Making a Complex Address .lssave

Need Help With an Existing Feature in Memory Hacking Software? Ask Here

Moderators: g3nuin3, SpeedWing, WhiteHat, mezzo

Making a Complex Address .lssave

Postby Uytk » Wed May 13, 2009 6:25 pm

Well I need help on complex addresses, having read up on them, I still really do not get them.

So here's some questions:

Why do addresses sometimes start with something like [Something.exe+0xsomething]? How does MHS interpret this? Or I'm seeing it wrong?

Because I've downloaded lssaves in the past that started basically from the process itself, so the lssave would work everytime.

What is the 'usual' pointer level for addresses?

Why does the target process crash if too many addresses are locked? And why does it not crash if complex addresses made instead?

Does MHS freeze all the pointers?

How do you know if you've arrived at the base pointer?


I'm trying to change from 'Don't know how to do anything' to 'Know how to do something' =)

Thanks for helping =)
"If youth, throughout all history, had had a champion to stand up for it; to show a doubting world that a child can think; and, possibly, do it practically; you wouldn’t constantly run across folks today who claim that “a child don’t know anything." ... ..."
Uytk
NULL
 
Posts: 110
Joined: Thu Apr 03, 2008 9:56 pm

Re: Making a Complex Address .lssave

Postby L. Spiro » Wed May 13, 2009 8:05 pm

Uytk wrote:Why do addresses sometimes start with something like [Something.exe+0xsomething]? How does MHS interpret this? Or I'm seeing it wrong?

Because I've downloaded lssaves in the past that started basically from the process itself, so the lssave would work everytime.

The help file explains how this is interpreted. Everything is resolved to numbers as per the explanation in the help file.

Uytk wrote:What is the 'usual' pointer level for addresses?

Between 1 and 17.

Uytk wrote:Why does the target process crash if too many addresses are locked?

Because the RAM is deallocated and reallocated but the address being locked it not changing, thus causing it to lock random data instead of the data that is intended to be locked.

Uytk wrote:And why does it not crash if complex addresses made instead?

Because when the data is deallocated and moved to another location so is the address that is being locked.

Uytk wrote:Does MHS freeze all the pointers?

It freezes the value to which the Complex Address points.

Uytk wrote:How do you know if you've arrived at the base pointer?

When you have resolved the pointer chain to an address within a module (.dll or .exe).


L. Spiro
Our songs remind you of songs you’ve never heard.
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Re: Making a Complex Address .lssave

Postby Uytk » Thu May 14, 2009 5:32 pm

Okay, so if the process always deallocates and reallocates addresses, is it possible to make 1 .lssave so that you always hit your target variable?

Example: S.P.E.C.I.A.L
(I don't own or play Fallout 3)

So anyway, the game allocates memory to S(Strength), and you make it so that
[[Fallout3.exe+1F]+2F]
I made the numbers up, but anyway...

If the game reallocates the target address at +1F+2F to another variable, say P(Perception), perception would be changed instead?

Also,
if you pointer-search a multi-level pointer then it points to an address, how does MHS tell you it's a .dll or .exe? It tells me automatically?


By the way, I'm trying to cheat in the game: Freelancer (By Digital Anvil)
I can do it, but making my own .lssave is the next step =)

EDIT:
Well I tried even more by myself, but seriously I'm not going anywhere...

I loaded my autosave and undocked.
I searched for my Power* Address, it was
0AB70FA8

(*Power in this game is required for energy weapons, it's very easy to find as your ship has a constant max power.)

So anyway, I did
"What accesses this address"
I got 10 Hit Addresses from the list.
Anyway, by now I still do not get what the Capital Letters mean:

The Es:
EAX
ECX
EDX
EBX
ESP
EBP
ESI
EDI

The ones in Disassembly
FADD
FSTP
FLD
MOV
FSUBR

Also, what's PTR?

And there were 3 different Hit Counts:
226
138
125

How do you use the "Hit Address"?
How do you use the "Code"?

What does "NOP" exactly stand for?

What is so special about 0x00400000?

You all probably don't have Freelancer, so I guess I should use Windows Minesweeper to practise?

So yeah I'm a noob asking for help =D
"If youth, throughout all history, had had a champion to stand up for it; to show a doubting world that a child can think; and, possibly, do it practically; you wouldn’t constantly run across folks today who claim that “a child don’t know anything." ... ..."
Uytk
NULL
 
Posts: 110
Joined: Thu Apr 03, 2008 9:56 pm

Postby L. Spiro » Fri May 15, 2009 6:24 am

Someone with more time on his or her hands should answer most of these. I can only spare the time needed to answer the one-liners.


EAX-EDI are thread registers. Read about them via Google.
FADD, etc., are ASM instructions that work on floating-point numbers. Read about ASM via Google.
PTR is pointer.
Hit Address is the address of the code that read or wrote whatever data you are trying to study.
Code is the code that did the reading or writing.
NOP = No Operation. Read about ASM.
0x00400000 is where 99% of all Windows applications are loaded by default.


L. Spiro
Our songs remind you of songs you’ve never heard.
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Postby jungletek » Fri May 15, 2009 9:32 pm

A big problem seems to be that you're trying to run before you can walk.

Learn all the ins and outs of cheating games with static addresses first. Become completely comfortable with the terms, concepts, and techniques being used.

Then familiarise yourself with pointers, both static and dynamic. Understand how they work, how to find them, and how they are represented in MHS (as complex addesses).

Using the auto-hack in MHS, as you are when you use the "find what read/writes this address", requires that you have a basic understanding of assembly language to grasp what is occurring.

I don't mean to sound condescending at all, but you simply seem to lack the prerequisite understanding to do what you want to do. I would strongly suggest reading some tutorials on the aforementioned concepts and techniques. You can find plenty of them here, as well as at sites like World Of Game Hacking, etc. I'm sure others can suggest more.

I think if you posted a game-specific thread in the appropriate section, with specific issues you're having, and in game examples, it would be much more effective both for you and for the kind soul trying to help.

Best of luck...
jungletek
I Have A Few Questions
 
Posts: 5
Joined: Thu May 07, 2009 1:25 am

Re: Making a Complex Address .lssave

Postby WhiteHat » Sat May 16, 2009 11:10 am

I agree with L. Spiro and jungletek..

There are some necessary skills you need to learn before going into the step you’ve described in your previous post. However, based on my own experience, you don’t need to master them all to hack most games for most purposes (God Mode, Infinite Values, etc). Best thing is the learning process can be real fun..

Uytk wrote:You all probably don't have Freelancer, so I guess I should use Windows Minesweeper to practise?

I have this game installed in my PC, and am playing it quite often. It’s one of my favorite games.

You can start a specific topic about Freelancer in here: http://memoryhacking.com/forums/viewforum.php?f=20 ,
then we can discuss about it in more detail. I have several Freelancer cheats with me, both Complex Address and Code Injection methods..

BTW, i can tell that you were in the right spot with that Ship’s Power you’ve mentioned earlier. The Code Injection cheat i made for it started from one of those Hit Address...
.. to boldly go where no eagle has gone before...
User avatar
WhiteHat
Elang Djawa
 
Posts: 1059
Joined: Fri Jul 21, 2006 12:49 pm
Location: Away for a while...


Return to Help

Who is online

Users browsing this forum: No registered users and 0 guests