Home of Gamehacking

Normale Version: I DIE IN GAME(WATCH VIDEO)
Du siehst gerade eine vereinfachte Darstellung unserer Inhalte. Normale Ansicht mit richtiger Formatierung.
Seiten: 1 2 3 4 5 6 7
you said iin register compares that  if  a number is all o's then the number is your health but in  game im hacking health i do register compares and none of the number are all 0's,so what i do in this scenario


i will put the image of this scenario in a file
Then you need to compare other values.
That differs from game to game and sometimes is not easy at all.
So, as I only have a picture, I can only guess.
You can try to compare ecx or esi.
Today in the evening I can have a look into it.
Maybe I can make a little tutorial for this game...
i need hellp doing the code injection correctly with a game,heres the video



tell me if i did something wrong and tell me the correct code injection numbers



https://vimeo.com/manage/videos/567470461
So, first of all, the instruction
Code:
[edx+52],cx
shows you, that your value is a 2 byte value. You can see that by the cx. ax, bx, cx, ..... are 2 bytes while eax,ebx,ecx are 4 bytes (usually, it depends on the instruction itself)
So, when you set your value type of your health address to 2 bytes you should see a much more readable health value, like 100 when at full health.
Oh, and your max health value is at <current_health_address+2> also 2 byte.

For the rest it is again more a guessing as we don't see enough to tell what you can do but in this case:
I have the same version as you so I can tell you, you could compare esi=7 for player and esi=9 for enemy.
But keep in mind that nobody can tell what you could compare, when we just see a video. In some cases it is not even
possible to just compare a register itself.

You can just copy and paste the following script. Oh and don't forget, the instruction only gets executed after you got hit,
as you selected "find out what writes to this address"

Code:
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)

newmem:
cmp esi,7
jne originalcode
mov cx,[edx+54]

originalcode:
mov [edx+52],cx
mov eax,[ebp-04]

exit:
jmp returnhere

"EvilDead.exe"+34B259:
jmp newmem
nop 2
returnhere:




[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
"EvilDead.exe"+34B259:
mov [edx+52],cx
mov eax,[ebp-04]
//Alt: db 66 89 4A 52 8B 45 FC
IM HAVING TROUBLE DOING CODE INJECTION FOR THIS GAME,CAN YOU help me do the correct code injection
also can you give me complete knowledge on how to do register compares






https://vimeo.com/568372323
It is nearly impossible to teach/show you that by just watching a video.
So, please tell me the name of that game and then please don't switch the games so often.
gods and generals
Aaaahhh the "Lithtech" engine... Nice one...
This is pretty easy...

This is the code section for the players armor...
Code:
object.lto+9CCA3 - D9 46 68           - fld dword ptr [esi+68]                              <<<--- inject here
object.lto+9CCA6 - D8 64 24 1C        - fsub dword ptr [esp+1C]
object.lto+9CCAA - D9 56 68           - fst dword ptr [esi+68]
object.lto+9CCAD - D8 1D 58 86 9B 12  - fcomp dword ptr [object.lto+238658] { (0) }
object.lto+9CCB3 - DF E0              - fnstsw ax
object.lto+9CCB5 - F6 C4 01           - test ah,01 { 1 }
object.lto+9CCB8 - 74 07              - je object.lto+9CCC1
object.lto+9CCBA - C7 46 68 00 00 00 00 - mov [esi+68],00000000 { 0 }
object.lto+9CCC1 - D9 46 60             - fld dword ptr [esi+60]


And your code injection can be look like this...
Code:
fld dword ptr [esi+68]        <<<--- original code
push eax            <<<--- save EAX to the stack
mov eax,[esi+000000E4]        <<<--- copy value of [esi+e4] to eax
cmp [eax],79616C50 { "Play" }    <<<--- cmp value at address that eax holds with 'Play' (Player)
pop eax                <<<--- restore eax
je originalcode            <<<--- if player address...
fsub dword ptr [esp+1C]        <<<--- ... than dont subtract armor value when hit
jmp object.lto+9CCAA        <<<--- jump back to original code
nop
how you know all the correct numbers,is there like a guide that shows the correct numbers for every code injection possibility
Seiten: 1 2 3 4 5 6 7