|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
DarkPaladin How do I cheat? Reputation: 0
Joined: 16 Aug 2016 Posts: 6
|
Posted: Mon Dec 25, 2017 11:07 pm Post subject: dumb xor custom type |
|
|
Hello, guys!
I have been reading the topic on hacking Might & Magic Heroes VI:
Code: | http://forum.cheatengine.org/viewtopic.php?t=569877&start=15&sid=b7ebf5e8e448d86d562af4623b8a3110 |
(sorry for that, can't post URLs yet).
DarkByte mentions in a post that one could 'cheat' on this a bit by using the "dumb xor" custom type, but the URL provided is no longer working.
Can anyone help me with this custom type?
Thanks in advance!
|
|
Back to top |
|
|
FreeER Grandmaster Cheater Supreme Reputation: 53
Joined: 09 Aug 2013 Posts: 1091
|
Posted: Tue Dec 26, 2017 9:15 am Post subject: |
|
|
page loaded for me
Geri wrote: | Earlier (before the forum crash), Dark Byte posted a "Dumb XOR Algorithm" (as he called it) which is helpful for searching for encrypted values in this game. You need to add it as a custom scan type then you can find gold and other encrypted values with it.
This algorithm was made for games that are using the same type of encryption that HOMM6, where the 2 values are right after each other.
Code: |
alloc(TypeName,256)
alloc(ByteSize,4)
alloc(ConvertRoutine,1024)
alloc(ConvertBackRoutine,1024)
TypeName:
db 'Dumb XOR Algoritm',0
ByteSize:
dd 8 //4 byte real value and 4 byte encryption key right after it
//The convert routine should hold a routine that converts the data to an integer (in eax)
//function declared as: stdcall int ConvertRoutine(unsigned char *input);
//Note: Keep in mind that this routine can be called by multiple threads at the same time.
ConvertRoutine:
//jmp dllname.functionname
[64-bit]
//or manual:
//parameters: (64-bit)
//rcx=address of input
mov eax,[rcx] //eax now contains the bytes 'input' pointed to
xor eax,[rcx+4]
ret
[/64-bit]
[32-bit]
//jmp dllname.functionname
//or manual:
//parameters: (32-bit)
push ebp
mov ebp,esp
//[ebp+8]=input
//example:
push ebx
mov ebx,[ebp+8] //place the address that contains the bytes into eax
mov eax,[ebx] //place the bytes into eax so it's handled as a normal 4 byte value
xor eax,[ebx+4]
pop ebx
pop ebp
ret 4
[/32-bit]
//The convert back routine should hold a routine that converts the given integer back to a row of bytes (e.g when the user wats to write a new value)
//function declared as: stdcall void ConvertBackRoutine(int i, unsigned char *output);
ConvertBackRoutine:
//jmp dllname.functionname
//or manual:
[64-bit]
//parameters: (64-bit)
//ecx=input
//rdx=address of output
//example:
xor ecx,[rdx+4]
mov [rdx],ecx //place the integer the 4 bytes pointed to by rdx
ret
[/64-bit]
[32-bit]
//parameters: (32-bit)
push ebp
mov ebp,esp
//[ebp+8]=input
//[ebp+c]=address of output
//example:
push eax
push ebx
mov eax,[ebp+8] //load the value into eax
mov ebx,[ebp+c] //load the address into ebx
xor eax,[ebx+4]
mov [ebx],eax //write the value into the address
pop ebx
pop eax
pop ebp
ret 8
[/32-bit]
|
|
It literally just xors the address with the next 4 bytes in memory.
|
|
Back to top |
|
|
DarkPaladin How do I cheat? Reputation: 0
Joined: 16 Aug 2016 Posts: 6
|
Posted: Tue Dec 26, 2017 4:54 pm Post subject: |
|
|
Thanks a lot, FreeER. I would like to quote you, but I am still learning to do so. Sorry about that.
It worked perfectly. However, what I really want is to, somehow, change the amount of experience of Dynasty Weapons... do you have any knowledge on how to do so?
I want this in order to correct a glitch.
Nevertheless, thank you very much!
Have a nice day.
|
|
Back to top |
|
|
FreeER Grandmaster Cheater Supreme Reputation: 53
Joined: 09 Aug 2013 Posts: 1091
|
Posted: Tue Dec 26, 2017 5:10 pm Post subject: |
|
|
No reason to quote it lol, no one else has responded so far nor have I mentioned more than 1 thing for you to reply to separately
Afraid I don't know anything about Might & Magic Heroes VI however.
|
|
Back to top |
|
|
DarkPaladin How do I cheat? Reputation: 0
Joined: 16 Aug 2016 Posts: 6
|
Posted: Wed Dec 27, 2017 4:05 pm Post subject: |
|
|
I see. Thanks a lot for you help and for your availability and willingness to help.
Again, thank you very much.
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|