View previous topic :: View next topic |
Author |
Message |
yoelgama How do I cheat? Reputation: 0
Joined: 16 Jun 2017 Posts: 4
|
|
Back to top |
|
|
atom0s Moderator Reputation: 198
Joined: 25 Jan 2006 Posts: 8517 Location: 127.0.0.1
|
Posted: Fri Sep 06, 2019 5:23 pm Post subject: |
|
|
- Get a single stack of gold in your inventory.
- Search for the exact amount (4 bytes).
- Right-click the stack, take out 1 piece of the stack and put it in another spot in your inventory.
- Research for the original amount - 1.
- Place the single piece of gold back in the stack.
- Research for the original amount.
For example:
- Get a stack of 11 gold.
- Search for 11.
- Remove 1 piece of gold from the stack into a new spot in the inventory.
- Research for 10.
- Put the 1 gold back into the stack.
- Research for 11.
You should be able to find the value easily then.
_________________
- Retired. |
|
Back to top |
|
|
yoelgama How do I cheat? Reputation: 0
Joined: 16 Jun 2017 Posts: 4
|
Posted: Fri Sep 06, 2019 6:19 pm Post subject: Help in get total amount of gold [ShadowFlare] |
|
|
I tried it but what I get is address only for an stackof gold, not for total of gold in bag.
Example:
1)(Steps that you suggested)
2) add more 10000 of gold on stack of 11 gold, the game will make 2 stacks, 1 = 10 000 gold(Limit per stack) an 2 = 11 gold(what I had before).
the addresses that i found ever is just for stack of 11 gold or 10 000 gold, never for 10 011, the total in bag.
|
|
Back to top |
|
|
atom0s Moderator Reputation: 198
Joined: 25 Jan 2006 Posts: 8517 Location: 127.0.0.1
|
Posted: Fri Sep 06, 2019 8:30 pm Post subject: |
|
|
The total is calculated from each entry in the bag that is found and added up.
This is the function that handles that:
Code: |
int __thiscall sub_466D70(void *this)
{
int v1; // ecx@1
int result; // eax@1
v1 = *(_DWORD *)this;
for ( result = 0; v1; v1 = *(_DWORD *)(v1 + 140) )
{
if ( *(_DWORD *)(v1 + 12) == 4 && !*(_DWORD *)(v1 + 20) )
result += *(_DWORD *)(v1 + 64);
}
return result;
}
|
_________________
- Retired. |
|
Back to top |
|
|
yoelgama How do I cheat? Reputation: 0
Joined: 16 Jun 2017 Posts: 4
|
Posted: Fri Sep 06, 2019 8:35 pm Post subject: Help in get total amount of gold [ShadowFlare] |
|
|
So thanks. How can Iintercept de return value of this function in CE?
|
|
Back to top |
|
|
atom0s Moderator Reputation: 198
Joined: 25 Jan 2006 Posts: 8517 Location: 127.0.0.1
|
Posted: Fri Sep 06, 2019 8:53 pm Post subject: |
|
|
This will fake the return value to show whatever you want, but keep in mind this may not have the results you are looking for. Also not sure what version of the game mine is, it's super old that I had on an old drive so dunno if the addresses and stuff will line up the same for you.
Code: |
{ Game : ShadowFlare.exe
Version: ???
Date : 2019-09-06
Author : atom0s
Fakes the return value shown as total gold in game.
}
[ENABLE]
aobscanmodule(totalgold,ShadowFlare.exe,68 E8 03 00 00 6A 01 6A 00 6A 00 8B 7C 24 34)
alloc(newmem,$1000)
label(return)
newmem:
// EAX holds the total gold value currently..
mov eax, (int)999999
// Restore original code..
push 000003E8
jmp return
totalgold:
jmp newmem
return:
registersymbol(totalgold)
[DISABLE]
totalgold:
db 68 E8 03 00 00 6A 01 6A 00 6A 00 8B 7C 24 34
unregistersymbol(totalgold)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "ShadowFlare.exe"+8ABB
"ShadowFlare.exe"+8A90: 0F 84 DD 02 00 00 - je ShadowFlare.exe+8D73
"ShadowFlare.exe"+8A96: 8B 8B 18 A0 00 00 - mov ecx,[ebx+0000A018]
"ShadowFlare.exe"+8A9C: E8 0F C2 02 00 - call ShadowFlare.exe+34CB0
"ShadowFlare.exe"+8AA1: 8B F0 - mov esi,eax
"ShadowFlare.exe"+8AA3: 85 F6 - test esi,esi
"ShadowFlare.exe"+8AA5: 0F 84 C8 02 00 00 - je ShadowFlare.exe+8D73
"ShadowFlare.exe"+8AAB: 8D 8E 14 05 00 00 - lea ecx,[esi+00000514]
"ShadowFlare.exe"+8AB1: 55 - push ebp
"ShadowFlare.exe"+8AB2: 89 4C 24 1C - mov [esp+1C],ecx
"ShadowFlare.exe"+8AB6: E8 B5 E2 05 00 - call ShadowFlare.exe+66D70
// ---------- INJECTING HERE ----------
"ShadowFlare.exe"+8ABB: 68 E8 03 00 00 - push 000003E8
// ---------- DONE INJECTING ----------
"ShadowFlare.exe"+8AC0: 6A 01 - push 01
"ShadowFlare.exe"+8AC2: 6A 00 - push 00
"ShadowFlare.exe"+8AC4: 6A 00 - push 00
"ShadowFlare.exe"+8AC6: 8B 7C 24 34 - mov edi,[esp+34]
"ShadowFlare.exe"+8ACA: 6A 04 - push 04
"ShadowFlare.exe"+8ACC: 6A 00 - push 00
"ShadowFlare.exe"+8ACE: 8B 0D 10 2D 48 00 - mov ecx,[ShadowFlare.exe+82D10]
"ShadowFlare.exe"+8AD4: 8B 2D 6C 35 47 00 - mov ebp,[ShadowFlare.exe+7356C]
"ShadowFlare.exe"+8ADA: 6A 00 - push 00
"ShadowFlare.exe"+8ADC: 6A 00 - push 00
}
|
_________________
- Retired. |
|
Back to top |
|
|
yoelgama How do I cheat? Reputation: 0
Joined: 16 Jun 2017 Posts: 4
|
Posted: Fri Sep 06, 2019 8:55 pm Post subject: Help in get total amount of gold [ShadowFlare] |
|
|
So very thanksss. I'll do tests in case of fail i'll study. Thanks bro <3
|
|
Back to top |
|
|
|