LOGIN  .  SIGNUP   .  SUPPORT 
HOME / PC CHEATS & TRAINERS / CALL OF DUTY: MODERN WARFARE 2 / MESSAGE BOARD / [HELP]MY 1ST TRAINER:BODY COUNT-ENDLESS

Call of Duty: Modern Warfare 2 Discussion

Call of Duty: Modern Warfare 2 Trainer

Message Board for PC version

Signup   Message Boards Home   Newest Posts   My Favorite Boards   My Threads
Page 1 of 2   •  First Page  •  Previous Page  •   Next Page  •   Last Page
Signup or Login to Post
[Help]My 1st Trainer:Body Count-Endless
 
coder47  posted on Dec 10, 2009 6:32:19 AM - Report post

Current rank: 1 Star. Next Rank at 100 Posts.
Send a message to coder47
ELITE
[12.14.2009 Updated]
Yeeep, I have to say I coun't calculate or find [esi+04]'s address, but I evaded that with my little trick. You can have a try.

Download link:
rapidshare.com/files/320228603/MW2BC.zip
www.filefactory.com/file/a10140d/n/MW2BC.zip
netload.in/dateiD8AUwgiehq/MW2BC.zip.htm
---------------------------------------------------------------
Hi, I am doing my 1st trainer on MW2. I want to force the score 30000 in Body Count so that we can have infinite enemies to have fun.

I found the game memory { 0042b48b - mov [esi+04],eax }
and esi+04 is the address of score 30000.

I tried to use VB6 to compile my trainer and everytime I start it, MW2 crashes, if there is any tip from u it would be very much appreciated.

here is game memory region:
0042B430 - 8b 44 24 04 - mov eax,[esp+04]
0042B434 - 8b 4c 24 08 - mov ecx,[esp+08]
0042B438 - 56 - push esi
0042B439 - 8d 34 08 - lea esi,[eax+ecx]
0042B43C - c1 e6 04 - shl esi,04
0042B43F - 81 c6 80 74 6c 01 - add esi,016c7480
0042B445 - 8b 46 08 - mov eax,[esi+08]
0042B448 - 8b 4e 04 - mov ecx,[esi+04]
0042B44B - 83 e0 1f - and eax,1f
0042B44E - 83 e8 01 - sub eax,01
0042B451 - 83 f8 04 - cmp eax,04
0042B454 - 73 20 - jae 0042b476
0042B456 - 85 c0 - test eax,eax
0042B458 - 51 - push ecx
0042B459 - 75 07 - jne 0042b462
0042B45B - e8 60 7b 06 00 - call 00492fc0
0042B460 - eb 11 - jmp 0042b473
0042B462 - 83 f8 02 - cmp eax,02
0042B465 - 77 07 - ja 0042b46e
0042B467 - e8 74 e4 03 00 - call 004698e0
0042B46C - eb 05 - jmp 0042b473
0042B46E - e8 9d 51 01 00 - call 00440610
0042B473 - 83 c4 04 - add esp,04
0042B476 - 83 66 08 e0 - and dword ptr [esi+08],e0
0042B47A - 8b 46 08 - mov eax,[esi+08]
0042B47D - 8b 4c 24 10 - mov ecx,[esp+10]
0042B481 - 8b 51 04 - mov edx,[ecx+04]
0042B484 - 0b d0 - or edx,eax
0042B486 - 89 56 08 - mov [esi+08],edx
0042B489 - 8b 01 - mov eax,[ecx]
0042B48B - 89 46 04 - mov [esi+04],eax

[Edited by coder47, 12/13/2009 3:40:07 AM]

 
coder47  posted on Dec 11, 2009 2:57:58 AM - Report post

Current rank: 1 Star. Next Rank at 100 Posts.
Send a message to coder47
ELITE
ok, after a day, I found that every time you quit and restart MW2 the score address{esi+04} is 017ACD24,esi is 017ACD20 and I tried to figure out how to find out esi's address, but no luck. Because if you paly the game again, esi's address will be changed,and then esi+04 will be no more 017ACD24, I hope some of you can give me a tip

[Edited by coder47, 12/13/2009 3:37:51 AM]

 
HonestGamer  posted on Dec 11, 2009 3:04:52 AM - Report post

Moderator
Send a message to HonestGamer
MODERATOR
baaah....I am not so good at VB.

As far as I can suggest, I would use Cheat Engine if I were to make my FIRST trainer.

Important stuff such as replacing the extra bytes of the main code with nops is what Cheat Engine does auto.

Where here, you are doing it manually.

I don't know that you know VB or have just used a template downloaded from the net.

And in addition, the game has shared routines with many other functions IMO...So that might add to the game crashes.

 
coder47  posted on Dec 11, 2009 4:35:10 AM - Report post

Current rank: 1 Star. Next Rank at 100 Posts.
Send a message to coder47
ELITE
yes, CE is a good tool and it has done lots of help. When NOP is filled in MW2 with CE, it also make MW2 crash.
 
Squito  posted on Dec 11, 2009 11:12:54 AM - Report post

Current rank: 1 Star. Next Rank at 100 Posts.
Send a message to Squito
ELITE
I'm not really good at VB, but as much as I can see you used a fixed memory address to modify, right?
 
coder47  posted on Dec 11, 2009 7:52:55 PM - Report post

Current rank: 1 Star. Next Rank at 100 Posts.
Send a message to coder47
ELITE
right, that is the problem, and I need find out the address of esi+04 so that the trainer can work, but every time when you start game , esi+04 address is changed, how to find it?
 
HonestGamer  posted on Dec 11, 2009 9:05:47 PM - Report post

Moderator
Send a message to HonestGamer
MODERATOR
quote:
originally posted by coder47

right, that is the problem, and I need find out the address of esi+04 so that the trainer can work, but every time when you start game , esi+04 address is changed, how to find it?

That is code shifting.

I have made a tutorial on tackling such an allocation for CheatHappens.

Here: Link

 
coder47  posted on Dec 11, 2009 10:09:18 PM - Report post

Current rank: 1 Star. Next Rank at 100 Posts.
Send a message to coder47
ELITE
hi, thanks, I have read that, for me it is something different the oppcode with the corresponding code area:
0042B48B - 89 46 04 - mov [esi+04],eax
and 0042B48B never changes, but when NOP or mov [esi+04],FFFF is injected, the game crashes.

Auto assemble code:
[code]
newmem: //this is allocated memory, you have read,write,execute access
mov [esi+04],0000FFFF <-- I added this line

originalcode:
mov [esi+04],eax <-- I deleted this line
pop esi <--Remained
ret <--Remained

exit:
[/code]

[Edited by coder47, 12/11/2009 10:52:14 PM]

Page 1 of 2   •  First Page  •  Previous Page  •   Next Page  •   Last Page
  Post Reply
Go to page: 1  2 
All times are (GMT -06:00) Central Time (US & Canada). Current time is 11:14:01 PM
Cheat Happens Premium
 
* Access PC trainers and exclusive content
* Updated game trainers and cheats daily
* Get notified when new cheats are added
* Request which games get new trainers
* Priority support with any problem
 
Game Review
Latest Trainer
Call of Duty: Modern Warfare 2 Trainer
• Unlimited Health
• Ammo
• Grenades
+ 9 more options
  Show all Cheats & Trainers