 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Betcha
Expert Cheater
 Reputation: 4
Joined: 13 Aug 2015
Posts: 232
Location: Somewhere In Space
|
 Posted: Sun Dec 06, 2015 8:58 am Post subject: Teleporting To The Fixed Place?! |
 |
|
Hello..
Wondering how can i try to make teleport to the place where i target/aim with Dot?
(Something like This ---> Click Me)
Dot? - In the game's middle of the screen have Dot(same as in Cs 1.6 middle of the screen have crosshair)
Found already my character coordinates and camera coordinates,
but didn't really found way, how to use them to teleport on some fixed places...
(only if i writed down the coordinates and enter them manually)
Tried to do the scans when move dot to the close/far items..
(With increased/decreased ends up with 0 results)
(With changed/unchanged ends up with thousands of results,
where from i didn't really found anything that i can use  )
Thank you already for any Help or Idea..
Last edited by Betcha on Sun Dec 06, 2015 10:22 am; edited 2 times in total |
|
| Back to top |
|
 |
grtnd
Newbie cheater
![]() Reputation: 0
Joined: 29 Nov 2015
Posts: 14
|
| Posted: Sun Dec 06, 2015 9:51 am Post subject: |
|
|
Not sure what you mean by "Dot" thu.
if you want to make a teleport hack the primary reqirement is converting aim angles to positions, and this requires raycasting with the collision model ingame. 99% of fps games has a raycasting function somewhere in it's code so it's best to use it instead of writing your own because in assembly, that would be a nightmare.
find the raycasting function(s)
bind a hotkey to your trigger, fetch your aimangles and positions and run them through the raycast. then just update your positions to the values you're given from the raycast.
if you're looking for the "Dot" effect (althrough it looks more like a light flash than a dot), do the same as above with raycasting, but without a trigger and instead of modifying your positions, place a light on the point given by the raycast.
|
|
| Back to top |
|
|
Betcha
Expert Cheater
Reputation: 4
Joined: 13 Aug 2015
Posts: 232
Location: Somewhere In Space
|
| Posted: Sun Dec 06, 2015 10:37 am Post subject: |
|
|
| grtnd wrote: | | Not sure what you mean by "Dot" thu. |
| Betcha wrote: | | Dot? - In the game's middle of the screen have Dot(same as in Cs 1.6 middle of the screen have crosshair) |
English isn't my language, maybe i describe something wrong.. Anyways....
| grtnd wrote: | | find the raycasting function(s) |
How?
| grtnd wrote: | | if you're looking for the "Dot" effect (althrough it looks more like a light flash than a dot) |
In game i play have DOT IN THE MIDDLE OF THE SCREEN (same as in Cs 1.6 middle of the screen have crosshair)
I dont care that light!
Video was just a main idea about what i want to make...
Teleport to place where you aim at....
|
|
| Back to top |
|
|
grtnd
Newbie cheater
![]() Reputation: 0
Joined: 29 Nov 2015
Posts: 14
|
| Posted: Sun Dec 06, 2015 10:52 am Post subject: |
|
|
| Betcha wrote: | | grtnd wrote: | | Not sure what you mean by "Dot" thu. |
| Betcha wrote: | | Dot? - In the game's middle of the screen have Dot(same as in Cs 1.6 middle of the screen have crosshair) |
English isn't my language, maybe i describe something wrong.. Anyways....
| grtnd wrote: | | find the raycasting function(s) |
How?
| grtnd wrote: | | if you're looking for the "Dot" effect (althrough it looks more like a light flash than a dot) |
In game i play have DOT IN THE MIDDLE OF THE SCREEN (same as in Cs 1.6 middle of the screen have crosshair)
I dont care that light!
Video was just a main idea about what i want to make...
Teleport to place where you aim at.... |
you'd have to go to great lengths to call that a dot, dot's are usally small solid circles with no effect to them, those things are big light sources.
you can just also say "where i'm aiming at" so you don't have to switch between saying "Dot" and "Crosshair"
|
|
| Back to top |
|
|
Betcha
Expert Cheater
Reputation: 4
Joined: 13 Aug 2015
Posts: 232
Location: Somewhere In Space
|
| Posted: Sun Dec 06, 2015 11:04 am Post subject: |
|
|
| Betcha wrote: | | English isn't my language, maybe i describe something wrong.. Anyways.... |
| grtnd wrote: | | find the raycasting function(s) |
|
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Sun Dec 06, 2015 5:38 pm Post subject: |
|
|
Learn how to write a simple teleport script first, then the rest becomes a lot easier.
Hint: find player coordinates and reticle coordinates the same way...in the same, 3-dimensional space.
|
|
| Back to top |
|
|
akumakuja28
Master Cheater
 Reputation: 16
Joined: 28 Jun 2015
Posts: 432
|
| Posted: Sun Dec 13, 2015 3:57 pm Post subject: |
|
|
| Code: | { Game : Darksiders2.exe
Version:
Date : 2015-12-12
Author : Akumakuja
This script does stores and teleports character
}
[ENABLE]
aobscanmodule(Aim_Teleport_ret,Darksiders2.exe,F3 41 0F 11 9E F0 04 00 00) // should be unique
alloc(newmem,$1000,"Darksiders2.exe"+46B17D)
alloc(Aiming_Stats,8) // 8 Bytes for one register
registersymbol(Aiming_Stats)
alloc(Register_Storing_Aim,16) // 16 Bytes For 2 Register Stores
registersymbol(Register_Storing_Aim)
alloc(Stored_Aim,12) // 12 Bytes For Map X,Y,Z
registersymbol(Stored_Aim)
label(code)
label(1st_Person_Check)
label(Button_Check)
label(Store_Aiming_Stats)
label(Teleport_To_Location_Stored)
label(Restoring_Registers)
label(originalcode)
label(return)
newmem:
code:
pushf // Storing/Push Flags On Stack
Mov [Aiming_Stats],r14d // Start of Aiming Stats
1st_Person_Check:
cmp [r14+8],7 // Comparing For Aim Mode
je Button_Check
jne originalcode // Jumps Out if not in aim mode
Button_Check:
mov [Register_Storing_Aim+8],RDX // Equivalent To Push, but This Game Hates Push Pops
mov [Register_Storing_Aim],RAX
// RDI Is Deaths Stat/Controller Input Also
mov rcx,[rdi+a9b] // Moving L1 Button Into RCX
cmp cl,1 // Comparing Lower Byte Of RCX For Button Push
je Store_Aiming_Stats // IF L1 is pressed Store Aiming Stats
mov rax,[rdi+a99] // Moving L2 Button Into RAX
cmp al,1 // Comparing Lower Byte Of RAX For Button Push
je Teleport_To_Location_Stored
jne originalcode
// https://msdn.microsoft.com/en-us/library/windows/hardware/ff561499(v=vs.85).aspx // Register Reference
Store_Aiming_Stats:
//Xmm3,4,5 Are the GAMES stored values for Aimed Locations
movss [Stored_Aim],xmm3 // X map Value
movss [Stored_Aim+4],xmm4 // Y map Value
movss [Stored_Aim+8],xmm5 // Z map Value
jmp Restoring_Registers
Teleport_To_Location_Stored:
cmp [Stored_Aim],0 // Check to make sure values have been stored
je originalcode // Jump to originalcode if no value been Stored
movss xmm15,[Stored_Aim]
movss [rdi+2f0],xmm15 // Character X Value
movss xmm15,[Stored_Aim+4]
movss [rdi+2f4],xmm15 // Character Y Value
movss xmm15,[Stored_Aim+8]
movss [rdi+2f8],xmm15 // Character Z Value
xorps xmm15,xmm15 // Clearing xmm15
jmp Restoring_Registers
Restoring_Registers:
mov [Register_Storing_Aim],RAX // Poping/Restoring Register
mov [Register_Storing_Aim+8],RDX // Poping/Restoring Register
jmp originalcode
originalcode:
popf // Restoring Flags
movss [r14+000004F0],xmm3 // xmm3 is Value of Aim X
jmp return
Aim_Teleport_ret:
jmp code
nop
nop
nop
nop
return:
registersymbol(Aim_Teleport_ret)
[DISABLE]
Aim_Teleport_ret:
db F3 41 0F 11 9E F0 04 00 00
unregistersymbol(Aim_Teleport_ret)
dealloc(newmem)
dealloc(Aiming_Stats)
unregistersymbol(Aiming_Stats)
dealloc(Register_Storing_Aim)
unregistersymbol(Register_Storing_Aim)
dealloc(Stored_Aim)
unregistersymbol(Stored_Aim)
{
// ORIGINAL CODE - INJECTION POINT: "Darksiders2.exe"+46B17D
"Darksiders2.exe"+46B14B: F3 0F 10 5C 24 70 - movss xmm3,[rsp+70]
"Darksiders2.exe"+46B151: F3 0F 10 64 24 74 - movss xmm4,[rsp+74]
"Darksiders2.exe"+46B157: F3 0F 10 6C 24 78 - movss xmm5,[rsp+78]
"Darksiders2.exe"+46B15D: F3 0F 11 65 A4 - movss [rbp-5C],xmm4
"Darksiders2.exe"+46B162: F3 0F 11 5D A0 - movss [rbp-60],xmm3
"Darksiders2.exe"+46B167: F3 0F 11 6D A8 - movss [rbp-58],xmm5
"Darksiders2.exe"+46B16C: EB 0F - jmp Darksiders2.exe+46B17D
"Darksiders2.exe"+46B16E: F3 0F 10 6D A8 - movss xmm5,[rbp-58]
"Darksiders2.exe"+46B173: F3 0F 10 65 A4 - movss xmm4,[rbp-5C]
"Darksiders2.exe"+46B178: F3 0F 10 5D A0 - movss xmm3,[rbp-60]
// ---------- INJECTING HERE ----------
"Darksiders2.exe"+46B17D: F3 41 0F 11 9E F0 04 00 00 - movss [r14+000004F0],xmm3
// ---------- DONE INJECTING ----------
"Darksiders2.exe"+46B186: F3 41 0F 11 A6 F4 04 00 00 - movss [r14+000004F4],xmm4
"Darksiders2.exe"+46B18F: F3 41 0F 11 AE F8 04 00 00 - movss [r14+000004F8],xmm5
"Darksiders2.exe"+46B198: 41 8B 86 98 04 00 00 - mov eax,[r14+00000498]
"Darksiders2.exe"+46B19F: 41 89 86 9C 04 00 00 - mov [r14+0000049C],eax
"Darksiders2.exe"+46B1A6: 45 88 BE 20 05 00 00 - mov [r14+00000520],r15l
"Darksiders2.exe"+46B1AD: 44 38 BF AC 0A 00 00 - cmp [rdi+00000AAC],r15l
"Darksiders2.exe"+46B1B4: 74 2A - je Darksiders2.exe+46B1E0
"Darksiders2.exe"+46B1B6: 48 8B 97 B0 0A 00 00 - mov rdx,[rdi+00000AB0]
"Darksiders2.exe"+46B1BD: 48 85 D2 - test rdx,rdx
"Darksiders2.exe"+46B1C0: 74 1E - je Darksiders2.exe+46B1E0
} |
Seen your post the other day and decided to write this up right quick. I might start writing tutorials for some of the more intermediate stuff like this.
Granted the game is for Darksiders 2 but the logic and setup will work for any game.
You will need
- Player Coordinates
- Button/Input Press Pointers (Almost Always Stored in Player's Dynamic Memory)
- Camera's "DOT"/"Aim" Map Location
- And a lotta toggle breakpoint
You will notice I PUSHed flags but didnt PUSH registers. This is just my way of dealing with games that
disagree with push pops.
I never seem to have issues with putting flags on the stack but registers in 64-Bit almost always results in a crash.
I attached a Table for just this code so you can analyze further.
| Description: |
|
Download |
| Filename: |
Aim_Teleport.CT |
| Filesize: |
10.83 KB |
| Downloaded: |
705 Time(s) |
_________________
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
