Memory Hacking Software

[L. Spiro]

Why not get it?

Demo #11

• Disassembler upgraded.
• Custom controls (Hex Editor, Disassembler, TreeBoxes, etc.) have themed borders where enabled.
• Injection Manager added.
• Fixed tons of bugs regarding the assembler for injections.
• “Update Locked Values” option fixed.
• Only one known crash-causing issue: Same as Original Sub Search.
• Multiple critical script bugs fixed.
• Undo/Redo/Copy added to Disassembler.

Just an additional note.
When loading the Disassembler, you can dock the Helper on either side.
However, if you dock it on the right side, the Disassembler control will appear over it. You must dock it to the left.
If you dock it on the left side, the first time, it will be hidden to the left against the border, and you will need to drag it out. It will remember its position so you will only need to do this once.


L. Spiro

[L. Spiro]

Why not get Demo #12 too?

Demo #12

• Basic Single-Step Debugging Added.
• Disassembler Addresses Decoded into Function Names Where Available.
• Cooks Dinner for 4.

L. Spiro

[kai]

Alright, now that the disassembler is better I should really be able to get stuff done.
On a side note, now I won't have to help with dinner tonight, I'll just put my computer in the kitchen.

[L. Spiro]

The word on the street is…
Demo #13
…or so they say.

• Step Over Added.
• F7 = Single Step. F8 = Step Over. F9 = Run. Controls match OllyDbg for now.

To Do:

• Add thread information.
• Fix the Step Over problem where stepping can not be stopped while stepping over a function.
• Parse functions/all code for type data, jump tables, functions, etc.
• Add Step Out feature.
• Add full preprocessor to scripts.
• Add “complex address” parser to allow denoting of pointers in address calculation.
• Export scripts into stand-alone trainer .EXE files.
• Add more kernel-mode functionality.
• Add ability to modify/add addresses in the RAM Watcher.

L. Spiro

[esco]

Hey dawg, I've been usin demo 6 since it seems to run the fastest up until now, but I just tried demos 11, 12 and 13.... and I have the same issue in all 3. When I try to load my saved file from demo 6 with all my c scripts I get this error:

Load failed. Some values may have loaded.

And all my NON locked addresses don't come up..... but all the locked ones do. Why is this? My file is 380k, it's an lssave, and I'm using winxp. If you need any more details or want to see the file o try it yourself, lemme know.

[L. Spiro]

Send the save file via e-mail.


L. Spiro

[esco]

Send the save file via e-mail.


L. Spiro

Sent it.

[L. Spiro]

Demo #15


Fixes a bug that prevented the loading of valid save files where the script size or description size was 0 (you can load your files now).





Coming up is a new feature that overpowers the calculator in TSearch by miles: the Real-Time Expression Evaluator.
This will allow you to enter any expressions you want and it will evaluate them in real-time.
For example, “complex addresses”, as used by other programs, will evaluate something like this: “[winmine.exe+0x33C4]”. This would go to the module address, add 0x33C4 to it, and the brackets would indicate that the value at that address is to be returned. So, it means, “Get the value at that address.”
They can also be more complex: “[[[[[[[0x0A71F10]+6Ch]+80h]+4]+184h+64h]+114h+4]+4]”.
This would follow a series of pointers until it gets to the final address.


But the Real-Time Expression Evaluator takes it all to a whole new level.
It can evaluate both of the above examples, and more.
Examples:
1+1
(1+1h) % 32
[0x0A71F10+(1+1h) % 32]
[0x0A71F10]>>1
([0x0A71F10]>>1)
([0x0A71F10]>>1) & 0xFF
([0x0A71F10]&0x00FFFFFF)+[0x0A71F1C]*4
[([[[[[[[0x0A71F10]+6Ch]+80h]+4]+[0x0A71F1C]*4+64h]+114h+4]+4])]&(0xFF00FF00+1)-([[0x0A71F10]>>2])


The actual parser is already done.
It can currently parse all of the above expressions.
All that is needed is to add the interface to allow you to add lists of expressions.
You can add as many as you like. All expressions are saved between sessions and will reload when you restart MHS.exe.
All expressions are evaluated in real-time so the values are updated as the game RAM changes.
The parser will be accessible via scripts, so you can evaluate these expressions as desired from within your own scripts.

It works as a simple calculator as well; you can enter pure numeric expressions such as 1 + 1, (1 << 3), (0xFFFF0000 & (34 | 1)) ^ 0xFFFFFFFF, etc.

It will also be used to evaluate expressions in the Disassembler, so I can begin adding more functionality there.

It will not just be used as a real-time advanced calculator. It will be used for my complex-address system, allowing these expressions to be used to derive addresses of values you wish to keep.
This means you will have all functionality from existing complex-address-type software plus tons more, allowing you to actually put decryption routines into the address calculation as well.
For example, in Nintendo® 64 games, the upper byte of pointer addresses needs to be masked out, then the remaining value should be added to the RAM pointer inside Project64.
Current complex addresses can not handle such operations, but this new system handles it with ease, opening new doors for those hacking emulators and other games that use encrypted or otherwise overly complicated addresses.


L. Spiro

[esco]

Hey bro thanks a lot... demo 14 works fine. And I noticed now it says 15.... which works fine too.

[Kakashi_s1]

hey spiro, all your demos still dont work with my game (legend of ares) except demo 7 and below.

Check it out if you can. Thanks.

[g3nuin3]

Kakashi, that means Legend of Ares is Broken.

[L. Spiro]

Actually I think I know the cause.

Legend of Ares will not run unless you are the administrator over your computer.
It has some retarded junk such as that in there, which is why I have not actually played it yet, since I use my computer as another user.

I think Demo #7 is when I finally remembered to add higher privilages to MHS, which must be causing some conflict in your game.


I am sure it has to relate to that in some way.
It is the ony unique aspect to this game.


L. Spiro

[esco]

Another problem I've found: the program will FREEZE up a lot when changing scripts, when you hit ok. Yet if I reopen the program and try again, it will workfine. It happens A TON, in both demo 14 and 15. I've tried it on 3 different computers.

[L. Spiro]

I have been aware of this bug, and it also happens when closing MHS.exe with all of your save-file values loaded, because you use a lot of scripts.

It has to do with the script destructor.
I believe this appeared when I fixed one of the critical bugs in the script, and I may have overlooked something else I would have had to change to completely fix that bug.


Although I knew about it, I have only had a few moments to look at the code.
Looking at the code now I think I can see a problem.
But I am at work and can not fix it now.

It will probably be fixed tonight.



I also plan to fix the other known issue, regarding Same as Original Sub Searches, which also never happens in debug mode.
Once these two issues are fixed the software will be classified as 100% stable, as no other issues are known in any part of the software.


L. Spiro

[Kakashi_s1]

so i guess i cant use demos 8 and up.

Does those newer versions have a higher privelege? Or did you take em out after demo 7?

I guess i cant use all the cool features yet. =D