whoops DB when I disable this I want this instruction I want these bytes to be written back what they are so seven four zero four C six four seven one eight zero one all right so now I'm gonna go file assigned to current sheet table whoops line seven label ball glow label ball glow is not defined oh yeah sorry I'm gonna have to do this ball glow def for definition ball glow deaf and under here will go ball glow and we'll just make it to where even when you enable it it's gonna write just the same bytes that are there file assigned to current sheet table okay so now as a frame of reference I'll just keep this here and I'm going to create the child script now so enable/disable and here what I want to do is assert I'm gonna make an assert here and four-ball glow alright so what I'm gonna do here is for the enable I'm going to make it to where this jump here is nopt and for enable this one will be changed well it'll remain one however when we disable it I'm gonna have this become zero and I'm going to keep these knobs alright so that will allow us to enable it and disable it the header or the parent script that I have here the disable of this will write these bytes back to what they should be so in my assert here since this anytime I enable or disable this this is going to be 1 or 0 I don't want to add that in my served also since this jump is going to be nopt or not I don't want to include these two bytes so we'll go ball glow which we know is this from our define here all right so one two so ball glow +2 we're gonna go see six four seven one eight alright and then we're gonna go Volvo DB 9 0 9 0 C 6 4 7 1 8 0 or 1 ok copy that paste it here and we're just gonna say 0 0 for disabled and then don't need all that file assigned to current sheet table alright so this one is enable me first I'll pop this under there and I'll say ball hello enable disable and right click here group config hi children when deactivated I like to do that all right so when I enable this we should see nothing change here all right but this drops down now whenever I click this we should see these two bytes knop and that's gonna be it initially but the ball should glow there we go so now when I disable it this one this byte should change to zero there we go and the ball is off so now we can enable/disable turn the ball on turn it off right and now we can disable the whole script the whole thing and everything is back to the way it was now you could also do this and then disable the script and it's gonna write it back to the way it was and it's stuck like how we initially did it but all you got to do is that disable this and disable that and everything is fine so yeah that's just a quick and dirty digging in to see kind of how you do all this now a lot of this other stuff like unity engine dot UI if you need to see how something in here works maybe that's where you can go through the documentation in unity unity engine UI go through the classes see what things are how they work blah blah blah so it can get pretty in-depth but other times you can find your way to what you want to pretty quickly by doing this so I hope that was a satisfactory sort of introduction into this it's not by any means comprehensive but go ahead and start messing around with it have some fun screw some stuff up and maybe find your way to something that you want to make happen if you enjoyed the video give me a thumbs up share it with other people if you think they would enjoy seeing it and if you're not subscribed yet go ahead and subscribe make sure to check out my other two ninja videos so thanks so much for watching and I'll see you on the next video take care