Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


[REL]Halo PC Checksum Bypass / Change Map Folder Patch

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
smx
Newbie cheater
Reputation: 0

Joined: 02 Sep 2012
Posts: 13
PostPosted: Sun Aug 04, 2013 5:54 pm    Post subject: [REL]Halo PC Checksum Bypass / Change Map Folder Patch Reply with quote
This allows you to hex-edit halo.exe without having the Checksum Error.
I use this to be able to change the "maps" folder to "mods" (same 4 character string).

To use this you need to hex-edit halo.exe, and change the function that does the checksumming so that it returns always 0 (good checkum) instead of 1 (bad checksum)

Here is the comparison between the unpatched one (left) and the patched one (right), so you can hex-edit your exe (i can't upload patched exe).
Code:
00141651: 0F 90
00141652: 85 90
00141653: 7A 90
00141654: FF 90
00141655: FF 90
00141656: FF 90
0014166B: 94 95


00141651: jne 005415D1 --> nop, nop, nop, nop, nop, nop
0014166B: setz al --> setnz al

If the checksum is good al is set to 1, else is set to 0
The jump is taken if a check fails (the checksum check is the last of a series of checks. Anyway, this fails when halo.exe is hex-edited). This happens then: xor al,al.
This means al becomes 0, and we don't want it, so we nop the jump out.
Then al is still 0, because there is an opcode before it, repe cmpsb

According to http faydoc.tripod . com/cpu/cmpsb . htm (can't post urls yet Sad)
Compares byte at address DS:(E)SI with byte at address ES:(E)DI and sets the status flags accordingly.

This means ESI contains our checksum, and EDI contains the expected one.
The expected one is "WIRTSMSZ" --> 57 49 52 54 53 4D 53 5A.

The instruction setz al, which follows the string compare, set al to 1 (good) if the comparison returned 0 (equal strings).

So, we change it to setnz al, and will always work, because applying the hex patch above makes the checksum change.


The "maps" string is located at 0025FD7C and 0025FE30. YOu can change it to "mods", like i did. Anyway, you must use max 4 characters.

With this approach i have:
halo.exe --> reads maps folder
halo-mods.exe --> reads mods folder
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites