Updating Addies and Bytes

**whit** · 03-29-2011

NOOB isa Idiot..
Damn NOOB

**NOOB** · 03-29-2011

inb4omgnooburnowachocophaganduranoobwhodoesntknoan ything.

GetPlayerByIndex

PlayerByIndex = Pattern((DWORD)GetModuleHandleA("CShell.dll"),(DWO RD)0xFFFFFFFF,(PBYTE)"\x8B\x41\x04\x85\xC0\x74\x18 \x8B\x54\x24\x04","xxxxxxxxxxx");

Search "a player"
Go up 9 lines.
Call CShell.0xADDIEHERE

3715E742 |. E8 69F6FFFF CALL CShell.**3715DDB0**
3715E747 |. 85C0 TEST EAX,EAX
3715E749 |. 74 12 JE SHORT CShell.3715E75D
3715E74B |. 8378 24 10 CMP DWORD PTR DS:[EAX+24],10
3715E74F |. 72 06 JB SHORT CShell.3715E757
3715E751 |. 8B40 10 MOV EAX,DWORD PTR DS:[EAX+10]
3715E754 |. C2 0400 RETN 4
3715E757 |> 83C0 10 ADD EAX,10
3715E75A |. C2 0400 RETN 4
3715E75D |> B8 BC337137 MOV EAX,CShell.377133BC ; ASCII "a player"

LocalPlayer

Look below "a player"

**3715E770** /$ 8B41 08 MOV EAX,DWORD PTR DS:[ECX+8]
3715E773 |. 6A 00 PUSH 0
3715E775 |. 50 PUSH EAX
3715E776 |. E8 35F6FFFF CALL CShell.3715DDB0

search " ILocaleManager.Default" 48 times
It should be the third one in a stack of iLocaleManag..
3 lines up

2nd method for ClientInfo

Search "HUDDamagedRenderTime" Three times.
You should see four "ILocaleManager.Default" above.
Choose the 3rd out of four (or up two lines).
Pointer is three lines up and furthest on left.

Or search "StrafeTurnRate" 3 times

GameClientShell- search "ShowTiming" do ctrl + L 3 times
go 34 lines up.
addie is on far left

another way is to search "DOOBIC"
or 19 down.

"DOOBIC GAME" ->
"COMBAT GAME"
4 lines up

Third way:
Search these bytes- "8B90 DC000000"
Address is two lines up.

3715ED67 |. 8B0D 60808537 MOV ECX,DWORD PTR DS:[**37858060**] ; CShell.3781BEE0
3715ED6D |. 8B01 MOV EAX,DWORD PTR DS:[ECX]
3715ED6F |. 8B90 DC000000 MOV EDX,DWORD PTR DS:[EAX+DC]

fourth way:

search "if(!g_pGameClientShell || !g_pWeaponMgr->IsValidWeaponId(nWeaponId))"

371AA390 . 833D 60808537 >CMP DWORD PTR DS:[>>>>>37858060<<<<<<],0
371AA397 . 53 PUSH EBX
371AA398 . 56 PUSH ESI
371AA399 . 57 PUSH EDI
371AA39A . 8BF9 MOV EDI,ECX
371AA39C . 74 69 JE SHORT CShell.371AA407
371AA39E . 66:8B5C24 14 MOV BX,WORD PTR SS:[ESP+14]
371AA3A3 . 0FB7F3 MOVZX ESI,BX
371AA3A6 . 85F6 TEST ESI,ESI
371AA3A8 . 7C 5D JL SHORT CShell.371AA407
371AA3AA . A1 64678537 MOV EAX,DWORD PTR DS:[37856764]
371AA3AF . 3BB0 C0150000 CMP ESI,DWORD PTR DS:[EAX+15C0]
371AA3B5 . 7D 50 JGE SHORT CShell.371AA407
371AA3B7 . 8B0D 58DA8537 MOV ECX,DWORD PTR DS:[3785DA58] ; CShell.3783520C
371AA3BD . 8B49 18 MOV ECX,DWORD PTR DS:[ECX+18]
371AA3C0 . E8 3BC32D00 CALL CShell.37486700
371AA3C5 . 66:3BD8 CMP BX,AX
371AA3C8 . 75 52 JNZ SHORT CShell.371AA41C
371AA3CA . 8B0D 64678537 MOV ECX,DWORD PTR DS:[37856764] ; CShell.378567E8
371AA3D0 . 56 PUSH ESI
371AA3D1 . E8 5A4C2500 CALL CShell.373FF030
371AA3D6 . 85C0 TEST EAX,EAX
371AA3D8 . 74 42 JE SHORT CShell.371AA41C
371AA3DA . 0FB64424 10 MOVZX EAX,BYTE PTR SS:[ESP+10]
371AA3DF . 66:8B5424 18 MOV DX,WORD PTR SS:[ESP+18]
371AA3E4 . 8987 90010000 MOV DWORD PTR DS:[EDI+190],EAX
371AA3EA . 66:8977 28 MOV WORD PTR DS:[EDI+28],SI
371AA3EE . 66:8957 2A MOV WORD PTR DS:[EDI+2A],DX
371AA3F2 . 8B0D 5C168737 MOV ECX,DWORD PTR DS:[3787165C] ; CShell.37832284
371AA3F8 . 8B11 MOV EDX,DWORD PTR DS:[ECX]
371AA3FA . 8B42 10 MOV EAX,DWORD PTR DS:[EDX+10]
371AA3FD . 6A 10 PUSH 10
371AA3FF . FFD0 CALL EAX
371AA401 . 5F POP EDI
371AA402 . 5E POP ESI
371AA403 . 5B POP EBX
371AA404 . C2 1000 RETN 10
371AA407 > A1 50BE8137 MOV EAX,DWORD PTR DS:[3781BE50]
371AA40C . 8B08 MOV ECX,DWORD PTR DS:[EAX]
371AA40E . 8B51 18 MOV EDX,DWORD PTR DS:[ECX+18]
371AA411 . 68 308A7137 PUSH CShell.37718A30 ; ASCII "if(!g_pGameClientShell || !g_pWeaponMgr->IsValidWeaponId(nWeaponId))"

FIFTH WAY:

Search bytes: 833D 60808537

Address is in column on right.

How to get No Reload:
Right click -> Search for -> Binary string
Search "0F84 B1010000" three times.
Address is on left.

**374BB8F4** |. 0F84 B1010000 JE CShell.374BBAAB

Weapon Range:
Search "8B80C8020000" twice for first addie and again for second addie.

2.25

374BBB79 |. 8B80 C8020000 MOV EAX,DWORD PTR DS:[EAX+2C8]

374BBEF9 . 8B80 C8020000 MOV EAX,DWORD PTR DS:[EAX+2C8]

GAMESTATUS: ?untested

Search bytes "14597137" THREE times.
Address to interfaceMgr is on left.
Offset for gamestatus is 0xE4

SUPER BULLETS:

DWORD SuperBullets = Pattern((DWORD)GetModuleHandleA("CShell.dll"),(DWO RD)0xFFFFFFFF,(PBYTE)"\x0F\x94\xC0\x5E\xC3\xCC","x xxxxx");

Search "SOUND_KEY" once.
Highlight text FROM SOUND_KEY "UP" TO %s%d.
Search bytes "0F94C0" and addie is on left.

PlayerManager:

Search "CursorHack" three times.
Address is one line below on left.

3785DA54 6C1E7437 DD CShell.37741E6C ; ASCII "CursorHack"
**3785DA58** . 0C528337 DD CShell.3783520C

Weapon Manager:

DWORD WeaponMgr = Pattern((DWORD)GetModuleHandleA("CShell.dll"),(DWO RD)0xFFFFFFFF,(PBYTE)"\x4D\x6F\x64\x49\x63\x6F\x6E \x33\x00\x00\x30","xxxxxxxxxxx");
WeaponMgr += 0x20;

Search bytes "636F6E33" once.

37856748 . >>>636F6E33<<< DD 336E6F63
3785674C 00 DB 00
3785674D 00 DB 00
3785674E 30 DB 30 ; CHAR '0'
3785674F 00 DB 00
37856750 00 DB 00
37856751 00 DB 00
37856752 00 DB 00
37856753 00 DB 00
37856754 00 DB 00
37856755 00 DB 00
37856756 00 DB 00
37856757 00 DB 00
37856758 00 DB 00
37856759 00 DB 00
3785675A 00 DB 00
3785675B 00 DB 00
3785675C 00 DB 00
3785675D 00 DB 00
3785675E 00 DB 00
3785675F 00 DB 00
37856760 00 DB 00
37856761 00 DB 00
37856762 00 DB 00
37856763 00 DB 00
>>>37856764<<< . E8678537 DD CShell.378567E8

DWORD LTClient = Pattern((DWORD)GetModuleHandleA("CShell.dll"),(DWO RD)0xFFFFFFFF,(PBYTE)"\xF8\xAF\x7D\x00\xE0\x2B\x7F \x00","xxxxxxxx");

dis nigguh jus asking how to do somfin he be not trolling and leechin.

**Alessandro10** · 03-29-2011

Originally Posted by ᴺᴼᴼᴮ

inb4omgnooburnowachocophaganduranoobwhodoesntknoan ything.

GetPlayerByIndex

Search "a player"
Go up 9 lines.
Call CShell.0xADDIEHERE

3715E742 |. E8 69F6FFFF CALL CShell.**3715DDB0**
3715E747 |. 85C0 TEST EAX,EAX
3715E749 |. 74 12 JE SHORT CShell.3715E75D
3715E74B |. 8378 24 10 CMP DWORD PTR DS:[EAX+24],10
3715E74F |. 72 06 JB SHORT CShell.3715E757
3715E751 |. 8B40 10 MOV EAX,DWORD PTR DS:[EAX+10]
3715E754 |. C2 0400 RETN 4
3715E757 |> 83C0 10 ADD EAX,10
3715E75A |. C2 0400 RETN 4
3715E75D |> B8 BC337137 MOV EAX,CShell.377133BC ; ASCII "a player"

LocalPlayer

Look below "a player"

**3715E770** /$ 8B41 08 MOV EAX,DWORD PTR DS:[ECX+8]
3715E773 |. 6A 00 PUSH 0
3715E775 |. 50 PUSH EAX
3715E776 |. E8 35F6FFFF CALL CShell.3715DDB0

search " ILocaleManager.Default" 48 times
It should be the third one in a stack of iLocaleManag..
3 lines up

2nd method for ClientInfo

Search "HUDDamagedRenderTime" Three times.
You should see four "ILocaleManager.Default" above.
Choose the 3rd out of four (or up two lines).
Pointer is three lines up and furthest on left.

Or search "StrafeTurnRate" 3 times

GameClientShell- search "ShowTiming" do ctrl + L 3 times
go 34 lines up.
addie is on far left

another way is to search "DOOBIC"
or 19 down.

"DOOBIC GAME" ->
"COMBAT GAME"
4 lines up

Third way:
Search these bytes- "8B90 DC000000"
Address is two lines up.

3715ED67 |. 8B0D 60808537 MOV ECX,DWORD PTR DS:[**37858060**] ; CShell.3781BEE0
3715ED6D |. 8B01 MOV EAX,DWORD PTR DS:[ECX]
3715ED6F |. 8B90 DC000000 MOV EDX,DWORD PTR DS:[EAX+DC]

fourth way:

search "if(!g_pGameClientShell || !g_pWeaponMgr->IsValidWeaponId(nWeaponId))"

371AA390 . 833D 60808537 >CMP DWORD PTR DS:[>>>>>37858060<<<<<<],0
371AA397 . 53 PUSH EBX
371AA398 . 56 PUSH ESI
371AA399 . 57 PUSH EDI
371AA39A . 8BF9 MOV EDI,ECX
371AA39C . 74 69 JE SHORT CShell.371AA407
371AA39E . 66:8B5C24 14 MOV BX,WORD PTR SS:[ESP+14]
371AA3A3 . 0FB7F3 MOVZX ESI,BX
371AA3A6 . 85F6 TEST ESI,ESI
371AA3A8 . 7C 5D JL SHORT CShell.371AA407
371AA3AA . A1 64678537 MOV EAX,DWORD PTR DS:[37856764]
371AA3AF . 3BB0 C0150000 CMP ESI,DWORD PTR DS:[EAX+15C0]
371AA3B5 . 7D 50 JGE SHORT CShell.371AA407
371AA3B7 . 8B0D 58DA8537 MOV ECX,DWORD PTR DS:[3785DA58] ; CShell.3783520C
371AA3BD . 8B49 18 MOV ECX,DWORD PTR DS:[ECX+18]
371AA3C0 . E8 3BC32D00 CALL CShell.37486700
371AA3C5 . 66:3BD8 CMP BX,AX
371AA3C8 . 75 52 JNZ SHORT CShell.371AA41C
371AA3CA . 8B0D 64678537 MOV ECX,DWORD PTR DS:[37856764] ; CShell.378567E8
371AA3D0 . 56 PUSH ESI
371AA3D1 . E8 5A4C2500 CALL CShell.373FF030
371AA3D6 . 85C0 TEST EAX,EAX
371AA3D8 . 74 42 JE SHORT CShell.371AA41C
371AA3DA . 0FB64424 10 MOVZX EAX,BYTE PTR SS:[ESP+10]
371AA3DF . 66:8B5424 18 MOV DX,WORD PTR SS:[ESP+18]
371AA3E4 . 8987 90010000 MOV DWORD PTR DS:[EDI+190],EAX
371AA3EA . 66:8977 28 MOV WORD PTR DS:[EDI+28],SI
371AA3EE . 66:8957 2A MOV WORD PTR DS:[EDI+2A],DX
371AA3F2 . 8B0D 5C168737 MOV ECX,DWORD PTR DS:[3787165C] ; CShell.37832284
371AA3F8 . 8B11 MOV EDX,DWORD PTR DS:[ECX]
371AA3FA . 8B42 10 MOV EAX,DWORD PTR DS:[EDX+10]
371AA3FD . 6A 10 PUSH 10
371AA3FF . FFD0 CALL EAX
371AA401 . 5F POP EDI
371AA402 . 5E POP ESI
371AA403 . 5B POP EBX
371AA404 . C2 1000 RETN 10
371AA407 > A1 50BE8137 MOV EAX,DWORD PTR DS:[3781BE50]
371AA40C . 8B08 MOV ECX,DWORD PTR DS:[EAX]
371AA40E . 8B51 18 MOV EDX,DWORD PTR DS:[ECX+18]
371AA411 . 68 308A7137 PUSH CShell.37718A30 ; ASCII "if(!g_pGameClientShell || !g_pWeaponMgr->IsValidWeaponId(nWeaponId))"

FIFTH WAY:

Search bytes: 833D 60808537

Address is in column on right.

How to get No Reload:
Right click -> Search for -> Binary string
Search "0F84 B1010000" three times.
Address is on left.

**374BB8F4** |. 0F84 B1010000 JE CShell.374BBAAB

Weapon Range:
Search "8B80C8020000" twice for first addie and again for second addie.

2.25

374BBB79 |. 8B80 C8020000 MOV EAX,DWORD PTR DS:[EAX+2C8]

374BBEF9 . 8B80 C8020000 MOV EAX,DWORD PTR DS:[EAX+2C8]

GAMESTATUS: ?untested

Search bytes "14597137" THREE times.
Address to interfaceMgr is on left.
Offset for gamestatus is 0xE4

SUPER BULLETS:

Search "SOUND_KEY" once.
Highlight text FROM SOUND_KEY "UP" TO %s%d.
Search bytes "0F94C0" and addie is on left.

PlayerManager:

Search "CursorHack" three times.
Address is one line below on left.

3785DA54 6C1E7437 DD CShell.37741E6C ; ASCII "CursorHack"
**3785DA58** . 0C528337 DD CShell.3783520C

Weapon Manager:
Search bytes "636F6E33" once.

37856748 . >>>636F6E33<<< DD 336E6F63
3785674C 00 DB 00
3785674D 00 DB 00
3785674E 30 DB 30 ; CHAR '0'
3785674F 00 DB 00
37856750 00 DB 00
37856751 00 DB 00
37856752 00 DB 00
37856753 00 DB 00
37856754 00 DB 00
37856755 00 DB 00
37856756 00 DB 00
37856757 00 DB 00
37856758 00 DB 00
37856759 00 DB 00
3785675A 00 DB 00
3785675B 00 DB 00
3785675C 00 DB 00
3785675D 00 DB 00
3785675E 00 DB 00
3785675F 00 DB 00
37856760 00 DB 00
37856761 00 DB 00
37856762 00 DB 00
37856763 00 DB 00
>>>37856764<<< . E8678537 DD CShell.378567E8

dis nigguh jus asking how to do somfin he be not trolling and leechin.

Leechers Wins

**Decoder back** · 03-29-2011

Originally Posted by CoderNever

I wouldn't care, If I released a base publicly I released it publicly rather if it was the source code or just a hack someone will hex-edit. The reason I would of released it is to give back to the community. It would not matter much if someone stoled it especially if everyone knew I released it first. Also asking to gain the knowledge to find a address is different then stealing a hack. If he wants to know what hes doing he needs to start somewhere. I never called anyone a idiot.

me too , same thing here , but , i don't like to release my things into public

and i also never called anyone at idiot lol.

codeNever i like to Help mpgh , that' why i'm here.

**Alessandro10** · 03-29-2011

@Decoder back, @CoderNever is a More Sexy Coder for CA. (@Liz too)

**SNal2F** · 03-29-2011

Since no one will explain and im bored i will

lets take this peice of code right here GetLocalPLayer

i will break this piece by piece you will see how i also figured out what this function was when i reversed it.

Code:

3715E770 /$ 8B41 08 MOV EAX,DWORD PTR DS:[ECX+8]
3715E773 |. 6A 00 PUSH 0
3715E775 |. 50 PUSH EAX
3715E776 |. E8 35F6FFFF CALL CShell.3715DDB0

3715E770 /$ 8B41 08 MOV EAX,DWORD PTR DS:[ECX+8]

Code:

3715E770 /$ 8B41 08 MOV EAX,DWORD PTR DS:[ECX+8]

this line is moving an int32 into eax which is our ID, ECX is an assumed this pointer(ClientInfo)

SO so long as the coders of the game do not change pad the struct/class this line will more then likely not change

but say they were to  change the class to say

class ClientInfo
{
public:
	char pad[8];
	PlayerInfo * first;
    __int32 LocalIndex;

};


asm would be like

MOV EAX,DWORD PTR DS:[ECX+C]

These would generally would not change they are 2 parameters of GetPlayerbyIDx...so long as they dont recode this part say such as making local player index constant 0 then you would see more then likely

push 0
push 0

3715E773 |. 6A 00 PUSH 0
3715E775 |. 50 PUSH EAX

3715E776 |. E8 35F6FFFF CALL CShell.3715DDB0

the E8 would not change but if the game updated a good bit the 3715DDB0 would change

it really comes down to the developer and what they change but more then likely alot will not change.

**whit** · 03-29-2011

Explanation is Key...
Unlike NOOB feeding him shit like its Lunch time

**Decoder back** · 03-29-2011

Originally Posted by SNal2F

Since no one will explain and im bored i will

lets take this peice of code right here GetLocalPLayer

i will break this piece by piece you will see how i also figured out what this function was when i reversed it.

Code:

3715E770 /$ 8B41 08 MOV EAX,DWORD PTR DS:[ECX+8]
3715E773 |. 6A 00 PUSH 0
3715E775 |. 50 PUSH EAX
3715E776 |. E8 35F6FFFF CALL CShell.3715DDB0

3715E770 /$ 8B41 08 MOV EAX,DWORD PTR DS:[ECX+8]

Code:

3715E770 /$ 8B41 08 MOV EAX,DWORD PTR DS:[ECX+8]

this line is moving an int32 into eax which is our ID, ECX is an assumed this pointer(ClientInfo)

SO so long as the coders of the game do not change pad the struct/class this line will more then likely not change

but say they were to  change the class to say

class ClientInfo
{
public:
	char pad[8];
	PlayerInfo * first;
    __int32 LocalIndex;

};


asm would be like

MOV EAX,DWORD PTR DS:[ECX+C]

These would generally would not change they are 2 parameters of GetPlayerbyIDx...so long as they dont recode this part say such as making local player index constant 0 then you would see more then likely

push 0
push 0

3715E773 |. 6A 00 PUSH 0
3715E775 |. 50 PUSH EAX

3715E776 |. E8 35F6FFFF CALL CShell.3715DDB0

the E8 would not change but if the game updated a good bit the 3715DDB0 would change

it really comes down to the developer and what they change but more then likely alot will not change.

Nice Explanation bro

**markoj** · 03-29-2011

Originally Posted by ᴺᴼᴼᴮ

inb4omgnooburnowachocophaganduranoobwhodoesntknoan ything.

GetPlayerByIndex

PlayerByIndex = Pattern((DWORD)GetModuleHandleA("CShell.dll"),(DWO RD)0xFFFFFFFF,(PBYTE)"\x8B\x41\x04\x85\xC0\x74\x18 \x8B\x54\x24\x04","xxxxxxxxxxx");

Search "a player"
Go up 9 lines.
Call CShell.0xADDIEHERE

3715E742 |. E8 69F6FFFF CALL CShell.**3715DDB0**
3715E747 |. 85C0 TEST EAX,EAX
3715E749 |. 74 12 JE SHORT CShell.3715E75D
3715E74B |. 8378 24 10 CMP DWORD PTR DS:[EAX+24],10
3715E74F |. 72 06 JB SHORT CShell.3715E757
3715E751 |. 8B40 10 MOV EAX,DWORD PTR DS:[EAX+10]
3715E754 |. C2 0400 RETN 4
3715E757 |> 83C0 10 ADD EAX,10
3715E75A |. C2 0400 RETN 4
3715E75D |> B8 BC337137 MOV EAX,CShell.377133BC ; ASCII "a player"

LocalPlayer

Look below "a player"

**3715E770** /$ 8B41 08 MOV EAX,DWORD PTR DS:[ECX+8]
3715E773 |. 6A 00 PUSH 0
3715E775 |. 50 PUSH EAX
3715E776 |. E8 35F6FFFF CALL CShell.3715DDB0

search " ILocaleManager.Default" 48 times
It should be the third one in a stack of iLocaleManag..
3 lines up

2nd method for ClientInfo

Search "HUDDamagedRenderTime" Three times.
You should see four "ILocaleManager.Default" above.
Choose the 3rd out of four (or up two lines).
Pointer is three lines up and furthest on left.

Or search "StrafeTurnRate" 3 times

GameClientShell- search "ShowTiming" do ctrl + L 3 times
go 34 lines up.
addie is on far left

another way is to search "DOOBIC"
or 19 down.

"DOOBIC GAME" ->
"COMBAT GAME"
4 lines up

Third way:
Search these bytes- "8B90 DC000000"
Address is two lines up.

3715ED67 |. 8B0D 60808537 MOV ECX,DWORD PTR DS:[**37858060**] ; CShell.3781BEE0
3715ED6D |. 8B01 MOV EAX,DWORD PTR DS:[ECX]
3715ED6F |. 8B90 DC000000 MOV EDX,DWORD PTR DS:[EAX+DC]

fourth way:

search "if(!g_pGameClientShell || !g_pWeaponMgr->IsValidWeaponId(nWeaponId))"

DWORD LTClient = Pattern((DWORD)GetModuleHandleA("CShell.dll"),(DWO RD)0xFFFFFFFF,(PBYTE)"\xF8\xAF\x7D\x00\xE0\x2B\x7F \x00","xxxxxxxx");

dis nigguh jus asking how to do somfin he be not trolling and leechin.

All of that changed, you cant search for text strings anymore to get most of those

**Crash** · 03-30-2011

This section has too many trolls now.

**Sydney** · 03-30-2011

Originally Posted by Crash

This section has too many trolls now.

And u r the boss troller!

**Crash** · 03-30-2011

Originally Posted by Sydney

And u r the boss troller!

**CAFlames** · 03-30-2011

Originally Posted by Crash

This section has too many trolls now.

I agree a ton. If you guys wanna talk in Code section, say meaningful stuff or stfu.

OnTopic: Use Sigscans if you want to update easily.

**whit** · 03-30-2011

Originally Posted by Crash

This section has too many trolls now.

**topblast** · 03-31-2011

Originally Posted by CoderNever

I wouldn't care, If I released a base publicly I released it publicly rather if it was the source code or just a hack someone will hex-edit. The reason I would of released it is to give back to the community. It would not matter much if someone stoled it especially if everyone knew I released it first. Also asking to gain the knowledge to find a address is different then stealing a hack. If he wants to know what hes doing he needs to start somewhere. I never called anyone a idiot.

I agree with you. One of the so call "noobs" you help might be better than you at something.
TRUE STORY:

when I was doing the whole fire god thing mmbob asked to join and i let him. I didnt know anything about him and look who he is.. a VIP coder helping me.

a little help to someone can help you in the long run...

__________________________________________________ ___
on hex editing:

if someone understands asm, or bytes they can hex edit you hack and make it up to date. If you make a hack that have a stable point of which it have the addies, i will use LTC for this example.

Lets say an old blast hack( you those hot key hacks i made) If i had made a fixed LTC, all i will have to do it change those bytes/hex edit them of where the LTC is creating an up-to-date hack but really the hack is still old.

Make a Fix LTC Hack.
wait for patch.
Get the new LTC
Get the bytes of the new ltc
(i mean the DWORD in byte, maybe hard to explain . lets say the LTC is 0x444404 then get the bytes what make that value and change the bytes of your old LTC to the bytes of 0x444404)
save the newly hex-edited dll.
run in game and it should work.

my point in this is even if you release a hack it is never safe

Thread: Updating Addies and Bytes

Thread Tools

Display

The Following User Says Thank You to whit For This Useful Post:

The Following 2 Users Say Thank You to NOOB For This Useful Post:

The Following 3 Users Say Thank You to SNal2F For This Useful Post:

The Following User Says Thank You to Crash For This Useful Post:

The Following User Says Thank You to Crash For This Useful Post: