 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
shakib187
Expert Cheater
 Reputation: 0
Joined: 24 May 2007
Posts: 215
|
 Posted: Wed Aug 28, 2013 12:27 am Post subject: How does timed block/parry work in games? |
 |
|
I'm wondering if anyone has some knowledge on this. In games any game, I'll use kingdoms of amalur for example, there is a system in which if you block within 500 milliseconds or lower of an enemy attack you will parry it not just block. Where as if you just hold block the "parry" does not occur, is there any way to search this value so that even when its a regular block the game thinks its a parry? I have tried using changed/unchanged but I am getting no results. So I am wondering if anyone on cheat engine has any idea on how its programmed and can shed some light on this..
What about with c++ if its not possible with CE, I am guessing I will have to find the base entity and distance to the mob closest to me to check if its attacking or not? and block depending on it
|
|
| Back to top |
|
 |
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Wed Aug 28, 2013 1:03 am Post subject: |
|
|
I'm not sure about this game, but the first approach I would take is this:
1. Reduce the game speed
2. Search for changed / unchanged value for enemy attack
-Search for unknown initial value (4 byte might work)
-As soon as the enemy attacks, search for changed value
-Wait, and after you are attacked and the value resets, search for changed value (may require trial and error, depending on how long the attack value stays at true)
-Repeat as necessary, include unchanged value searches if you get impatient
3. Once you have found the value (for example, let's say that when the enemy attacks, the value at a particular address changes from 0 to 1 and vice versa), you can move on to finding the the value for your block/parry button
-Change game speed to normal for this if you want
-Search for unknown initial value of 4 byte (it may only be 2 byte or 1 byte)
-Press and hold the button/key for block/parry, search for changed value
-Let go of button/key and search for changed value
-Search for unchanged value
-Repeat steps until you have found the button for block/parry (for example, let's say that when you press the key or button to block, the value at a particular address changes from 0 to 1 and vice versa).
4. Once you have both addresses and values, you can inject code anywhere you want (for example, at the instruction that accesses the attack value). Simply inject code that checks if the value at the attack is equal to 1 or not...if it is, force the value of the key/button to be 1, so that the game automatically performs the parry for you. 
This is only one of many ways to approach this. You may have to do something similar to this:
Injection at attack address:
| Code: | cmp [attack register],00000001
jne original code
mov [[controller address+?]+?],00000001
mov [[controller address+?]+?],0
jmp originalcode |
If you inject at an instruction that is accessing the attack address, you will probably find that it is being accessed several times per second. The reason we mov 1 in to controller address then reset it, is because we want to make sure that we simulate the controller / keyboard button being pressed several times, really fast. If we just mov 1 in to that address and leave it, it might read it as though we are just holding it down, and the cheat may not work at all.
The reason I recommend approaching it this way, as opposed to just something like this:
| Code: | cmp [hero taking damage?],1 //is hero being attacked?
jne originalcode //if not, carry on, otherwise...
mov [parry animation value],1 //do not take damage, and instead, perform parry
jmp originalcode |
Is because the game may not be coded to perform this way. You may only be able to perform parry if certain conditions are first determined to be true. By attempting the original approach, we can ensure that things are being played out naturally, thus have a better chance of working properly.
Of course there are many other possibilities, but you can do all of this with a simple injection using assembly. Unfortunately, all games are different and the reality of it is that it will probably be more difficult to actually get the cheat to perform the way you want...such as checking ranges and possibly performing multiple injections etc.
|
|
| Back to top |
|
|
Gniarf
Grandmaster Cheater Supreme
![]() Reputation: 43
Joined: 12 Mar 2012
Posts: 1285
|
| Posted: Wed Aug 28, 2013 1:30 am Post subject: Re: How does timed block/parry work in games? |
|
|
| shakib187 wrote: | | Where as if you just hold block the "parry" does not occur, is there any way to search this value so that even when its a regular block the game thinks its a parry? I have tried using changed/unchanged but I am getting no results. So I am wondering if anyone on cheat engine has any idea on how its programmed and can shed some light on this.. |
Well, I've played games that have what you describe but haven't looked at their code yet. However if I had to write that code I could use 2 methods:
A-When you press the block button, start the blocking animation and if an enemy hits before you reach the n-th frame of the animation, then parry.
B-When you press the block button, start a timer and if an enemy hits you before it reaches 0 (or 500 ms), then parry.
Either way, you're looking for a variable, presumably a 4 byte integer (or a 2 byte one if the devs were weirdos) that keeps increasing or decreasing over 500 ms. What I suggest is to use the speedhack feature to bring your game to a crawl, assert it actually increases your parring time window, and if it works use the pause process feature before doing any scan. For scan options I'd use unknown initial, increased, increased,..., then decreased+exact value=0, or unknown initial, decreased, decreased, ..., then increased+compare to initial scan->unchanged.
If you know assembly, you can stop reading there, otherwise once you've found that variable, "find out what accesses it", do a block, and save (screenshot) the results like they were golden. Amongst the result look for those who start by "cmp" and click show disassembler. Normally each cmp line should be followed by one that starts with a j. Try replacing the j** by "jmp" and you should either be totally unable to parry or be totally unable to do regular blocks. If you don"t get the desired effect right click on the j** line->replace with code that does nothing. Once you've got what you want, post 10 lines (address+bytes+opcodes) around the j** line and I'll cook you a little auto assembler script.
| shakib187 wrote: | | What about with c++ if its not possible with CE, I am guessing I will have to find the base entity and distance to the mob closest to me to check if its attacking or not? and block depending on it |
Do you mean that you have the source code of your game?
_________________
DO NOT PM me if you want help on making/fixing/using a hack. |
|
| Back to top |
|
|
shakib187
Expert Cheater
Reputation: 0
Joined: 24 May 2007
Posts: 215
|
| Posted: Wed Aug 28, 2013 2:21 am Post subject: |
|
|
Thanks for the posts guys
Gniarf I don't have the source code to the game, but I think what methos said was better instead of using c++, just comparing enemy attack then moving block to it instead using asm. Although I am trying to figure out why enemy attack instead of hero taking damage maybe because you can take damage from multiple instances, falling/poison etc?, I will post the code if any exists on my game.
|
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Wed Aug 28, 2013 3:44 am Post subject: |
|
|
| shakib187 wrote: | | just comparing enemy attack then moving block to it instead |
-Yes, this would certainly be better if you can do that. If you can't find the code for block/parry, you can force the program to give it to you with automated controller functions as shown above. The controller route will probably be easier, but your suggestion would be better.
| shakib187 wrote: | | Although I am trying to figure out why enemy attack instead of hero taking damage maybe because you can take damage from multiple instances, falling/poison etc? |
-Not sure what you mean here, but yes, going the damage route will be much more difficult...especially if, as you say, there are different kinds of attack sequences (e.g. standard strike vs. poison vs. stun etc.). Plus, as mentioned above, once contact registers for the attack, it may be too late to initiate parry animation etc...so it is best to approach from a different angle. As Gniarf noted, since there is probably a timer for parry, it may be too late...so it would be easier to avoid additional injection points and searching etc.
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
