View previous topic :: View next topic |
Author |
Message |
sandokhan How do I cheat? Reputation: 0
Joined: 01 Oct 2008 Posts: 4
|
Posted: Wed Oct 01, 2008 5:14 pm Post subject: Need help..How to hack Cinema Tycoon 2 Movie Mania |
|
|
i downloaded this game from reflexive (reflexive games)
32mb game.
im need furher assist to hack the money value
i stuck at opcodes.
mov [esi+10],eax
what now to do?
st dword ptr [esi+14]
call 00539abc
mov ecx,[esp+10]
push ecx
*above mov [esi+10],eax*
-------------------------------------
i cant send captured screen pic sorry..
would nice if someone could help..it would be a great tutorial for beginners like me.
dont want a trainer..i want learn.
Thanks!
|
|
Back to top |
|
|
Labyrnth Moderator Reputation: 9
Joined: 28 Nov 2006 Posts: 6285
|
Posted: Wed Oct 01, 2008 7:45 pm Post subject: |
|
|
00412355 - 89 46 10 - mov [esi+10],eax
eax would be something to mess with since it holds the cash value after you spend money.
So one thing you can do is make eax what you want before the instruction is passed.
mov eax,5F5E0FF
mov [esi+10],eax
5F5E0FF would equal $99,999,999
Here is your patch code to make the demo full version game.
===========================================
004053AD 75 0E JNZ SHORT CinemaTy.004053BD
_________________
|
|
Back to top |
|
|
sandokhan How do I cheat? Reputation: 0
Joined: 01 Oct 2008 Posts: 4
|
Posted: Thu Oct 02, 2008 2:56 am Post subject: |
|
|
Labyrnth wrote: | 00412355 - 89 46 10 - mov [esi+10],eax
eax would be something to mess with since it holds the cash value after you spend money.
So one thing you can do is make eax what you want before the instruction is passed.
mov eax,5F5E0FF
mov [esi+10],eax
5F5E0FF would equal $99,999,999
Here is your patch code to make the demo full version game.
===========================================
004053AD 75 0E JNZ SHORT CinemaTy.004053BD |
i try it but game crashes
also step by step..
i must click auto assemble at memory Viewer...Code injection
at address 00412355 mov [esi+10],eax
now.. there are already:
originalcode:
*********** write here?
mov [esi+10],eax
mov [esi+08],edi << and delete this?
|
|
Back to top |
|
|
Labyrnth Moderator Reputation: 9
Joined: 28 Nov 2006 Posts: 6285
|
Posted: Thu Oct 02, 2008 5:20 pm Post subject: |
|
|
Example:*The code you have found is for decrease in cash. The code that handles increase in cash is : Code :00412348 - d9 56 14 - fst dword ptr [esi+14] So if you look right above the code you found you will see this after a call.
Also the in game cash is completely different then the cash you have in the menu to upgrade with.
*This script does alter game a bit so you can see how to do it. But it is too high in cash to show it in the window. Altho you can see it change on the address at the time.
It will help you understand how to do a injection for the most part using allocated memory. There are other ways to write the script as well defining your own cave and such. You can see examples of this by looking at a thread called .:[Beginner]:. Insight on CE Scripts also others have written several great examples for using aa scripts.
Code: | [ENABLE]
alloc(newmem,2048) //2kb should be enough
label(returnhere)
label(originalcode)
label(exit)
00412355:
jmp newmem
nop
returnhere:
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
mov eax,6363
mov [esi+10],eax
mov [esi+08],edi
originalcode:
//mov [esi+10],eax
//mov [esi+08],edi
exit:
jmp returnhere
[DISABLE]
00412355:
mov [esi+10],eax
mov [esi+08],edi
dealloc(newmem) |
_________________
|
|
Back to top |
|
|
sandokhan How do I cheat? Reputation: 0
Joined: 01 Oct 2008 Posts: 4
|
Posted: Fri Oct 03, 2008 12:35 pm Post subject: |
|
|
Thanks Labyrnth you are great
but i think i do anything wrong..does this opcode work at your game,Labyrnth?
---
can you send CT table or trainer so i can look at it.
thanks for your helps good friend and master
|
|
Back to top |
|
|
duduylicous How do I cheat? Reputation: 0
Joined: 05 Sep 2007 Posts: 4
|
Posted: Thu Oct 09, 2008 8:52 am Post subject: |
|
|
just asking... everytime i do it it crash.... it always stop... is there any possible way to hack this game? thank you guys!
|
|
Back to top |
|
|
Psy Grandmaster Cheater Supreme Reputation: 1
Joined: 27 Mar 2008 Posts: 1366
|
Posted: Thu Oct 09, 2008 1:07 pm Post subject: |
|
|
Search for text values...
|
|
Back to top |
|
|
sandokhan How do I cheat? Reputation: 0
Joined: 01 Oct 2008 Posts: 4
|
Posted: Fri Oct 10, 2008 9:35 am Post subject: |
|
|
finaly it works
i soon will make a trainer for it .
i thought i searched with text value ..but sure i havent
3 addres have to be patched and this will be added as beginnig cash
and this is before the call
thanks for your helps friends.
|
|
Back to top |
|
|
Psy Grandmaster Cheater Supreme Reputation: 1
Joined: 27 Mar 2008 Posts: 1366
|
Posted: Fri Oct 10, 2008 9:45 am Post subject: |
|
|
Glad it worked. People just overlook it...
|
|
Back to top |
|
|
dani4925 Newbie cheater Reputation: 0
Joined: 26 Sep 2008 Posts: 13
|
Posted: Fri Oct 17, 2008 12:56 am Post subject: |
|
|
sandokhan wrote: | finaly it works
i soon will make a trainer for it .
i thought i searched with text value ..but sure i havent
3 addres have to be patched and this will be added as beginnig cash
and this is before the call
thanks for your helps friends. |
finally I'v got my activation and now I can write...
I have watching this posts for Cinema Tycon 2 and I have tried all the variants and still crushing... please send me more details about the hacking the money... pleas...
please give some details about hacking the money for Cinema Tycoon 2
|
|
Back to top |
|
|
random5566 Advanced Cheater Reputation: 0
Joined: 28 Feb 2008 Posts: 82
|
Posted: Wed Oct 22, 2008 10:23 am Post subject: |
|
|
Just tried the AA script Labrynth provided, and I am sorry to say it does not work. Maybe the demo version differs from the full version (I have installed), but that can't be right, the addresses mentioned all seem to contain the same instructions, the script just doesn't work...?
By the way, how did you guys search for the money address. I tried everything and I mean every single scan type. From 4 byte to float to even text, searching for exact value, and unknown value, and I get nothing.
I did get some results with a 4 byte scan, initially searching for an unknown value. Then I went to the snack bar, bought a little pop corn ($2.00 worth), then did a next scan for an increased value. Repeated this until I had like 43 addresses, by trial and error (freezing each address), managed to find a value that freezes the cash amount. But after a while the value no longer works. I found out what wrote to that address and the results showed three instructions whenever the cash decreases :
7c902f3b - 89 03 - mov [ebx],eax
7c9106c3 - 88 47 06 - mov [edi+06],al
00472165 - 88 14 0e - mov [esi+ecx],dl
Also tried, finding the green address, base pointer address, failed. This game is pyscho hard to train.
Last edited by random5566 on Wed Oct 22, 2008 11:03 am; edited 1 time in total |
|
Back to top |
|
|
Psy Grandmaster Cheater Supreme Reputation: 1
Joined: 27 Mar 2008 Posts: 1366
|
Posted: Wed Oct 22, 2008 10:37 am Post subject: |
|
|
Oh my god! The script he provided was an example of an AA-script. Those instructions are none-existent in this app from what I can tell... And I believe the game stores the varibale as text.
|
|
Back to top |
|
|
random5566 Advanced Cheater Reputation: 0
Joined: 28 Feb 2008 Posts: 82
|
Posted: Wed Oct 22, 2008 10:43 am Post subject: |
|
|
WTF???!!!???? How was I suppose to know it was an example and not a real script?! Haha
Still it doesn't change the fact that this game is unbelievably hard to train. I'm not suprised there aren't any trainers out there for this game. How do you know it stores the cash value as text? I've searched using text, no results, is it encrypted?
Edit : It's not text. I'm pretty sure, if it is text, it's encrypted.
|
|
Back to top |
|
|
Labyrnth Moderator Reputation: 9
Joined: 28 Nov 2006 Posts: 6285
|
Posted: Wed Oct 22, 2008 11:06 am Post subject: |
|
|
You have to be in the correct process to get results on your scans.
extention .rwg if i remember is the one you need to attach CE to.
Or just use a filter and attach to the active window.
And when scanning for money, do it while in the menu of the game where you buy and sell.
The AA script is an example.
Also, all of the games on reflexive and big fish are the full version games.
_________________
|
|
Back to top |
|
|
random5566 Advanced Cheater Reputation: 0
Joined: 28 Feb 2008 Posts: 82
|
Posted: Wed Oct 22, 2008 11:34 am Post subject: |
|
|
No go Labrynth, I have the non-reflexive version, the only process I can attach to is CinemaTycoon2MovieMania.exe, there's no *.RWG to attach to. I think the non-reflexive version is harder to hack.
|
|
Back to top |
|
|
|