Help me - Only for trainer makers.

[HonestGamer]

Hello Code Wizzies,

I have a problem....as I am very limited in knowledge as compared to others like PiZZA (where are you guys) - I am have a problem - only one.

I have made numerous attempts on making One Hit Kill hacks:-

1) Tried finding weapon damage - failed.

2) Tried finding others health - didn't even find it.

So can you guys guide me to it...any help would be appreciated.

[DABhand]

Some games share the opcodes responsible for the players health, if you can find where your own health routine is then breakpoint on that opcode and hit an enemy keep an eye on the registers, also check on yourself when hit.

For example,

The player when hit may have a constant value in EAX perhaps for example say 0023FF1A

If that is so, then you code inject.. ((this is an example not the same for all games))

code cave:

CMP EAX,0023FF1A --- check that eax contains this value
JE <address for working out player health> -- if so jump to the address for our players forced value, if not then...
MOV [EBX+13],00 --- force a zero value into the pointer, i.e. non players will have 0 health ((beware incase you have party members also in some games))
JMP <address to go back to game> --- back to the game coding ((after the jmp you made there))
MOV [EBX+13],FFFFFFFFF --- if EAX equals that value, force this value into pointer making players health huge constantly
JMP <address to go back to game> - back to the game.

game code:
JMP <code cave>


Again this may not be for the game your working on, but it could be similar..

There is a chance that registers wont have this kind of check, to which you will have to find the Player Structure and from there where it works out enemy health.


Remember JMP's are usually 5 bytes in size, so if you have to destroy 2 op codes to do so, then you will have to replace those opcodes in your own code cave.. And always write your code cave first before setting the jmp in the game code or else you will crash :P

[HonestGamer]

Thanks DABhand, but such cases only apply to some games - I had tried such methods from some tuts before...

Looks like I'll have to dissemble the game...

[DABhand]

May I suggest you learn the subject more fully, especially learning ASM.

I think you really have no idea on how it all works, I said the above was an example, but it was a chance you could have used to look into, but I think it went way way over your head.

Yes of course you will have to disassemble the game, because games are not all about freezing a memory value all the time, there is such a thing as DMA (dynamic memory allocation/addresses - whatever people prefer to say) and you have to defeat it by various methods.

[DABhand]

Also since im a nice guy, really I am... I went to your forum and checked one of your tuts..

I literally fell off my chair at this.

i) MOV - Move (FOR DWORD, it is known as FST)
ii) SUB - Substract (For DWORD, it is known as FSUB)
iii) ADD - Addition (For DWORD, it is known as FADD)


No,

FST = Float Store
FSUB = Float Subtraction
FADD = Float Addition

ADD, SUB and MOV can use High bits ,Low bits , 8 bits, 16 bits and 32 bit values/registers.

Example

ADD AH,08
SUB BL,04
MOV AX,10FF
SUB EAX,0013AF4B

You can move DOUBLES or QWORDS with MOVQ etc


Please Please, goto the coding section of the forum and grab my 3 part tut on Basic ASM. You will be better for it


Oh I forgot to add...

You said this also.
FF or 90 or 00 (Repeated by the byte length...you can only use one of the three...I prefer 90).

It should always be 90 (NOP) that replaces any loose code. FF and 00 is asking for trouble

[HonestGamer]

thanks DAHband...I'll fix the tut