View previous topic :: View next topic |
Author |
Message |
Archezuli Advanced Cheater Reputation: 0
Joined: 28 Oct 2019 Posts: 58
|
Posted: Wed Nov 13, 2019 12:07 pm Post subject: |
|
|
Dude holy shit. I feel like the greatest fucking hacker in the history of mankind right now holy fuck...
I realized what was wrong with the Scripts... and then I fixed it... AND NOW IT WORKS!!!!
WOOOOHOOOOOOOOOOOOOOO!!!!!!! \o/
(Now what do I do lol)
|
|
Back to top |
|
|
DanyDollaro Master Cheater Reputation: 3
Joined: 01 Aug 2019 Posts: 334
|
Posted: Wed Nov 13, 2019 1:23 pm Post subject: |
|
|
Congratulations , now if your script works you should have the address registered on the "Address" symbol, just add it to the cheat table
|
|
Back to top |
|
|
Archezuli Advanced Cheater Reputation: 0
Joined: 28 Oct 2019 Posts: 58
|
Posted: Wed Nov 13, 2019 2:15 pm Post subject: |
|
|
I do and I already did lol
It was already set even yesterday before I tried it XD
Now what...? :D
|
|
Back to top |
|
|
DanyDollaro Master Cheater Reputation: 3
Joined: 01 Aug 2019 Posts: 334
|
Posted: Wed Nov 13, 2019 2:39 pm Post subject: |
|
|
should I know? you asked for a method to get the address of life and now you have it.
Ps: to have the maximum life or current life (I do not know what data you have obtained with that script) add to the table the following address: or
in case none of the 2 values obtained points on the current/maximum life then that is not the correct address.
|
|
Back to top |
|
|
Archezuli Advanced Cheater Reputation: 0
Joined: 28 Oct 2019 Posts: 58
|
Posted: Wed Nov 13, 2019 3:17 pm Post subject: |
|
|
Oh.... err.... maybe you are a bit lost... sorry... ._.
Well, the script shows me everything that OPcode accesses... and keeps spazzing between them (The health trio I talked to you about earlier)
But uhhh... now I guess I still need to find out how to separate them...? 0.o
I can't really do anything to the "Address" address with it spazzing like that... I even tried changing its value but it did nothing to it... ._.
How can I separate the addresses now...? so I can actually mess with them whenever needed...? '-'
|
|
Back to top |
|
|
DanyDollaro Master Cheater Reputation: 3
Joined: 01 Aug 2019 Posts: 334
|
Posted: Wed Nov 13, 2019 4:23 pm Post subject: |
|
|
You could dissect the data structure, if I understood some of these addresses are yours while the others are bots, you would just need to find a particular value in the data structure and use that to separate the bots from the player.
|
|
Back to top |
|
|
Archezuli Advanced Cheater Reputation: 0
Joined: 28 Oct 2019 Posts: 58
|
Posted: Wed Nov 13, 2019 5:16 pm Post subject: |
|
|
Negative.
Both health addresses are mine.
One is for my player character, Archezuli, and the other one is for my Skell.
Skells are rideable Mechs. one of the game's main features.
(And pretty much the N°1 reason why I utterly adore this game so fucking much and want so desperately to be able to learn to Cheat it to find more cool ways to play and things to do and stuff.)
The other one is the misterious 0 I talked about earlier.
At first I thought it was the value used by the game to store the HP of enemies when I enter battle.
I tested that theory.
It did not work.
I poked with it, tried to set it big, set it bigger, set it back to 0.
At no point I noticed any changes in any of mine or my Skell's stats
Thus, what this value is remains a mistery to me.
I could tell the value from my Skell shortly after I first found those 3 values. Since I can check its HP easily by just entering it.
However, even dissecting values... is there anything I could check for to be able to tell what separates that 0 from the rest?
And after dissecting them... what do I do?
Also that reminds me...
I have played with that function before, but one thing still remains for me to figure out. maybe a more experienced cheater|hacker|programmer like you could help me.
What would be the best starting offset to compare the structure of those addresses? Do I subtract them by any specific number? round them all to end in 0000? just compare them as-is...?
|
|
Back to top |
|
|
DanyDollaro Master Cheater Reputation: 3
Joined: 01 Aug 2019 Posts: 334
|
Posted: Wed Nov 13, 2019 5:25 pm Post subject: |
|
|
To understand what that 0 is for you can keep an open debugger to see what it reads on that value.
There is no better offset than another, the important thing is that the pointed value is unique for that structure, it is identical to the Cheat engine step N.9 (I refer to the tutorial), you only need to compare 2 - 3 structures
|
|
Back to top |
|
|
Archezuli Advanced Cheater Reputation: 0
Joined: 28 Oct 2019 Posts: 58
|
Posted: Wed Nov 13, 2019 5:32 pm Post subject: |
|
|
Ahhhhh okay gotcha. That makes sense, thanks.
As for the 0, by "keep an open debugger" you mean leave open and running a 'what accesses this address" window on the address in the list? or leave a breakpoint set (F5) on the disassembler's address? ...or something else?
|
|
Back to top |
|
|
DanyDollaro Master Cheater Reputation: 3
Joined: 01 Aug 2019 Posts: 334
|
Posted: Wed Nov 13, 2019 5:40 pm Post subject: |
|
|
i mean this Quote: | you mean leave open and running a 'what accesses this address" window on the address in the list |
you can also use the second method, but in my opinion the first one is more comfortable in this case.
|
|
Back to top |
|
|
Archezuli Advanced Cheater Reputation: 0
Joined: 28 Oct 2019 Posts: 58
|
Posted: Wed Nov 13, 2019 9:12 pm Post subject: |
|
|
Heyo!
Just wanted to say, I tried everything I could think of to trigger one of the zeroes...
Nothing worked.
I give up...
Unfortunately my day ended before I could do much more, but I wanted to ask before going to sleep,
After I find a different value between the data struc of me and my Skell, what do I do with it?
|
|
Back to top |
|
|
DanyDollaro Master Cheater Reputation: 3
Joined: 01 Aug 2019 Posts: 334
|
Posted: Thu Nov 14, 2019 2:31 am Post subject: |
|
|
I said that it is the same and identical to step N.9 of the Cheat Engine tutorial, you have to do the same steps.
|
|
Back to top |
|
|
Archezuli Advanced Cheater Reputation: 0
Joined: 28 Oct 2019 Posts: 58
|
Posted: Thu Nov 14, 2019 4:21 am Post subject: |
|
|
Oooooopohhhh!
Okay sorry! I thought you were talking just about the offsets question when you said that... my bad... XD
I'm gonna have to watch it again... lol
My memory sucks bigtime, so I already forgot most of it... lol
|
|
Back to top |
|
|
Archezuli Advanced Cheater Reputation: 0
Joined: 28 Oct 2019 Posts: 58
|
Posted: Thu Nov 14, 2019 6:05 pm Post subject: |
|
|
Jesus. fucking. christ. I'm boutta murder a fkin puppy
Please help... I don't know what to do with this stupid thing anymore... it keeps crashing on the CMP...
I tried EVERYTHING.
Either it simply doesn't work (If I switch ebx to the address math used in the opcode), or it crashes the game as soon as it tries to run the CMP...
Code: |
[ENABLE]
aobScan(targetCode,01 EA 89 6C 24 04 41 8B 9C 15 84 00 00 00 0F CB 89 54 24)
alloc(cheatArea,$1000)
alloc(alphaHPAddress,8)
registerSymbol(cheatArea)
registerSymbol(alphaHPAddress)
label(origCode)
label(return)
cheatArea:
cmp [ebx],1
jne origCode
mov [alphaHPAddress],ebx
jmp origCode
origCode:
mov ebx,[r13+rdx+84]
bswap ebx
jmp return
targetCode+7:
jmp cheatArea
nop
nop
nop
nop
return:
registerSymbol(targetCode)
[DISABLE]
targetCode:
db 01 EA 89 6C 24 04 41 8B 9C 15 84 00 00 00 0F CB 89 54 24
dealloc(cheatArea)
dealloc(alphaHPAddress)
unregisterSymbol(targetCode)
unregisterSymbol(cheatArea)
unregisterSymbol(alphaHPAddress)
|
Description: |
|
Filesize: |
128.29 KB |
Viewed: |
3096 Time(s) |
|
|
|
Back to top |
|
|
DanyDollaro Master Cheater Reputation: 3
Joined: 01 Aug 2019 Posts: 334
|
Posted: Thu Nov 14, 2019 6:20 pm Post subject: |
|
|
I think you've done a bit of confusion, I don't think you can use the EBX register (you could use that but I don't think the offset you found is related to that registry).
When dissections the structure of the addresses of life and that of maximum life saves the structure in a text file, and loads the content here, I will see if I can help you, but remember to put in the structure only those 2 addresses.
Done with an address should be similar to this (You can save it as a text file from the structure dissection screen and on the "File" option you should find an option called "Save values"):
Code: | Offset-Description
0000 - 4 Bytes 481DC022AC : 1
0004 - 4 Bytes (Hex) 481DC022B0 : 04ECF83A
0008 - 4 Bytes 481DC022B4 : 0
000C - 4 Bytes 481DC022B8 : 0
0010 - 4 Bytes 481DC022BC : 0
0014 - 4 Bytes 481DC022C0 : 0
0018 - 4 Bytes 481DC022C4 : 0
001C - Pointer 481DC022C8 : P->481DC02290
0024 - 4 Bytes 481DC022D0 : 0
0028 - 4 Bytes 481DC022D4 : 0
002C - 4 Bytes 481DC022D8 : 0
0030 - 4 Bytes 481DC022DC : 0
0034 - 4 Bytes 481DC022E0 : 0
0038 - 4 Bytes 481DC022E4 : 0
003C - 4 Bytes (Hex) 481DC022E8 : 0000FFFE
0040 - 4 Bytes 481DC022EC : 0
0044 - 4 Bytes 481DC022F0 : 0
0048 - 4 Bytes 481DC022F4 : 0
004C - 4 Bytes 481DC022F8 : 0
0050 - 4 Bytes 481DC022FC : 0
0054 - 4 Bytes 481DC02300 : 0
0058 - 4 Bytes 481DC02304 : 0
005C - 4 Bytes 481DC02308 : 0
0060 - 4 Bytes 481DC0230C : 0
0064 - 4 Bytes 481DC02310 : 0
0068 - 4 Bytes 481DC02314 : 0
006C - 4 Bytes 481DC02318 : 0
0070 - 4 Bytes 481DC0231C : 0
0074 - 4 Bytes 481DC02320 : 0
0078 - 4 Bytes 481DC02324 : 0
007C - 4 Bytes 481DC02328 : 0
0080 - 4 Bytes 481DC0232C : 0
0084 - 4 Bytes 481DC02330 : 0
0088 - 4 Bytes 481DC02334 : 0
008C - 4 Bytes 481DC02338 : 0
0090 - 4 Bytes 481DC0233C : 0
0094 - 4 Bytes 481DC02340 : 0
0098 - 4 Bytes 481DC02344 : 0
009C - 4 Bytes 481DC02348 : 0
00A0 - 4 Bytes 481DC0234C : 0
00A4 - 4 Bytes 481DC02350 : 0
00A8 - 4 Bytes 481DC02354 : 0
00AC - 4 Bytes 481DC02358 : 0
00B0 - 4 Bytes 481DC0235C : 0
00B4 - 4 Bytes 481DC02360 : 0
00B8 - 4 Bytes 481DC02364 : 0
... |
|
|
Back to top |
|
|
|