Moderators: g3nuin3, SpeedWing, WhiteHat, mezzo
L. Spiro wrote:In my left hand is a red pill. If you take it I will show you the truth. I lost my right hand in the war, so I’m afraid you’re stuck with the red pill.
8B FF 55 8B EC 83 EC 20 53 56 57 8D 45 E0 33 F6 50 FF 75 0C 8B F9
L. Spiro wrote:In my left hand is a red pill. If you take it I will show you the truth. I lost my right hand in the war, so I’m afraid you’re stuck with the red pill.
L. Spiro wrote:In my left hand is a red pill. If you take it I will show you the truth. I lost my right hand in the war, so I’m afraid you’re stuck with the red pill.
8B FF 55 8B EC 83 EC 20 53 56 57 8D 45 E0 33 F6 50 FF 75 0C 8B F9
C2 0C 00 8B EC 83 EC 20 53 56 57 8D 45 E0 33 F6 50 FF 75 0C 8B F9
0x10000000 - Read/Write
0x12C00000 - Read Only ---> Can't change this at all
0x13A9A000 - No Access
015CA6AD | 3D CC000000 | cmp eax, CC |
015CA6B2 | 0F84 40FFFFFF | je 015CA5F8 |
015CA6B8 | 32C9 | xor cl, cl |
015CA6BA | E9 39FFFFFF | jmp 015CA5F8 |
015CA6BF | 8BFF | mov edi, edi |
015CA6C1 | 55 | push ebp |
fullaccess(RE5DX9.exe+5FEE9F, 7)
alloc(jmpcash, 90)
label(retjmp)
[enable]
jmp jmpcash
nop
nop
jmpcash:
mov dword ptr [ecx+eax+1C0], 0098967F
mov edx, dword ptr [ecx+eax+1C0]
jmp retjmp
[disable]
mov edx, dword ptr [ecx+eax+1C0]
dealloc(jmpcash)
retjmp:
RE5DX9.exe+5FEEA4:
fullaccess(xlive.dll+13A6BF, 3)
[enable]
retn C
[disable]
mov edi, edi
push ebp
L. Spiro wrote:In my left hand is a red pill. If you take it I will show you the truth. I lost my right hand in the war, so I’m afraid you’re stuck with the red pill.
WhiteHat wrote:Hex String Search for those bytes:
8B FF 55 8B EC 83 EC 20 53 56 57 8D 45 E0 33 F6 50 FF 75 0C 8B F9
Changed the first 3 bytes to RETN 0C opcode:
C2 0C 00 8B EC 83 EC 20 53 56 57 8D 45 E0 33 F6 50 FF 75 0C 8B F9
CoMPMStR wrote:
- Code: Select all
015CA6AD | 3D CC000000 | cmp eax, CC |
015CA6B2 | 0F84 40FFFFFF | je 015CA5F8 |
015CA6B8 | 32C9 | xor cl, cl |
015CA6BA | E9 39FFFFFF | jmp 015CA5F8 |
015CA6BF | 8BFF | mov edi, edi | <----- This One...
015CA6C1 | 55 | push ebp |
If you did modify 015CA6AD then that could be the reason it doesn't work. You are supposed to modify 015CA6BF instead, changing those 3 bytes to RETN 0C (directly beneath the jmp mnemonic).
CoMPMStR wrote:I get a memory overrun error when I do so with RE5
L. Spiro wrote:In my left hand is a red pill. If you take it I will show you the truth. I lost my right hand in the war, so I’m afraid you’re stuck with the red pill.
CoMPMStR wrote:Yes, 88 FF 55 is located at 0x15CA6BF in my snippet. I know the static location for it is xlive.dll+13A6BF, at least for the latest GFWL version, and we should both have the same version.
CoMPMStR wrote:That message doesn't mean failure, it just means we can't attach the debugger still (ok, maybe it's a failure for that). I noticed that all games using GFWL act differently when you attach the debugger. You have to test by rewriting some of the game code, like the money hack, with this patch enabled to see if the game crashes. I've been using it with Red Faction and tested it with RE5 yesterday.. and it's been working for me so I'll help any way I can.
CoMPMStR wrote:I also have the pointers for inventory and treasure items, as well as money and ingame items so when you make your new post I'll share my finds as well. I only use the DX9 version though, don't know if DX10 is any different.
CoMPMStR wrote:I also have the item structure layout and item digits if you don't have those yet.
CoMPMStR wrote:I didn't need to be bothered with finding infinite health when I have infinite ammo and items. Automatic S&W M500 + Automatic Rocket Launcher = Invincible.
L. Spiro wrote:In my left hand is a red pill. If you take it I will show you the truth. I lost my right hand in the war, so I’m afraid you’re stuck with the red pill.
CoMPMStR wrote:No it's not the crkd exe that makes the address different (I use it too), so maybe you do have a different xlive.dll version than I do. It is weird, maybe because I installed RFG after RE5.
CoMPMStR wrote:Either way, you are patching the correct bytes. All you need to do is test it by modifying the game ASM code. It should work 100% no matter which version of GFWL you have installed, unless they change the routine in a future version.
Users browsing this forum: No registered users and 0 guests