Memory Hacking Software

[Sychotix]

detach the debugger on MHS, attach Olly. When you need to debug with MHS again, right click, detach process (make sure its running), and attach MHS.

[L. Spiro]

I use MHS for the whole process. OllyDbg is not necessary.

And as I recall it closes the process when it detaches.


L. Spiro

[Steiner]

Exactly there is no option in OllyDbg to detach the debugger.

But, if I search in Warcraft3 for Player Health or Gold ect. there will be pop-up tons of addresses, which all call my gold address, how you can filter out, which address is the right one? And how you can continue the work, when you need to step out of a function to see which part of the code call it?

Example: 0x12345678 = Current Player Gold Address

// Function:
PUSH EAX
PUSH EBX
...
// some asm
0x12345676 MOV EAX, [ ESI + 0x1234 ]
...
0x12345678 MOV EDX, EAX

In MHS is no StackViewer, where you can follow the calls. How I can trace it down?


Greetz Tobi.

[L. Spiro]

Then do a Pointer Search for whatever ESI is. It is Exact Value; you can’t get millions of returns.


L. Spiro

[Sychotix]

I use MHS for the whole process. OllyDbg is not necessary.

And as I recall it closes the process when it detaches.


L. Spiro

Not if you do a "Right Click, Detatch from Program". Only if you close it in ANY other way (I've been using Olly for a long time and i JUST now noticed this feature =P)

[Steiner]

Hmm... I believe it's nearly imposseble to get a static address of HP from 1. Hero of a player. hmpf... maybe you can find this address? It would be really great


Greetz Tobi

[WhiteHat]

Yes, “it’s nearly impossible”... but still possible.

I found the complex address for it, but not happy with it since it
doesn’t work for other WC3TFT maps (only for DOTA Allstars).

[troy]

willl tell me complx addres for hero blood plzz?
i try your gold adress and working good. i want hack hero blood to mhs tabel

[Hitman]

willl tell me complx addres for hero blood plzz?
i try your gold adress and working good. i want hack hero blood to mhs tabel

by blood u mean the HP??

[WhiteHat]

Looks like it is, he meant for HP...

First, you have to find the address of your hero’s Base Structure, then use this Complex Address:
[[[0x6F87D7BC]+0xC]+([“Hero’s Base-Structure Address”+0xA0]*0x8)+0x4]+0x78
(...very similar to Gold’s Complex Address...)

Note that i use WC3TFT v1.21a. For different patch version, you may have to change 0x6F87D7BC
with other address as static base pointer.

[Aspras]

This method doesnt seem to work, maybe because I have the 1.22a patch.

[WhiteHat]

Kinda lazy to move to version 1.22a...

Though i’m quite sure that we only have to replace the static base
pointer to some other address, that is to change 0x6F87D7BC..

[minorutono]

You know, I gotta thank you for this tutorial.

I couldn't have understood Pointers without this tutorial, and I'm glad I read it (Multiple times). You are pretty much as clear as possible, and I can tell there was a lot of time and effort being put into this (screenshots). So thank you, the guide is indispensible.

10/10.

Hats off to you.
Cheers, Mino.

[WhiteHat]

Thank you...

But, really, you should address the credits to MHS.
I couldn’t have done it without MHS...

[Aspras]

I went all the way up to level 4, then I noticed there was an address I had seen before. I went up from level 4 to 6 by just guessing what the pointers would be , and its just what I expected, theres some sort of repeating pattern.



This is on W3 TFT 1.22a