Results 1 to 4 of 4
  1. #1
    ShadowCode
    ShadowCode is offline
    New member ShadowCode's Avatar
    Join Date
    2012 Aug
    Posts
    6
    Thanks Thanks Given 
    2
    Thanks Thanks Received 
    3
    Thanked in
    2 Posts
    Rep Power
    0

    Step 9 for Cheat Engine 6.2

    I know there's a walkthrough of all the steps but for the newer version of CE (6.2) you get a different step 9
    (PW=31337157)

    Dibujo0.JPG

    all you got to do is this:
    make a float scan for all players
    you will get something like this

    Dibujo1.JPG

    then right click the first address and select "what writes to this address"
    click Attack (in step 9 first player) double click the item you will get in the instruction list.

    Dibujo2.JPG

    you will see [ebx+4]

    go back to CE and select the first address(or any other)
    right click it >> browse this memory region (ctrl + B)>>tools>>dissect data structures
    create a new structure (ctrl+n) press ok,ok, now add the other addresses (ctrl + A) (copy them from the main CE)

    Dibujo3.JPG

    now in that picture you can compare that teamates share 1 and the others 2
    those are the way the program identifies allies and enemies: (IDs)
    the first address:value belong to the ebx+4 so in order to reach to the 1s and 2s you see the offset there is C (12)
    which means 4 + C(12) = 10 (16) meaning ebx+10 is where you can know if its an ally or an enemy.
    This will help for the code.

    now go back to main CE and select the first(or any other) address and click "find out what accesses this address"
    hit attack (in step 9) and some items will come up, from those you can notice that there is one that makes
    a substraction (health going down) so click that one that says
    fsubr dword ptr [ebx+04] (remember [ebx+4] is the health)
    >> show dissambler>>tools>> auto asembler (ctrl+A) >> template>>code injection

    and copy this code:


    Code:
    alloc(newmem,2048) //2kb should be enough
    label(returnhere)
    label(originalcode)
    label(exit)
    label(allies)     //New label
     
    newmem:
    cmp [ebx+10],1   //remember [ebx+10] evaluates to 1 or 2  (allies or enemies)
    je allies              //if comparation(ebx+10],1) is equal jump to allies
    jmp originalcode
     
    allies:                //jump
    fadd dword ptr [ebx+04]  //instead of decreasing health everytime the allies are attacked the health is added (fadd)
    fstp dword ptr [ebp-30]   //Basically we copy the code below ("originalcode" but for the good of our allies)
    jmp returnhere               //so it will be stored (fstp) where it is supposed to be "dword ptr [ebp-30] "
     
    originalcode:                 //This is so the enemies lose health as they would normally do.
    fsubr dword ptr [ebx+04]
    fstp dword ptr [ebp-30]
     
    exit:
    jmp returnhere
     
    "Tutorial-i386.exe"+2509D:
    jmp newmem
    nop
    returnhere:
    Dibujo4.JPG

  2. The Following 2 Users Say Thank You to ShadowCode For This Useful Post:


  3. #2
    dejaime
    dejaime is offline
    New member
    Join Date
    2012 Aug
    Posts
    5
    Thanks Thanks Given 
    1
    Thanks Thanks Received 
    1
    Thanked in
    1 Post
    Rep Power
    0

    Well, that's something!

    I spent days trying to figure out this one...
    I crashed the Tutorial-i386 so many times I can't even remember haha!
    I even had a save with the structure and P->******* addresses to the healths so when it crashed I didn't need to look them up again =-=
    I solved it on day 8/15, not too long ago, and the only difference is that I had gone for the 1-hit kill approach. Code in the end for the curious.

    Thank you mr
    Nice guide!

    PHP Code:
    alloc(newmem,2048//2kb should be enough
    label(returnhere)
    label(originalcode)
    label(exit)

    newmem:
    //MY CODE STARTS HERE, THE REST IS AUTO GENEREATED
    cmp [ebx+10],1      //IS AN ALLY?
    je originalcode     //JUMP IF EQUAL, PROCEED TO ORIGINAL CODE
    push 0              //PUSH 0 TO THE STACK
    pop eax             //EAX IS NOW 0
    mov [ebx+04],eax    //COPY 0 TO EBX+04 (ENEMY hp)
    jmp originalcode    //GET BACK TO ORIGINAL CODE
    //MY CODE ENDS HERE

    originalcode:
    fsubr dword ptr [ebx+04]
    fstp dword ptr [ebp-30]

    exit:
    jmp returnhere

    "Tutorial-i386.exe"+2509D:
    jmp newmem
    nop
    returnhere

    NOTE:
    This image show the structures in my CE, note that I use a "-4" offset after all the addresses to rollback from the Healths +04 offset. This is why my structure shows the "team value" with the offset +10 and not +0C as in the tutorial.
    Note also that it makes my "team" as well as "health" values appear in purple, its because I created 2 groups in the Structure dissect window that can be seen between the addresses and the application menu: ALLIES and ENEMIES. When you create groups, CE tries to find the differences between all of them, and makes the differences purple. Its very useful for big structures!

    Please register or login to download attachments.

    Last edited by dejaime; 2012-08-18 at 11:24 PM.

  4. The Following User Says Thank You to dejaime For This Useful Post:


  5. #3
    ShadowCode
    ShadowCode is offline
    New member ShadowCode's Avatar
    Join Date
    2012 Aug
    Posts
    6
    Thanks Thanks Given 
    2
    Thanks Thanks Received 
    3
    Thanked in
    2 Posts
    Rep Power
    0
    Quote Originally Posted by dejaime View Post
    I solved it on day 8/15, not too long ago, and the only difference is that I had gone for the 1-hit kill approach.
    Very nice bro, yeah in CE step 9 they talk about this as an example

    When you have found out how to distinguish between you and the computer you can inject an assembler script that
    checks for the condition and then either do not execute the code or do something else. (One hit kills for example)
    Alternatively, you can also use this to build a so called "Array of byte" string which you can use to search which will
    result in a list of all your or the enemies players
    nice way to figure it out the one-hit kill coding, also thanks for telling me about the groups creation I didn't know it.

    By the way at the end of step 9 it says
    Tip2: There are multiple solutions
    it would be cool if we or other people continue this posting other solutions.

  6. #4
    exiahan
    exiahan is offline
    Guest
    Join Date
    2013 Mar
    Location
    CHN
    Posts
    1
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts
    Rep Power
    0
    OK ,that's what i looking for..share code trouble me a lot,thank you dude

Similar Threads

  1. [Delphi] Undetectable Cheat Engine step by step tutorial
    By Dwar in forum Programming Tutorials
    Replies: 31
    Last Post: 2014-06-30, 04:47 AM
  2. [Tutorial] Step by step - How to use hacks [AikaYCS]
    By yizheng in forum Aika Guides, Tutorials
    Replies: 84
    Last Post: 2013-05-20, 05:02 PM
  3. [Request] Cheat Engine 6.1
    By nemsei in forum Aika Online
    Replies: 1
    Last Post: 2012-07-12, 12:25 AM
  4. [Release] Cheat ENGINE Scripts
    By kombatzero19 in forum 2Moons / Dekaron
    Replies: 0
    Last Post: 2012-06-19, 02:09 PM
  5. [Help] Cheat engine
    By cipher18 in forum Aika Online
    Replies: 7
    Last Post: 2012-01-30, 01:59 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •