Not a tut: question about offsets

[kush]

Hey, I'm trying to find offsets for a game with no mods or rtm tools yet. I just installed fat princess but I'm not 100% sure how to find offsets for some things that don't have a numerical value per say... What I'd like to do is this... At the end if each round, the player with the highest score is turned into a reaper (super strong, fast, deadly, lots of health) while both teams vote on what map to play for the following round. I want to lock that so I can be reaper during a live round which currently is impossible. But here's what I'm having trouble with, how can I find the offset to modify my character's class? I can easily find offset for health, score, etc but those are all numerical values easily tracked... What about class?

 

[kush]

also, how do i know what range of memory to be searching in?

 

[tadevt]

also, how do i know what range of memory to be searching in?

Every game has a different set of mapped ranges, 1st one is bytecode else are pools of data. Good thing is memory allocation guarantees hardcoded pointers, so ranges will be the same every time u run the game. Bytecode has access to 4GiB of virtual memory, so there is a lot of addresses to discard. 1st step is finding ranges for your game: u want to read raw block by block, unmapped blocks have an easy to track header including block number, then zerofilled. Once u know where to mess its time to reverse executable itself, probably using ida pro with ps3 plugin. Start by focus on pointer offsets to rebuild the structures u later want to find on memory. Welcome to the dark side ^^

 

[tadevt]

Hey, I'm trying to find offsets for a game with no mods or rtm tools yet. I just installed fat princess but I'm not 100% sure how to find offsets for some things that don't have a numerical value per say... What I'd like to do is this... At the end if each round, the player with the highest score is turned into a reaper (super strong, fast, deadly, lots of health) while both teams vote on what map to play for the following round. I want to lock that so I can be reaper during a live round which currently is impossible. But here's what I'm having trouble with, how can I find the offset to modify my character's class? I can easily find offset for health, score, etc but those are all numerical values easily tracked... What about class?

I guess u want to edit a function there, one randomizing. First tip about modifying code range is searching for safety routines, there is no other reason for the game to read memory containing code. Mind not everything happens locally, server side events require u to be host and some games have dedicated servers u cant hack at will. Yh unlimited ammo is the "hello world" of cheats xD

 

[tadevt]

I forgot a great tip: if u have access to uncompressed resources, u can find them on memory. That way u can easily discard ranges containing resource pools.

 

[Irving]

use debuger

 

[tadevt]

use debuger

He is already using debugger to find values, but debugger wont reverse opcodes. He wants to join another tier ^^