LOGIN  .  SIGNUP   .  SUPPORT 
HOME / MESSAGE BOARDS / GENERAL DISCUSSIONS

General Discussions

Signup   Message Boards Home   Newest Posts   My Favorite Boards   My Threads
Page 4 of 6   •  First Page  •  Previous Page  •   Next Page  •   Last Page
Signup or Login to Post
Memory Buffer Problem
 
DABhand  posted on Mar 21, 2010 4:33:55 AM - Report post

Current rank: 3.5 Stars. Next Rank at 8000 Posts.
Send a message to DABhand
AUTHOR
Good good, learning as you go along.
 
Sil3nt_Pr0digy  posted on Mar 21, 2010 10:21:32 AM - Report post

Current rank: 1 Star. Next Rank at 100 Posts.
Send a message to Sil3nt_Pr0digy
ELITE
yeah, but I still am having problems with figuring out how to properly do infinite health. Anyone can nop the code and give both unlimited health.

But I want a proper hack for unlimited health. And it once again uses movss with those XMM registers.

I don't know how I'm suppose to isolate the one that writes to the player's health.

Any suggestions?

 
Sil3nt_Pr0digy  posted on Mar 21, 2010 6:49:23 PM - Report post

Current rank: 1 Star. Next Rank at 100 Posts.
Send a message to Sil3nt_Pr0digy
ELITE
Well here is what I have been thinking...

The function that controls health is this:

0045D67D - f3 0f 11 87 20 01 00 00 - movss [edi+00000120],xmm0

Now what I know is that the health is written to edi+00000120. Here is a screenshot of the values at the address, captured via Cheat Engine. Link

Now if I take the address shown at EDI and add the offset you get 8553280. Navigating to that address gives you this code:

08553280 - 00 80 ab 43 00 00 - add [eax+000043ab],al

This is the address that my life is stored to. But changing this results in it to reset to add [eax+000043ab],al.

Now what I've been thinking of doing is instituting a conditional jump, in which if edi = 08553160, and if it does, set the value to a set value, to cause the true infinite life effect. Does this sound right? if so, how would I code the edi conditional jump inside my code cave.

Thanks for the help Dabs... Your guidance has put me on the path to understand ASM and SSE better. But one thing that I don't really understand is Conditional Jumps.

Help would be appreciated :]


Ok, so I want to use a condition jump if edi is equal to 08553160. I'm going to look at the tuts more and see if there is a way to do it.

[Edited by Sil3nt_Pr0digy, 3/21/2010 8:09:56 PM]

My bad... I realized that it won't work because the address I was seeing (8553160) was a DMA address for health; not what I was looking for... Damn it... isn't there some other way to sort out the player's health?

BTW, I got my conditional jump working... now if I just knew what to put in it...

[Edited by Sil3nt_Pr0digy, 3/21/2010 9:43:44 PM]

 
Sil3nt_Pr0digy  posted on Mar 21, 2010 10:43:17 PM - Report post

Current rank: 1 Star. Next Rank at 100 Posts.
Send a message to Sil3nt_Pr0digy
ELITE
Ok... So I have everything I need to get the Infinite Health Working; Except the ability to tell which value controls my health.

This would be so much easier if I could find an example of infinite health in which a game has similar functions for health.

Ok... Still having problems separating the codes... how does everyone else do this? lol, There obviously have to be some way for me to do it because others have done it.... I just wish someone would tell me how and finally let me know.

[Edited by Sil3nt_Pr0digy, 3/21/2010 11:02:57 PM]

 
DABhand  posted on Mar 22, 2010 1:45:32 AM - Report post

Current rank: 3.5 Stars. Next Rank at 8000 Posts.
Send a message to DABhand
AUTHOR
Read up on ASM.

Icezilion has a website with lots more resources. Google for it.

 
Sil3nt_Pr0digy  posted on Mar 22, 2010 2:00:07 AM - Report post

Current rank: 1 Star. Next Rank at 100 Posts.
Send a message to Sil3nt_Pr0digy
ELITE
thanks dabs

I can't seem to find the website; do you have a link?

[Edited by Sil3nt_Pr0digy, 3/22/2010 2:04:34 AM]

Nvm, I found the site, I'm reading up on them right now. They are hard to understand, as he is using MASM. I really don't see how this will help me figure out how to do my infinite health tho.

[Edited by Sil3nt_Pr0digy, 3/22/2010 2:16:53 AM]

I went through the Exagone tuts, they are pretty basic, and stuff that is already listed in your tuts.

[Edited by Sil3nt_Pr0digy, 3/22/2010 2:26:44 AM]

Well after reading a bit more; I still cannot seem to find anything relating to my problem, or having to do with things that I haven't already learned in tutorials from CH and other websites.

Hopefully someone has a URL, example, or can assist me, so that I may figure out the way to get my code working.

I believe a conditional jump is the right idea; but I do not know how to make sure that the conditional jump will only be executed if the pointer is that of the player's health;

I was thinking about checking pointers; but several thousand tend to show up when I am doing a pointer scan of the address; Which does not help me at all.

[Edited by Sil3nt_Pr0digy, 3/22/2010 2:39:04 AM]

 
DABhand  posted on Mar 22, 2010 4:06:41 AM - Report post

Current rank: 3.5 Stars. Next Rank at 8000 Posts.
Send a message to DABhand
AUTHOR
Sorry meant to say Iczelion :\

The pointer you found was for the player/NPC structure.

You will have to check with each structure to see if there is a difference at the start of each. Most of the time, the first byte could be a 01 and for NPC's 00.

If that is the case, then you could do something like

PUSH EAX << Save content of register for later
MOV EAX, [Pointeraddress] -- Move address into EAX
CMP [EAX+xx],01 - compare the memory location + offset to the check byte with 1
JNE xxxxxx - Jump if not equal - i.e. Jump if not player
MOV [EAX+xx],64 - Force decimal value of 100 into player health (xx being the offset for health)
XOR EAX,EAX - This effectivaly makes EAX 0
POP EAX - Put back the original value.
JMP xxxxxx - Jump back to game.
POP EAX - Put back to original value - also this is where JNE jumps to
(Place back original instructions here for NPC)
JMP xxxxxx - Jump back to game


That was just an example, dont have the game your using so its just an idea of how it works

EDIT: When I said [Pointeraddress] I mean the register+offset not the actual value

[Edited by DABhand, 3/22/2010 4:12:53 AM]

 
DABhand  posted on Mar 22, 2010 4:17:42 AM - Report post

Current rank: 3.5 Stars. Next Rank at 8000 Posts.
Send a message to DABhand
AUTHOR
Which version of Dead Space you have? I am going shopping shortly, if I can find a cheap copy ill buy it and have a look, not played it yet and people have said its an experience

Version as in patched version

Page 4 of 6   •  First Page  •  Previous Page  •   Next Page  •   Last Page
  Post Reply
Go to page: 1  2  3  4  5  6 
All times are (GMT -06:00) Central Time (US & Canada). Current time is 7:24:06 PM