Bf2 commander hack

**Peter8** · 10-08-2010

1
Finding the Offsets for the
Commander Hack
E very hack begins with a few offsets, and for the C ommander
H ack , these are the ForceC ommander, S upply, and A rtillary.

o find the memory addresses for the commander hack we begin with simple memory searchers such a TSearch or Cheat Engine. Memory searchers are used to search the memory of a game’s process for certain values and then can modify & set breakpoints on that memory address..
Setting Up The Scene

As most game hacking scenes go, we first need to start up BF2 Demo in windowed mode. This can be done by going into the shortcut properties and altering the runtime command of “+ fullscreen 1” into “+ fullscreen 0”.

2

This allows us to run BF2 and debug it at the same time without causing problems. O nce you have set the shortcut properties, proceed to run the game and TSearch. In the BF2 Demo, navigate to Single Player and start a Gulf Of Oman single player game.
Searching for the Addresses

When the server has loaded, apply to be commander, and accept once the invitation comes. Now when you accept the commander position a Boolean Value of 1 has been written in your player’s profile (structure/ class) in the game’s memory.

Now Alt-Tab back to TSearch and Click O pen Process, and Select the BF2.exe which is our game. O nce its attached click the little magnifying glass “Init New Search” and search for the Exact Value 1 with the type set to as Bytes. You will get millions of results.

Next, head back to BF2 and resign from commander position. Now, the memory address for commander would have changed back to 0. So head back to TSearch and use the “Search Next” to search which of the found values has changed to 0. Then head back and apply for commander. Keep doing this back and forth until you end up the a few values.
So after a few turns of applying and resigning, I got down to 17 memory addresses.,
and they would all change when apply/ resigning for commander

Next, head back to BF2 and resign from commander position. Now, the memory address for commander would have changed back to 0. So head back to TSearch and use the “Search Next” to search which of the found values has changed to 0. Then head back and apply for commander. Keep doing this back and forth until you end up the a few values.
So after a few turns of applying and resigning, I got down to 17 memory addresses.,
and they would all change when apply/ resigning for commander.

Now add all 17 addresses to the table to the right of the search window by clicking the Add All searches Icon. Now in the table, go through each of the seventeen addresses one by one, changing it to 1 and watching the BF2 Screen to see if you become commander. Most of them will revert back to 0, but the correct address will stay 1 and make you commander at the same time. This is the address we want!.

NOTE: This address we found is Dynamic, meaning that it changes every time we restart the game, or every time we switch servers. The term for this Dynamic ability is DMA. So to make a commander hack one of the obstacles we need to overcome this DMA.

At this point, we need to set a Memory Breakpoint on that address to see what code accesses it. To do this in TSearch click AutoHack -> Enable Debugger

NOTE: At is at this point where you have to do things a little differently from the Retail Version. In the Retail Version of BF2, because of SafeDisc, the game is continually Debugging itself, and therefore we are not able to attach a debugger (fortunately SafeDisc is not in the Demo). Getting past this debug obstacle is called “Resetting the Debug Port”. There are several tutorials on how to do this. Just view my tutorial for “Steal DMA”

Once you’ve clicked “Enable Debugger” go back to the address which you found controlled the ForceCommander, right click on it, and click “AutoHack”. Now go back to the game and apply/ resign for commander. After this back in TSearch, go to AutoHack Menu Item -> AutoHack Window.

Now you should have the OFFSET which writes to that address which decides if we are commander or not. The cool thing about this offset is that it is constant for everyone (within that particular version).

Forever making us commander. The only problem with this is BF2.exe (where these modifications are taking place) is completely scanned, so the slightly modification will be detected and a corrupt memory kick will take place. A method to bypass that will be discussed further on.

WILL BE CONTINUED

**dude719** · 10-12-2010

it didnt work for me

I googled this and it didnt work

**tambre** · 10-14-2010

Originally Posted by Peter8

1
Finding the Offsets for the
Commander Hack
E very hack begins with a few offsets, and for the C ommander
H ack , these are the ForceC ommander, S upply, and A rtillary.

o find the memory addresses for the commander hack we begin with simple memory searchers such a TSearch or Cheat Engine. Memory searchers are used to search the memory of a game’s process for certain values and then can modify & set breakpoints on that memory address..
Setting Up The Scene

As most game hacking scenes go, we first need to start up BF2 Demo in windowed mode. This can be done by going into the shortcut properties and altering the runtime command of “+ fullscreen 1” into “+ fullscreen 0”.

2

This allows us to run BF2 and debug it at the same time without causing problems. O nce you have set the shortcut properties, proceed to run the game and TSearch. In the BF2 Demo, navigate to Single Player and start a Gulf Of Oman single player game.
Searching for the Addresses

When the server has loaded, apply to be commander, and accept once the invitation comes. Now when you accept the commander position a Boolean Value of 1 has been written in your player’s profile (structure/ class) in the game’s memory.

Now Alt-Tab back to TSearch and Click O pen Process, and Select the BF2.exe which is our game. O nce its attached click the little magnifying glass “Init New Search” and search for the Exact Value 1 with the type set to as Bytes. You will get millions of results.

Next, head back to BF2 and resign from commander position. Now, the memory address for commander would have changed back to 0. So head back to TSearch and use the “Search Next” to search which of the found values has changed to 0. Then head back and apply for commander. Keep doing this back and forth until you end up the a few values.
So after a few turns of applying and resigning, I got down to 17 memory addresses.,
and they would all change when apply/ resigning for commander

Next, head back to BF2 and resign from commander position. Now, the memory address for commander would have changed back to 0. So head back to TSearch and use the “Search Next” to search which of the found values has changed to 0. Then head back and apply for commander. Keep doing this back and forth until you end up the a few values.
So after a few turns of applying and resigning, I got down to 17 memory addresses.,
and they would all change when apply/ resigning for commander.

Now add all 17 addresses to the table to the right of the search window by clicking the Add All searches Icon. Now in the table, go through each of the seventeen addresses one by one, changing it to 1 and watching the BF2 Screen to see if you become commander. Most of them will revert back to 0, but the correct address will stay 1 and make you commander at the same time. This is the address we want!.

NOTE: This address we found is Dynamic, meaning that it changes every time we restart the game, or every time we switch servers. The term for this Dynamic ability is DMA. So to make a commander hack one of the obstacles we need to overcome this DMA.

At this point, we need to set a Memory Breakpoint on that address to see what code accesses it. To do this in TSearch click AutoHack -> Enable Debugger

NOTE: At is at this point where you have to do things a little differently from the Retail Version. In the Retail Version of BF2, because of SafeDisc, the game is continually Debugging itself, and therefore we are not able to attach a debugger (fortunately SafeDisc is not in the Demo). Getting past this debug obstacle is called “Resetting the Debug Port”. There are several tutorials on how to do this. Just view my tutorial for “Steal DMA”

Once you’ve clicked “Enable Debugger” go back to the address which you found controlled the ForceCommander, right click on it, and click “AutoHack”. Now go back to the game and apply/ resign for commander. After this back in TSearch, go to AutoHack Menu Item -> AutoHack Window.

Now you should have the OFFSET which writes to that address which decides if we are commander or not. The cool thing about this offset is that it is constant for everyone (within that particular version).

Forever making us commander. The only problem with this is BF2.exe (where these modifications are taking place) is completely scanned, so the slightly modification will be detected and a corrupt memory kick will take place. A method to bypass that will be discussed further on.

WILL BE CONTINUED

u need learn english!/

i think u got packet loss: S upply, C ommander/

buy new internet!

**FearTehBan** · 10-28-2010

Originally Posted by tambre

u need learn english!/

i think u got packet loss: S upply, C ommander/

buy new internet!

oh the irony...

**tambre** · 10-28-2010

Originally Posted by FearTehBan

oh the irony...

what?

**David** · 10-30-2010

Bro didnt work.

Thread: Bf2 commander hack

Thread Tools

Display

Bf2 commander hack

The Following User Says Thank You to dude719 For This Useful Post:

Similar Threads

[Release] Console Command Hack! No Fog ETC!

[Snippet]Console Command Hack [Box|Wireframe|Etc]

BF2 Demo Hack

bf2 PUBLIC hack

BF2 stat hack?