 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Niko
Cheater
![]() Reputation: 0
Joined: 28 Mar 2014
Posts: 33
|
 Posted: Sun Jun 08, 2014 6:30 am Post subject: Flying/teleportation |
 |
|
Hi all.
I'm trying to make a tp hack, or atleast a flying hack. I've actually already found the coordinates in the game. You can't just freeze them because they keep getting overwritten. Now if I nop out the x or z axis, I can move trough walls. But then the screen either teleports me to somewhere i don't even know, like everything except the hud disappears. Aa script doesn't help either. the code for them looks like this:
dword ptr [eax]
dword ptr [eax+04]
dword ptr [eax+08]
and the aa script:
| Code: |
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048) //2kb should be enough
label(returnhere)
label(originalcode)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
originalcode:
fstp dword ptr [eax+08]
mov eax,[esp+18]
exit:
jmp returnhere
"AvP_DX11.exe"+13D216:
jmp newmem
nop
nop
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
"AvP_DX11.exe"+13D216:
fstp dword ptr [eax+08]
mov eax,[esp+18]
//Alt: db D9 58 08 8B 44 24 18 |
this is for the z coordinate, there is a 2nd command after the first one that I don't really understand. Also the game made a huge buzzing sound on a map that fucking scared the shit out of me when I moved. I'm serious it was super loud and sudden.
| Code: |
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048) //2kb should be enough
label(returnhere)
label(originalcode)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
originalcode:
fstp dword ptr [eax]
fld dword ptr [ebx+04]
exit:
jmp returnhere
"AvP_DX11.exe"+13D20A:
jmp newmem
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
"AvP_DX11.exe"+13D20A:
fstp dword ptr [eax]
fld dword ptr [ebx+04]
//Alt: db D9 18 D9 43 04
|
this is for the x coordinate I think. notice the fstp dword ptr [eax]
fld dword ptr [ebx+04] parts. this is the same for the y, fstp dword ptr [eax+4]; fld dword ptr [ebx+08]
All help will be appreciated |
|
| Back to top |
|
 |
Rissorr
Master Cheater
![]() Reputation: 3
Joined: 17 Sep 2013
Posts: 273
Location: Israel!
|
| Posted: Sun Jun 08, 2014 2:12 pm Post subject: |
|
|
Basicly all you need to do in a fly hack is just make some hotkeys that will activate an AA script with the code like:
add [eax],(float)5 OR -5
//that will move you by 5/-5 on the X cordinate
add [eax+4],(float)5 OR -5
//that will move you by 5/-5 on the Y cordinate
add [eax+8],(float)5 OR -5
//that will move you by 5/-5 on the Z cordinate
Thats how you do it...
If you do this and the game teleporting you to fu*king nowhere, try to watch the code when it happen and NOP it.
Sorry for my bad ENG,
Hope i helpd 
Also you can connect me, i can explain more 
|
|
|
V |
|
| Back to top |
|
|
Niko
Cheater
![]() Reputation: 0
Joined: 28 Mar 2014
Posts: 33
|
| Posted: Sun Jun 08, 2014 2:27 pm Post subject: |
|
|
| mixmax35 wrote: | Basicly all you need to do in a fly hack is just make some hotkeys that will activate an AA script with the code like:
add [eax],(float)5 OR -5
//that will move you by 5/-5 on the X cordinate
add [eax+4],(float)5 OR -5
//that will move you by 5/-5 on the Y cordinate
add [eax+8],(float)5 OR -5
//that will move you by 5/-5 on the Z cordinate
Thats how you do it...
If you do this and the game teleporting you to fu*king nowhere, try to watch the code when it happen and NOP it.
Sorry for my bad ENG,
Hope i helpd
Also you can connect me, i can explain more
|
|
|
V |
Hey mate. Thanks for the answer. I did it like you said or atleast I Think I did. Heres what I modified:
| Code: | [ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048) //2kb should be enough
label(returnhere)
label(originalcode)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
add [eax],(float)5
originalcode:
fstp dword ptr [eax]
fld dword ptr [ebx+04]
exit:
jmp returnhere
"AvP_DX11.exe"+13D20A:
jmp newmem
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
"AvP_DX11.exe"+13D20A:
fstp dword ptr [eax]
fld dword ptr [ebx+04]
//Alt: db D9 18 D9 43 04 |
ofc same with other 2 scripts. but it doesn't seem to work. I enable and dissable them multiple times, nothing in the game changes. Any idea why? |
|
| Back to top |
|
|
Rissorr
Master Cheater
![]() Reputation: 3
Joined: 17 Sep 2013
Posts: 273
Location: Israel!
|
| Posted: Sun Jun 08, 2014 2:33 pm Post subject: |
|
|
Few minutes ago i saw something realy close to this code in an other post,
Your code is:
| Code: | newmem: //this is allocated memory, you have read,write,execute access
//place your code here
add [eax],(float)5
originalcode:
fstp dword ptr [eax]
fld dword ptr [ebx+04] |
Try Doing:
| Code: | newmem: //this is allocated memory, you have read,write,execute access
//place your code here
fstp dword ptr [eax] //here are the code from the 'originalcode'
add [eax],(float)5
fld dword ptr [ebx+04] //the other one from the 'originalcode'
originalcode:
//fstp dword ptr [eax] // <---- comment this two (we will write them in the newmem)
//fld dword ptr [ebx+04]
|
Im not so sure that it will work, but try it...
Last edited by Rissorr on Sun Jun 08, 2014 2:40 pm; edited 1 time in total |
|
| Back to top |
|
|
Niko
Cheater
![]() Reputation: 0
Joined: 28 Mar 2014
Posts: 33
|
| Posted: Sun Jun 08, 2014 2:36 pm Post subject: |
|
|
| mixmax35 wrote: | Few minutes ago i saw something realy close to this code in an other post,
Your code is:
| Code: | newmem: //this is allocated memory, you have read,write,execute access
//place your code here
add [eax],(float)5
originalcode:
fstp dword ptr [eax]
fld dword ptr [ebx+04] |
Try Doing:
| Code: | newmem: //this is allocated memory, you have read,write,execute access
//place your code here
fstp dword ptr [eax] //here are the code from the 'originalcode'
add [eax],(float)5
fld dword ptr [ebx+04] //the other one from the 'originalcode'
originalcode:
//fstp dword ptr [eax] // <---- comment this two (we will write them in the newmem)
//fld dword ptr [ebx+04]
|
Im not so shure that it will work, but try it... |
I did actually, it just fucked up the game. I get a blue screen. or just the vision really fucks up/the lighting and I can't move, then I get teleported to some blank space that is just grey. All I can see is my hud and gray stuff. also game sometims makes weird noises. |
|
| Back to top |
|
|
Rissorr
Master Cheater
![]() Reputation: 3
Joined: 17 Sep 2013
Posts: 273
Location: Israel!
|
|
| Back to top |
|
|
justa_dude
Grandmaster Cheater
 Reputation: 23
Joined: 29 Jun 2010
Posts: 893
|
| Posted: Sun Jun 08, 2014 2:47 pm Post subject: Re: Flying/teleportation |
|
|
| Niko wrote: | | I've actually already found the coordinates in the game. You can't just freeze them because they keep getting overwritten. |
Then they probably aren't the right values.
_________________
A nagy kapu mellett, mindig van egy kis kapu.
----------------------
Come on... |
|
| Back to top |
|
|
Niko
Cheater
![]() Reputation: 0
Joined: 28 Mar 2014
Posts: 33
|
| Posted: Sun Jun 08, 2014 2:57 pm Post subject: Re: Flying/teleportation |
|
|
| justa_dude wrote: | | Niko wrote: | | I've actually already found the coordinates in the game. You can't just freeze them because they keep getting overwritten. |
Then they probably aren't the right values. |
They are, I can nop the codes they are written to, and then I can't move in a certain direction. If I nop Y I can't go down or go up etc. But a weird thing is I tried doing the other thing that got suggested. The thing with darkbyte's code.
On the X axis it just makes walls and stuff disapear. Or atleast I can see trough it. However when I set any value in float to the Y axis, it just teleports me a couple of feet under the map, where I can walk freely and do everything properly (it doesn't matter what value I set If its above 0 float it will teleport me at the same range down in the ground. If the value is not float it will just do nothing visable). Also if I get either x or z I can move trough objects to a certain point, before the game bugs. But If I unfreeze x or Y I just get well, teleported outside of those objects I got into |
|
| Back to top |
|
|
justa_dude
Grandmaster Cheater
Reputation: 23
Joined: 29 Jun 2010
Posts: 893
|
| Posted: Sun Jun 08, 2014 3:32 pm Post subject: |
|
|
It sounds to me like you've found a set of coordinates used for collision detection and all you've been able to do is fall off the map.
_________________
A nagy kapu mellett, mindig van egy kis kapu.
----------------------
Come on... |
|
| Back to top |
|
|
Rissorr
Master Cheater
![]() Reputation: 3
Joined: 17 Sep 2013
Posts: 273
Location: Israel!
|
| Posted: Mon Jun 09, 2014 1:35 am Post subject: |
|
|
Agree with justa_dude 
EDIT:
It maybe not atually the addresses of the cordinates, it could be for exemple: distance till a collision or something like this, if you nop all of them = probbly you will get an empty map.
P.S
I downloaded AvP (also watch dogs and some more cool games to hack ) to try to hack it by myself. |
|
| Back to top |
|
|
Geri
Moderator
![]() Reputation: 111
Joined: 05 Feb 2010
Posts: 5627
|
| Posted: Mon Jun 09, 2014 7:22 pm Post subject: |
|
|
Well if you find the right values and if they are float values, forget using
add [eax],(float)5
or anything similar. If you are operating with float values, use the right instructions, fadd, fsub, etc.
_________________
|
|
| Back to top |
|
|
Niko
Cheater
![]() Reputation: 0
Joined: 28 Mar 2014
Posts: 33
|
| Posted: Tue Jun 10, 2014 6:42 am Post subject: |
|
|
| Geri wrote: | Well if you find the right values and if they are float values, forget using
add [eax],(float)5
or anything similar. If you are operating with float values, use the right instructions, fadd, fsub, etc. |
| Code: | [ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048) //2kb should be enough
label(returnhere)
label(originalcode)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
fadd dword ptr [eax]
originalcode:
fstp dword ptr [eax]
fld dword ptr [ebx+04]
exit:
jmp returnhere
"AvP_DX11.exe"+13D20A:
jmp newmem
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
"AvP_DX11.exe"+13D20A:
fstp dword ptr [eax]
fld dword ptr [ebx+04]
//Alt: db D9 18 D9 43 04 |
This fadd dword ptr [eax] is the only thing it lets me do. Anything else like fadd [eax],5 or fadd [eax],(float)5 says there is an error in that line. Could you add what you mean to the script and post it?
| mixmax35 wrote: | Agree with justa_dude
EDIT:
It maybe not atually the addresses of the cordinates, it could be for exemple: distance till a collision or something like this, if you nop all of them = probbly you will get an empty map.
P.S
I downloaded AvP (also watch dogs and some more cool games to hack ) to try to hack it by myself. |
AvP is the game I'm doing this on . Maybe try it yourself if you will. But I found only 2 coordinates values while searching. The other one is for the camera or something similar. It just teleports my camera and hud, but I can still see my player model infront of me, something like 3rd person mode. Its the only coordinates I found in the game :/ and I searched over 20 times.
Its also worthy to mention these codes for the values write to like 10 - 20 addresses constantly. Also even if they are for unit collision, I'd love to make a hack that lets me pass trough walls and stuff, that would be awesome. |
|
| Back to top |
|
|
Rissorr
Master Cheater
![]() Reputation: 3
Joined: 17 Sep 2013
Posts: 273
Location: Israel!
|
| Posted: Tue Jun 10, 2014 2:03 pm Post subject: |
|
|
| Niko wrote: |
AvP is the game I'm doing this on Smile. Maybe try it yourself if you will. But I found only 2 coordinates values while searching. The other one is for the camera or something similar. It just teleports my camera and hud, but I can still see my player model infront of me, something like 3rd person mode. Its the only coordinates I found in the game :/ and I searched over 20 times.
|
So you mean that you found the camera stuff? and you actually can move with the camera everywhere?
well.. thats also can be a usefull cheat in some games that called "FreeCam" try to do something with it....
P.S
If you found only 2 addresses, try using the 'Dissect data/structure' to find the third one |
|
| Back to top |
|
|
Niko
Cheater
![]() Reputation: 0
Joined: 28 Mar 2014
Posts: 33
|
| Posted: Wed Jun 11, 2014 6:16 am Post subject: |
|
|
| mixmax35 wrote: | | Niko wrote: |
AvP is the game I'm doing this on Smile. Maybe try it yourself if you will. But I found only 2 coordinates values while searching. The other one is for the camera or something similar. It just teleports my camera and hud, but I can still see my player model infront of me, something like 3rd person mode. Its the only coordinates I found in the game :/ and I searched over 20 times.
|
So you mean that you found the camera stuff? and you actually can move with the camera everywhere?
well.. thats also can be a usefull cheat in some games that called "FreeCam" try to do something with it....
P.S
If you found only 2 addresses, try using the 'Dissect data/structure' to find the third one |
You got it wrong. I found 2 types of addresses. One is the camera and the other one was for the actual player, at least so I think. It might be the map itself or collision. However if I have found the collision coordinates (I can move trough objects if I put enough force to them, or something pushes me) than this would be great. But yeah, apparently the game uses coordinates for the camera as well. It actually keeps my theory up that i had the player coordinates. Because the two values are really similar
their difference is like... about 0.000005 float or something. the actual number is usually the same. Also those codes that write to the coordinates i found write to multiple values. Also when I search the exact float value in the find value thing, Its float rounded (default) and it comes up with about 16 addresses. On the default Truncated I don't get any results. and on the Rounded (extreme they are 14 addresses). I actually crashed my game a few times and broke it once while playing with the coordinates. It deletes the exe files under some circumstances that I'm not familiar with. Some anticheat maybe different than CRC. But this happened the one time I messed with the camera coordinate X. Which is the only one I found. it worked fine until I went to a checkpoint. then the game crashed and deleted its exes. And I couldn't copy and paste in the folder. The game had fucked up, had to use steam to verify integrity of game cache to re-download the files. If you want to find the camera value just search between the coordinates I have and 1 above. So if you know your x coordinate is 150 search 149 to 151 and you will surely get it. Also if I take out z, the models kind of bug. They stand up and let lose of their hands and feet. Don't do any animations. If you've ever played counterstrike source and someone spawns on the map without any weapons in a weird position, its exactly how it looks like. |
|
| Back to top |
|
|
Geri
Moderator
![]() Reputation: 111
Joined: 05 Feb 2010
Posts: 5627
|
| Posted: Wed Jun 11, 2014 6:47 am Post subject: |
|
|
| Niko wrote: | This fadd dword ptr [eax] is the only thing it lets me do. Anything else like fadd [eax],5 or fadd [eax],(float)5 says there is an error in that line. Could you add what you mean to the script and post it?
|
For float instructions, read this topic:
http://forum.cheatengine.org/viewtopic.php?p=5532514
(Or any other topic you may find. It is a common question and it was answered many times on the forum.)
_________________
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
