| View previous topic :: View next topic |
| Author |
Message |
Hatschi
Master Cheater
![]() Reputation: 2
Joined: 28 Jan 2010
Posts: 327
|
 Posted: Fri Apr 13, 2012 7:10 am Post subject: How to defeat address without a base address |
 |
|
Hi,
There are lots of games, for example terraria where addresses don't have a base address. Is there a chance to hack these games? Well there must be a chance since there are trainers out for terraria, but how do people hack this game?
Except AOB scan, do they take usage of pointer scan? Or is there a way to find out the base address? Ollydb?
Sometimes i solved this problem via pointer scanner but other times the pointer scan runs out. Means even with a deep of 20. So any advices are highly appreciated.
|
|
| Back to top |
|
 |
Freiza
Grandmaster Cheater
 Reputation: 22
Joined: 28 Jun 2010
Posts: 662
|
| Posted: Fri Apr 13, 2012 10:04 am Post subject: |
|
|
What is wrong with AOB ? Is there any particular reason for not using it?
_________________
|
|
| Back to top |
|
|
Hatschi
Master Cheater
![]() Reputation: 2
Joined: 28 Jan 2010
Posts: 327
|
| Posted: Fri Apr 13, 2012 12:32 pm Post subject: |
|
|
It's kind of slow if the range between old address and new address is to high. For example function1 address = 2xxxxxxxx, after a restart the new address is 7xxxxxxx
Or my function is to slow...
|
|
| Back to top |
|
|
Freiza
Grandmaster Cheater
Reputation: 22
Joined: 28 Jun 2010
Posts: 662
|
| Posted: Fri Apr 13, 2012 12:37 pm Post subject: |
|
|
But only for the first time when the script is loading. Still better than pointer scan. Because in some game I have witnessed pointer scan results are not reliable especially for emulator and some flash based games.
| Quote: | | Or is there a way to find out the base address? |
In CE
In disassembler window
View-> show module addresses.
But in some games module address are not reliable where the codes comes from dll or where the codes are dynamically generated.
For terraria,
you can contact mgr.inz.Player or Wiccaan . They have hacked the game they may help you.
_________________
|
|
| Back to top |
|
|
Kavvman
Master Cheater
![]() Reputation: 2
Joined: 17 Apr 2004
Posts: 316
|
| Posted: Fri Apr 13, 2012 1:01 pm Post subject: |
|
|
| Hatschi wrote: | It's kind of slow if the range between old address and new address is to high. For example function1 address = 2xxxxxxxx, after a restart the new address is 7xxxxxxx
Or my function is to slow... |
Your function is slow or you are using a slow language such as VB etc. How does your sigscanner work btw ? The best way imo is using asm and injecting your dll to scan. That way you don't even need to use RPM(); API to get memory data. My functions using this method can scan the whole module within less than 5 minutes and the required offsets in seconds.
And i don't think pointers will work for games like terreria and minecraft because the code isn't static and not even loaded until required by the game. It changes on each run since the game runs in JVM.
The only solution is to use a sigscanner.
_________________
... |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
