SF DFI Killhack Addies

Code:

#define KILL_HACK_ADDRESS 0x4C6F80
#define MAIN_BASE_ADDRESS 0xB6716C

credits to Zenma for releasing the source.

i tried this adrress but it didnt work..

works just fine for me.

http://i.imgur.com/zyguc.jpg

is that SG or PH?

How do you use this?

Could you tell us the Bytes?

why is it that the code adress doesn't work for me.i pressed my hotkeys and nothing happened

It's for the Singapore game client. Zenma himself tells you how to get the killhack address.

To update this for the current version (as of 8/6/12) you can either change the #define MAIN_BASE_ADDRESS line to #define MAIN_BASE_ADDRESS 0x00B73AEC and recompile or use a hex editor to edit the dll and replace the binary string "EC2AB700" with "EC3AB700". Alternatively, you can open it using ollydbg, hit ctrl + f "MOV EAX,0B72AEC" and change it to "MOV EAX,0B73AEC" then right click -> copy to executable -> all modifications -> copy all -> save file. This will allow you to hear the player names.

For future reference you can update the MAIN_BASE_ADDRESS by searching for the binary pattern "ff 15 ?? ?? ?? ?? 8b 0d ?? ?? ?? ?? 85 c9 74 ?? e8" in the SF executable, the MOV ECX, XXXXXXXX is what you need. For the KILL_HACK_ADDRESS you can search for "83 ec 0c a1 ?? ?? ?? ?? 33 c4 89 44 24 08 8a 4c 24 1c 8a 44 24 14" (the address of SUB ESP, 0C is what you will need). Alternatively for KILL_HACK_ADDRESS you can search for the text string "[MakeEventInfoDead()]" and the beginning of the function will be the address you need.

http://i.imgur.com/sGFOC.png

just dump sf and open it in ida. it aint rocket science.

Originally Posted by Longevity

It's for the Singapore game client. Zenma himself tells you how to get the killhack address.

http://i.imgur.com/sGFOC.png

just dump sf and open it in ida. it aint rocket science.

Whats your Method of Dumping?
I Can't find the Bytes,
my dumping method is, using a messagebox within dllmain.
injecting asoon as process comes up (specialforce.exe).
then after that, i open kernel and dump the process,
whats ur method?

Suspend the process with Process Hacker -> dump with Scylla.

for scylla just google: Scylla 0.7

Can't really find the address.
Tried using olly and ida.
Do you mind making a guide?

Ok thanks, found killhack addy,
but when i search for the main_addy bytes, it dosen't find anything reason?

@Longevity how about posting complete base w/ hotkey?

Originally Posted by [K]yle

Ok thanks, found killhack addy,
but when i search for the main_addy bytes, it dosen't find anything reason?

May i know how did you manage to find it?

Hi Longevity can i have your working Killhack in DFI..?
Please PM me the link Thanks...

SF DFI Killhack Addies

Post a Reply

Similar Threads

Tags for this Thread