vergilganesh Expert Cheater Reputation: 0
Joined: 01 Jul 2013 Posts: 134 Location: India
|
Posted: Fri Sep 06, 2013 9:34 am Post subject: [Tutorial]Advanced Cheat for Shank 2 v1.0.0 part 3 |
|
|
STORY MODE GOD MODE
There is a little bit different in story mode and survival mode. In story mode there was some addresses accessing with the hero healths value.
There are lots of addresses pointing 0. Some locations there are some addresses pointing 1. So we have to make an exception as we do in part 1. We have to rewrite code at the fld location.
Code: |
[ENABLE]
alloc(newmem1,2048)
alloc(val,128)
alloc(count,12)
label(returnhere1)
label(exit1)
label(next3)
count:
dd (int)1
newmem1:
fld dword ptr [esi+000000A0]
cmp [count],1
jne exit1
cmp [esi+a0],(float)1
jle exit1
mov [val],esi
sub [count],1
exit1:
cmp [val+4],esi
je returnhere1
cmp [val],esi
je returnhere1
cmp [esi+a0],(float)125
jle next3
mov [val+4],esi
jmp returnhere1
next3:
mov [count],1
jmp returnhere1
"Shank2.exe"+F0249:
jmp newmem1
nop
returnhere1:
alloc(newmem2,2048)
alloc(pas,12)
label(returnhere2)
label(originalcode2)
label(exit2)
pas:
dd (float)0.0
newmem2:
cmp [val],ebp
je originalcode2
fld dword ptr [esp+1C]
mov ecx,[ebp+08]
jmp exit2
originalcode2:
fld dword ptr [esp+1C]
fmul dword ptr [pas]
mov ecx,[ebp+08]
mov eax,[ebp+200]
mov [ebp+a0],eax
exit2:
jmp returnhere2
"Shank2.exe"+EDCE4:
jmp newmem2
nop
nop
returnhere2:
[DISABLE]
dealloc(newmem2)
dealloc(val)
dealloc(count)
"Shank2.exe"+EDCE4:
fld dword ptr [esp+1C]
mov ecx,[ebp+08]
dealloc(newmem1)
"Shank2.exe"+F0249:
fld dword ptr [esi+000000A0]
//Alt: db D9 86 A0 00 00 00
|
We just make a compare code in the beginning if it is 1 or 0, then it just skip the entire overwrite section of [val]. This code is enough for the survival mode also.
To know about this hack refer
http://forum.cheatengine.org/viewtopic.php?t=567928
To download Cheat Table Click here...
http://forum.cheatengine.org/viewtopic.php?t=568273
|
|