Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Fog of War hacking on games

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
Turkeychopio
Cheater
Reputation: 0

Joined: 06 Aug 2014
Posts: 36
PostPosted: Wed Aug 06, 2014 12:00 pm    Post subject: Fog of War hacking on games Reply with quote
I was wondering if anybody could help me hack the value for disabling the fog of war on certain games. I'm not sure what value if would come under of if it's possible in the first place only using scans and replacing codes with nuls.

If anybody knows of a way to disable said fog pleast reply Smile

-Turkey
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 473

Joined: 09 May 2003
Posts: 25900
Location: The netherlands
PostPosted: Wed Aug 06, 2014 3:35 pm    Post subject: Reply with quote
it's not easy and it's different on each game.

perhaps the fog of war is implemented as a dynamically updated image that's overlayed over the map
If that's the case then try a hashing custom type
e.g:
Code:

alloc(ConvertRoutine,1024)
alloc(ConvertBackRoutine,1024)
alloc(TypeName,256)
alloc(ByteSize,4)
alloc(UsesFloat,1)

TypeName:
db '4KB Hash',0

ByteSize:
dd 1000

UsesFloat:
db 0 //Change to 1 if this custom type should be treated as a float

//The convert routine should hold a routine that converts the data to an integer (in eax)
//function declared as: stdcall int ConvertRoutine(unsigned char *input);
//Note: Keep in mind that this routine can be called by multiple threads at the same time.
ConvertRoutine:
//jmp dllname.functionname
[64-bit]
//or manual:
//parameters: (64-bit)
//rcx=address of input

//convert the data in rcx+0 to rcx+fff into a crc value
mov rax,cececece
push rsi
mov rsi,rcx
mov rcx,1000-3

label(calculate)
calculate:
xor eax,[rsi]
add rsi,1
loop calculate

pop rsi

ret
[/64-bit]

[32-bit]
//jmp dllname.functionname
//or manual:
//parameters: (32-bit)
push ebp
mov ebp,esp
//[ebp+8]=input
//example:

push esi
push ecx
mov eax,cececece
mov esi,[ebp+8] //place the address that contains the bytes into eax
mov ecx,1000-3

label(calculate)
calculate:
xor eax,[esi]
add esi,1
loop calculate

pop ecx
pop esi
pop ebp
ret 4
[/32-bit]

//The convert back routine should hold a routine that converts the given integer back to a row of bytes (e.g when the user wats to write a new value)
//function declared as: stdcall void ConvertBackRoutine(int i, unsigned char *output);
ConvertBackRoutine:
//jmp dllname.functionname
//or manual:
[64-bit]
//parameters: (64-bit)
//ecx=input
//rdx=address of output
//example:
ret
[/64-bit]

[32-bit]
ret 8
[/32-bit]


this type you can use with changed/unchanged scans only.
Do an unknown initial value scan.
Then reveal some of the map and do a changed value scan.
Then try to do something that does not change the fog of war and scan for unchanged.
Repeat till you have a handful of results

Then look at the memory and it may give an idea what is going on.

Tip: Use the graphical memory view and look at the memory. With the proper alignment slider you may be able to find the fog of war overlay at the address ranges you've found (if the slider is at the wrong position it will look distorted, but your brain might help you figure it out anyhow)

When you've found it, try finding what writes to it, and then write some code that clears the whole map (or use a pointer and a script that blanks that memory)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
smartsoldier123
How do I cheat?
Reputation: 0

Joined: 11 Mar 2015
Posts: 3
PostPosted: Thu Mar 12, 2015 8:58 am    Post subject: Reply with quote
Would you be able to write a specific version of this for Age of Mythology?
Back to top
View user's profile Send private message
masterkill7
Newbie cheater
Reputation: 0

Joined: 07 Mar 2015
Posts: 10
Location: Baku
PostPosted: Thu Mar 12, 2015 9:49 am    Post subject: Reply with quote
Dark Byte, why my posts reseted ?
_________________
I'm very impatient . Sorry for my error Wink
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites