Some people believe that creating a trainer is extremely difficult and requires all kinds of programming knowledge and skills. Not true. Some very friendly tools have been created to allow anyone to make their very own trainers for their favorite games. In these tutorials, we'll teach you the basics of how to get started and give you step by step instructions on creating trainers that you can follow along with on your own.

Hacking Speed and Size in Lost Planet 2 by Hamadah

Team DEViATED brings you a new tutorial! In this tutorial, I'm going to show you how you can make these options for Lost Planet 2: Super Speed, Slow Enemies, Huge Player, Mini Player, Mini Enemies.

Things you need:
-Cheat Engine (get it from www.cheatengine.org) (I'm going to call it CE)
-Some experience in game-hacking
-Some free time :D

OK, so start off by opening CE, start the game, and just start playing. What you need to do first is finding the opcode that accesses one of your coordinates (X, Y, Z). We're going to need that opcode to:

1) Get the player's structure
2) Separate between player and enemies.

There's a tutorial by Psych for finding coordinates. You can look for that.

Well after you find one of the coordinates (what I found was X), right-click on the address and choose "Find out what accesses this address".

The opcode you need is movss xmm0,[eax+30] (if it's the X coordinate that you found). EAX contains your base address. The game will crash as soon as you getthe opcode because of Xlive Anti-Debug Protection. Note the address that holdsthe opcode and start the game again.

Attach CE to the game and go to the address that holds the opcode we found before. Scroll up a few lines, and you'll find mov eax,[01841fc8] ; 01841fc8 is a pointer, so go back to CE's main window --> Add address manually --> Fill in 01841fc8 then click OK. Right-click on it and click "Show as hexadecimal value". The address' value will now be something like 0xADDRESS. Copy the address and go to the Disassembler window --> Tools --> Dissect data/structure. Enter the ADDRESS in the text box in the window that show up then click Structures --> Define new structure. Name it whatever you want then after you click OK a message will show up saying "Do you want Cheat Engine to try and fill in the most basic types of the struct using the current address?"; choose Yes, then keep the structure size as it is (4096 bytes) then OK. You'll see that CE filled the window:

We would be interested in offsets holding float values, especially 1, because most game engines use 1 as a default value for things such as speed and etc.. After I looked after the offsets (to edit, simply copy the ADDRESS, open Windows Calculator --> Switch to Programmer view and choose Hex instead of Dec. Paste the ADDRESS and click + and then add the offset you want, then = and copy the result and in CE, press Add address manually and add the value you got in the Calculator then edit the value and see if there are any changes in-game). I'm going to give you the offsets for the size and speed, but of course in other games, you'll have to find them on your own. So the size offset is 54 in hex, and as you see in the picture, the offset 54 holds the value 1 in float. If I change it to 2 (float) for example, and return to the game, my character will become bigger, and if I change it to 0.5 for example, my character will become smaller, so the opcode that controls the size should have the pointer REGISTER+54 (note this down). And now for the speed; its offset is D40, and that also holds the value 1 in float. If I change it to something bigger e.g. 4, I will become faster. If I change it to 0.5 or something less than 1, I will become slower. So again, the opcode that controls speed should have the pointer REGISTER+D40 (note that down). So now to debugging again. Add the address ADDRESS+D40. Right-click on it and then Find out what accesses this address; you'll get your opcode and the game will crash. The opcode should be fld dword ptr [esi+00000d40] . Before trying to make any cheat, you have to disable Xlive Code Scanning function, so follow the steps here , and place a RETN 0C opcode 3 bytes before the address that the byte pattern gives you. Now on with the cheats; I'm guessing you have knowledge in making cheats and so the explanation won't be very deep. So at the address we found for the speed (holding the fld dword ptr [esi+00000d40] opcode), start making an auto-assemble cheat with a Cheat Table framework code; notice that we can make both the speed and the size cheats from this address, as they have the same base address (ESI that is at this address), so at newmem, you can add the following code:

mov dword ptr [esi+00000054],(float)2 //2 if you want to make yourself big. Use 0.5 or less to make yourself small.
mov dword ptr [esi+00000d40],(float)4 //This will make you faster
and then on with the original code (DON'T add fld dword ptr [esi+00000054], keep it fld dword ptr [esi+00000d40] only!).

Add the cheat to CE's main window. Activate it and go back to the game; you are now bigger and faster! But wait! The enemies have also become bigger and faster! No problem for us! We go back to the address that holds the opcode that controls one of our coordinates. We make an auto-assemble cheat there, and we add the code:

mov dword ptr [10f00],eax

So now the address 10f00 holds the player's base address, and from that we can separate between player and enemies! Of course, after mov dword ptr [10f00],eax, you can make a Teleport cheat if you want. So anyway, now that we have our base address in 10f00, we edit the speed and size cheat we made before so that it becomes:

pushfd //Pushes the E-FLAGS into the stack. We use this because we're making a compare.
mov dword ptr [esi+00000054],(float)1
mov dword ptr [esi+00000d40],(float)1 //Move default values to the size and speed, because the game doesn't return the default values when cheats are disabled
cmp dword ptr [10f00],esi //Here we compare our base address (taken from the coordinate opcode to ESI; if they are equal then it's player, so continue
jne enemy //If they are not equal then jump to the enemies' code
cmp [10f08],0 //Check a flag to see if our cheat is enabled
je originalcode //If it's not enabled then jump to original code
mov dword ptr [esi+00000054],(float)2 //Make our player bigger
mov dword ptr [esi+00000d40],(float)4 //Make our player faster
jmp originalcode //Go to original code

Enemy:
cmp [10f0c],0 //Check a flag to see if the cheat is enabled
je originalcode //If it's not enabled, then jump to originalcode
mov dword ptr [esi+00000054],(float)0.25 //Make the enemies smalle
mov dword ptr [esi+00000d40],(float)0.25 //Make the enemies slowe
originalcode: //Usually you don't have to edit this, I'm adding it just to put POPFD
popfd //gets the E-FLAGS back from the stack

Here goes everything else i.e. fld dword ptr [esi+00000d40] and jump back to game code.

Remember to add label(enemy) after [enable].

Add the cheat to CE's main window, enable it and then enable the cheats' flags (10f08 and 10f0c) by changing their value to anything but 0. Return to the game and VOILA! You're now big and fast and the enemies (and allies; you can make a compare for these but I won't) are now small and slow! Congratulations! :D

This is the end of the tutorial :)

Greets go out to: STN, KEMiCZA, eXtreme, CJB, Psych, Bastiaan, Read If You Must, and others! :D
P.S.: Don't just leech this, share the knowledge and mention our name ;)

See ya in another release!
Hamadah AKA. iNTANGiBLE / Team DEViATED

Contact:
http://www.cheathappens.com/show_user.asp?userID=451495