View Single Post
Old 11-12-2013, 02:13
JMC17's Avatar
JMC17 JMC17 is offline
Registered User
Join Date: Mar 2011
Location: Not Underground Anymore
Posts: 14
Thanks: 0
Thanked 0 Times in 0 Posts
JMC17 is on a distinguished road
OPCodes addresses in ASM keeps changing!

I haven't worked on trainers for awhile and I have a really bad memory.

The problem is, usually the memory dump addresses keeps changing which is why (from what I know)
most people make trainers by poking addresses in the ASM code and changing the flow of the code
(jumping into a code cave and back when done) because those usually doesn't move..

But what do you do when even this keeps changing :
(First run)
CPU Disasm
Address   Hex dump          Command                                  Comments
058FB59E    8B40 3C         MOV EAX,DWORD PTR DS:[EAX+3C]
(Exit and start game.exe)
(Second run)
CPU Disasm
Address   Hex dump          Command                                  Comments
058FB5E6    8B40 3C         MOV EAX,DWORD PTR DS:[EAX+3C]
For proper context, I'm using OllyDbg2/CE and this trainer is for Anna's extended edition from Steam.
The value i'm modifying is the "panic bar" which goes from 0(gameover) to 100(fullbar) in decimal.

The question in short, what am I doing wrong?

Okay so I finally finished the trainer, I'll upload the source code and link it once I actually release it.
I have no idea why the memory is shifting but doing a pattern scan solves the problem.
Basically you read a large portion of the process memory and compare it with the opcodes of the commands you're looking for. When found, you then know exactly where to inject the code.

This is where I learned about it

And here's the trainer's source code

Last edited by JMC17; 15-12-2013 at 12:52.
Reply With Quote
Sponsored Links