View previous topic :: View next topic |
Author |
Message |
pharaon Advanced Cheater Reputation: 1
Joined: 29 Jun 2012 Posts: 80
|
Posted: Sun Oct 11, 2015 11:34 am Post subject: Hills Of Glory 3D PC |
|
|
i found this address for health i want to make it into script
i tried
but didnt work well
Code: | mov [eax+0C],ecx
leave
ret |
|
|
Back to top |
|
|
STN I post too much Reputation: 41
Joined: 09 Nov 2005 Posts: 2672
|
Posted: Sun Oct 11, 2015 12:53 pm Post subject: |
|
|
What is the address where this instruction is ?
_________________
|
|
Back to top |
|
|
pharaon Advanced Cheater Reputation: 1
Joined: 29 Jun 2012 Posts: 80
|
Posted: Sun Oct 11, 2015 6:11 pm Post subject: |
|
|
045DE435 - 8B C8 - mov ecx,eax
045DE437 - 8B 45 08 - mov eax,[ebp+08]
045DE43A - 89 48 0C - mov [eax+0C],ecx <<
045DE43D - C9 - leave
045DE43E - C3 - ret
EAX=0E0999D8
EBX=0000000A
ECX=00000276
EDX=00000003
ESI=0E1D5E40
EDI=0F5B0A08
ESP=0030F220
EBP=0030F228
EIP=045DE43D
|
|
Back to top |
|
|
STN I post too much Reputation: 41
Joined: 09 Nov 2005 Posts: 2672
|
Posted: Mon Oct 12, 2015 4:14 am Post subject: |
|
|
With 045DE43A selected in memory viewer, press CTRL+A and from there, go to Template > AOB Injection (045DE43A looks like moving memory to me so aob is better). CE should fill up the AA window with aob injection template. Write your injection there.
Something like this
[ENABLE]
aobscanmodule(INJECT,game.exe,89 48 0C C9 C3) // IN CASE the code doesn't reside in a module (exe or dll), use aobscan instead
alloc(newmem,$1000,INJECT) // in case the process is 32bit, remove INJECT (used to make 64 bit jumps shorter)
label(code)
label(return)
newmem:
code:
mov ecx, 0
mov [eax+0C],ecx // original code
leave
ret
jmp return // this doesn't get executed at all ever so you can remove this if you wish
INJECT:
jmp code
return:
registersymbol(INJECT)
[DISABLE]
INJECT:
db 89 48 0C C9 C3
unregistersymbol(INJECT)
dealloc(newmem)
_________________
|
|
Back to top |
|
|
pharaon Advanced Cheater Reputation: 1
Joined: 29 Jun 2012 Posts: 80
|
Posted: Mon Oct 12, 2015 11:08 am Post subject: |
|
|
now it kill me
it dosnt work well this way i mean the code
|
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Mon Oct 12, 2015 11:32 am Post subject: |
|
|
That's because mov ecx,0 is moving 0 into your health.
Change it to something else: mov ecx,#1000
|
|
Back to top |
|
|
pharaon Advanced Cheater Reputation: 1
Joined: 29 Jun 2012 Posts: 80
|
Posted: Mon Oct 12, 2015 11:52 am Post subject: |
|
|
now it dosnt kill me or them
[ENABLE]
aobscan(INJECT,89 48 0C C9 C3 00 55 8B EC 53) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
code:
mov ecx,#200
mov [eax+0C],ecx
leave
ret
jmp return
INJECT:
jmp code
return:
registersymbol(INJECT)
[DISABLE]
INJECT:
db 89 48 0C C9 C3
unregistersymbol(INJECT)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 0452A56A
0452A54E: 8B 45 08 - mov eax,[ebp+08]
0452A551: 8B 40 08 - mov eax,[eax+08]
0452A554: 83 EC 04 - sub esp,04
0452A557: 50 - push eax
0452A558: 6A 00 - push 00
0452A55A: FF 75 0C - push [ebp+0C]
0452A55D: E8 36 F6 FE FF - call 04519B98
0452A562: 83 C4 10 - add esp,10
0452A565: 8B C8 - mov ecx,eax
0452A567: 8B 45 08 - mov eax,[ebp+08]
// ---------- INJECTING HERE ----------
0452A56A: 89 48 0C - mov [eax+0C],ecx
0452A56D: C9 - leave
0452A56E: C3 - ret
// ---------- DONE INJECTING ----------
0452A56F: 00 55 8B - add [ebp-75],dl
0452A572: EC - in al,dx
0452A573: 53 - push ebx
0452A574: 57 - push edi
0452A575: 56 - push esi
0452A576: 83 EC 3C - sub esp,3C
0452A579: 8B 7D 08 - mov edi,[ebp+08]
0452A57C: 83 EC 0C - sub esp,0C
0452A57F: 57 - push edi
0452A580: E8 A3 01 00 00 - call 0452A728
}
|
|
Back to top |
|
|
STN I post too much Reputation: 41
Joined: 09 Nov 2005 Posts: 2672
|
Posted: Mon Oct 12, 2015 12:15 pm Post subject: |
|
|
Because it is shared with enemy units. Find a pointer for your health address or an identifier that you can use to compare if its enemy or player or you may find an instruction that only accesses your health.
Read this tutorial by the late Geri
http://forum.cheatengine.org/viewtopic.php?t=530548
Also search on these forums for "health player only" and read the tutorials on the subject.
_________________
|
|
Back to top |
|
|
atom0s Moderator Reputation: 198
Joined: 25 Jan 2006 Posts: 8515 Location: 127.0.0.1
|
Posted: Mon Oct 12, 2015 12:22 pm Post subject: |
|
|
This topic has nothing to do with Lua, moved.
_________________
- Retired. |
|
Back to top |
|
|
neil501 Advanced Cheater Reputation: 0
Joined: 01 Oct 2013 Posts: 50 Location: long island,NY
|
Posted: Sun Sep 09, 2018 7:02 am Post subject: hills of glory 3d pc version |
|
|
Does anyone know if we can mod the money in game? i keep trying but it keeps going blank! ive been noticing with win 10 games almost none of the games can be hacked with cheat engine are they writing programs to block CE out? I find it very frustrating spending untold hours only to come up empty!
|
|
Back to top |
|
|
|