Cheat Engine

[Ice745]

I have tried this before and it works. Here is my process:

First of all, I had a game that a cheat I made needed to be "auto assembled" and injected. It was getting annoying to have to "Auto Assemble" every time I loaded the game. So I did this...

First, I did an auto assemble like usual, but wrote down the byte code that was injected. I copied it to a hex editor and appended the beginning with a special identifier, e.g. "RKHack - Final Fantasy VII - 00000001 - Infinite Health", then saved that file as FFVII00000001.bin, the file name doesn't really matter.

Second, I wrote a small program that would inject that as a resource as type "RKHack" and name "00000001", language was just default.

Third, I loaded the program (with the new resource) and did a string search for "RKHack - Final Fantasy VII - 00000001 - Infinite Health" to get the memory location of the RKHack resource.

Fourth, I calculated the values that would be needed for all the jmp commands. Then closed the game, and hex-edited the jmp commands so that they would now jump to the right place, and added the jmp command where it should go to jmp to the Infinite Health cheat.

Fifth, started it, and tested it.

Note that this method requires a regular EXE. It will not work with packed EXEs, Safedisc EXEs, etc. But I'm sure that you can find an unpacker or two.

[FreeFry]

Sounds intresting, but doesnt it become way more complicated just to make a cheat this way? or using the cheat?

[Dark Byte]

you can also add a autoassembler script to a trainer

[soulx`]

LMAO.. sorry but that is too funny.. that is standard DMA ... and u wrote all that shit just to get around DMA? or am i wrong?

[Ice745]

:-X I didn't realize someone got such a kick out of this (apparently over a year ago). Let me clarify for him (and anyone else) so he understands what I was doing.

I injencted code into the EXE file, so that the "trainer" was built into the EXE and didn't need any external programs. Just load the game and it works. The "Infinite Health" in FF7 was just a basic example to make the process explanation easier. This is also useful for when values are stored on the stack only during a function. And you would need an Auto Assemble script to make it work - and again didn't want to have to use an external trainer everytime.

Generally this would be applied to cases where you need a long Auto Assemble script, and there are no code-caves big enough to fit it.

As for the finding the address of the resource, I did that search because to me it was quicker than figuring the address from the EXE header.

[fuzzy]

wao over a year bump. nice.