| View previous topic :: View next topic |
| Author |
Message |
toruk
Newbie cheater
![]() Reputation: 0
Joined: 15 Jun 2013
Posts: 15
|
 Posted: Thu Apr 23, 2015 3:25 pm Post subject: quake3.exe dynamic memory allocation HELP!(Solved) |
 |
|
Hiya gys,
iam playing around with this oldie..I found the ammo address with CE and then ->find what accesses this address.
So i found the instruction that decreases the ammo..
The address is something like this:
0350870D - dec [eax+200] <<-- decreases the ammo.
the problem is that with every run the actual address of the dec instruction (0350870D )changes..
0350870D in every run changes a little..
I have tried using Memory browser of CE to check which module this memory belongs to and CE reports NOTHING!
SO i am stack! How do i do this guys?????????????? how to find a formula to use to apply to my trainer to get to this address !?!?!
Last edited by toruk on Sun Apr 26, 2015 8:58 am; edited 2 times in total |
|
| Back to top |
|
 |
justa_dude
Grandmaster Cheater
 Reputation: 23
Joined: 29 Jun 2010
Posts: 891
|
| Posted: Thu Apr 23, 2015 5:07 pm Post subject: Re: quake3.exe dynamic memory allocation HELP! |
|
|
| toruk wrote: |
0350870D in every run changes a little.. |
Craft an aobscan for it or use CE's (6.4 or newer) template for aob injection.
_________________
A nagy kapu mellett, mindig van egy kis kapu.
----------------------
Come on... |
|
| Back to top |
|
|
toruk
Newbie cheater
![]() Reputation: 0
Joined: 15 Jun 2013
Posts: 15
|
| Posted: Fri Apr 24, 2015 7:08 am Post subject: |
|
|
thank you. will try that!
The address difference though is too much..Hope it works..I mean the game loads to 00400000 while the instruction I want to change is around 03500000
|
|
| Back to top |
|
|
toruk
Newbie cheater
![]() Reputation: 0
Joined: 15 Jun 2013
Posts: 15
|
| Posted: Fri Apr 24, 2015 6:10 pm Post subject: |
|
|
tried that and failed..
the memory that i want to patch it seems that is allocated on runtime.
its outside the bounder of imagesize.
imagebase of game is 00400000
the intructions i want to modify are way above that!
aobscan fails..trainer causes game to crash !
any ideas???
*** WOULD anyone more experienced be willing to download the game(portablequake.exe 180mb) and give this a try, and let us know how do patch this? iam totally going in circles..
|
|
| Back to top |
|
|
justa_dude
Grandmaster Cheater
Reputation: 23
Joined: 29 Jun 2010
Posts: 891
|
| Posted: Sat Apr 25, 2015 4:02 am Post subject: |
|
|
| toruk wrote: | tried that and failed..
aobscan fails..trainer causes game to crash !
|
Show us a working hack (even if it only works until you have to restart the game) and the aobscan script that fails.
_________________
A nagy kapu mellett, mindig van egy kis kapu.
----------------------
Come on... |
|
| Back to top |
|
|
toruk
Newbie cheater
![]() Reputation: 0
Joined: 15 Jun 2013
Posts: 15
|
| Posted: Sat Apr 25, 2015 11:11 am Post subject: |
|
|
thank you justa.
I finally pinpointed the problem but i dont know how to fix...
The problem is the FindPattern function. The function was found on these forums:
| Code: | DWORD findPattern(char* module, char* pattern, char* mask)
{
MODULEINFO mInfo=GetModuleInfo(module);
DWORD dwBase =(DWORD)mInfo.lpBaseOfDll;
DWORD dwSize =(DWORD)mInfo.SizeOfImage;
DWORD patternLen=(DWORD)strlen(mask);
try
{
for (DWORD i = 0; i < dwSize-patternLen; i++)
{
bool found=true;
for (DWORD j = 0; j < patternLen; j++)
{
found &= mask[j]=='?' || pattern[j]==*(char*)(dwBase+i+j);
}
if (found)
{
return dwBase+i;
}
}
}
catch (int ex)
{
MessageBox(NULL,"exception","error",MB_OK);
}
return 0x0;
} |
If left unchanged the function runs just fine..it just does not find anything because this function returns:
ImageBase is 400000
Size of image: 3da000 +
total -------------
7da000
the code i want to change resides at around 03500000 !!
if i try to change the dwSize manually to force the function to search upto that mem it crashes the game..
so, thats the problem..
Any help PLEASE????
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
