Posts: 165
Threads: 14
Joined: Jul 2011
Reputation:
8
11-15-2012, 16:53
(This post was last modified: 11-15-2012, 16:55 by narkos.)
@ Tomsen1410 thx, but i know how to find health, ammo, and some stuff for me (player1), but i would like to know how to find the entire client struct.
And if possible not only the client struct of the game hoster, but for all players that are in this lobby.
for example one of my goals is so:
I start a lobby, when the game start i press for example ctrl+a and everybody get max ammo in this lobby...
(i don't want to have things only for the host, cause it's unfair, i'd like to find thing that i can give/set to everyone in my lobby...)
Posts: 1,185
Threads: 72
Joined: Jan 2011
Reputation:
25
11-15-2012, 16:57
(This post was last modified: 11-15-2012, 16:58 by Tomsen1410.)
(11-15-2012, 16:53)narkos Wrote: @Tomsen1410 thx, but i know how to find health, ammo, and some stuff for me (player1), but i would like to know how to find the entire client struct.
And if possible not only the client struct of the game hoster, but for all players that are in this lobby.
for example one of my goals is so:
I start a lobby, when the game start i press for example ctrl+a and everybody get max ammo in this lobby...
(i don't want to have things only for the host, cause it's unfair, i'd like to find thing that i can give/set to everyone in my lobby...)
I think if you are the host and you change the process everyone will get the change, because youre the host.
Well that was the case in CoD4 actually.
But well how to find the structure i dont know, but i think the other variables are near the health adress for example.
Posts: 1,519
Threads: 107
Joined: Dec 2011
Reputation:
48
(11-15-2012, 16:53)narkos Wrote: @Tomsen1410 thx, but i know how to find health, ammo, and some stuff for me (player1), but i would like to know how to find the entire client struct.
And if possible not only the client struct of the game hoster, but for all players that are in this lobby.
for example one of my goals is so:
I start a lobby, when the game start i press for example ctrl+a and everybody get max ammo in this lobby...
(i don't want to have things only for the host, cause it's unfair, i'd like to find thing that i can give/set to everyone in my lobby...)
*dont do this on server with anticheat*
Find your address like health in cheat engine, then right click it and select "... what writes to this address", so cheat engine will break everytime the health value has changed, when the value has changed you see a list of addresses that change that value, and the instruction, like, "mov [ecx+0x18],eax".
This means that ecx at that moment is the beggining of the struct (may be player struct which contains player coordinates, health and that stuff) and you add 0x18 to get the health. Probably the game calculates what struct of what player it needs to change, like, "if player has index of 4, and the size of the struct is 0x200, and the first struct address is 0x01020304, then to find the struct offset of that player, you do, base + (size of struct * index), in this case, 0x01020304 + (0x200 * 4) = 0x01020B04. Most games (cod also) do that.
Posts: 1,185
Threads: 72
Joined: Jan 2011
Reputation:
25
11-15-2012, 23:10
(This post was last modified: 11-15-2012, 23:29 by Tomsen1410.)
Quote:*dont do this on server with anticheat*
Find your address like health in cheat engine, then right click it and select "... what writes to this address", so cheat engine will break everytime the health value has changed, when the value has changed you see a list of addresses that change that value, and the instruction, like, "mov [ecx+0x18],eax".
This means that ecx at that moment is the beggining of the struct (may be player struct which contains player coordinates, health and that stuff) and you add 0x18 to get the health. Probably the game calculates what struct of what player it needs to change, like, "if player has index of 4, and the size of the struct is 0x200, and the first struct address is 0x01020304, then to find the struct offset of that player, you do, base + (size of struct * index), in this case, 0x01020304 + (0x200 * 4) = 0x01020B04. Most games (cod also) do that.
"mov [ecx+0x18],eax"
So a struct starts at ecx AND the variable, which I was searching for is in that struct but its offset IN the struct is 0x18?
Quote:Probably the game calculates what struct of what player it needs to change, like, "if player has index of 4, and the size of the struct is 0x200, and the first struct address is 0x01020304, then to find the struct offset of that player, you do, base + (size of struct * index), in this case, 0x01020304 + (0x200 * 4) = 0x01020B04. Most games (cod also) do that.
And what exactly do you mean with that?
Do you mean, that there is an array of structs for each player and the games handles them like you mentioned, so that for example one struct has the size of 0x200 and the index of the player we are searching for is 4. So the array of the playerstructs starts at lets say 0x01020304 and then you have to add (0x200 * 4) to get to the palyer with the index 4?And how do we get the base address of the array?(0x01020304 ).
And if we now want the health of the player with the index 4, should it then look like this:
0x01020304 + (0x200 * 4 + 0x18)?
Because you said that the offset of the health variable in one struct is 0x18. So is that right what I wrote?
Three questions, please answer them. (:
Posts: 1,185
Threads: 72
Joined: Jan 2011
Reputation:
25
@ kokole Answer me please.
Posts: 165
Threads: 14
Joined: Jul 2011
Reputation:
8
11-16-2012, 19:38
(This post was last modified: 11-16-2012, 19:42 by narkos.)
Thx @ kokole for your answer!
(*dont do this on server with anticheat* there is an anticheat on MW3??? exept vac of course...)
@ Tomsen1410
If i correctly understood @kokole, its like this.
if the array of client's structs is at 0x01020304, and one client struct size is 0x200.
the 4th client struct is at 0x01020304 + (3 * 0x200). Then you add 0x... that you need to be on the thing you want to change, for example 0x12 to have health...
(0x12 is wrong, i just use that number for the example.)
Sorry for my english, but i wanted to answer you
|