| View previous topic :: View next topic |
| Author |
Message |
Spark2893
How do I cheat?
![]() Reputation: 0
Joined: 10 Dec 2007
Posts: 7
Location: Malaysia(luv it)
|
 Posted: Mon Dec 17, 2007 7:47 pm Post subject: Code injection in SNES,need help |
 |
|
Hello,I need your help in injecting some code to the SNES games.I'm new in this stuff so that's all i asking you'all.
Firstly,I played Genghis Khan 2 and found the code that decrease my gold.
| Code: |
mov [edx],ecx
ret //why?ret is here but no call
jmp dword ptr.//what's this?
|
above are my first questions
And then I played Gemfire and its code for decreasing gold is exactly the same as above.I decided to just inject some code.
| Code: |
[ENABLE]
alloc(newmem)
label(newmem)
oo4a070:
jmp newmem
nop
returnhere:
newmem:
mov [edx],0 //make the money do not decrease
[DISABLE]
dealloc(newmem)
oo4a070:
mov [edx],ecx
ret
jmp dword ptr
|
plzz help.I'm a newbie in this injection stuff[/code]
|
|
| Back to top |
|
 |
Labyrnth
Moderator
![]() Reputation: 10
Joined: 28 Nov 2006
Posts: 6301
|
| Posted: Mon Dec 17, 2007 8:06 pm Post subject: |
|
|
ret = works the same as returnhere in your script.
jmp = jump
dword = double word
ptr = pointer
mov = move
|
|
| Back to top |
|
|
Spark2893
How do I cheat?
![]() Reputation: 0
Joined: 10 Dec 2007
Posts: 7
Location: Malaysia(luv it)
|
| Posted: Mon Dec 17, 2007 8:11 pm Post subject: |
|
|
please explain to me about the ret and dword pointer.What's a double word pointer?
And why the emulator crash when I try to inject the above code? 
|
|
| Back to top |
|
|
Labyrnth
Moderator
![]() Reputation: 10
Joined: 28 Nov 2006
Posts: 6301
|
| Posted: Tue Dec 18, 2007 7:26 pm Post subject: |
|
|
The assembly you can learn by searching around and reading, the crash is unknown because i dont know if you have the right code.
Also if you can even inject an emulator.
|
|
| Back to top |
|
|
Qvazzler
Advanced Cheater
 Reputation: 0
Joined: 02 Jan 2007
Posts: 68
|
| Posted: Wed Dec 19, 2007 10:08 am Post subject: |
|
|
| Why don't you just freeze the gold value? Are you too good for it?
|
|
| Back to top |
|
|
Labyrnth
Moderator
![]() Reputation: 10
Joined: 28 Nov 2006
Posts: 6301
|
| Posted: Wed Dec 19, 2007 6:42 pm Post subject: |
|
|
| Qvazzler wrote: | | Why don't you just freeze the gold value? Are you too good for it? |
Because he wants to learn to do code injection and not use a noobie freeze.
|
|
| Back to top |
|
|
Qvazzler
Advanced Cheater
Reputation: 0
Joined: 02 Jan 2007
Posts: 68
|
| Posted: Thu Dec 20, 2007 12:46 am Post subject: |
|
|
| Has the same purpose, but I suppose anyone can choose to do things differently.
|
|
| Back to top |
|
|
Labyrnth
Moderator
![]() Reputation: 10
Joined: 28 Nov 2006
Posts: 6301
|
| Posted: Thu Dec 20, 2007 6:32 pm Post subject: |
|
|
| Qvazzler wrote: | | Has the same purpose |
code injection has the same purpose?
Now i know why you said just freeze it....
|
|
| Back to top |
|
|
-DEViL-
Expert Cheater
![]() Reputation: 3
Joined: 21 Apr 2007
Posts: 185
|
| Posted: Fri Dec 21, 2007 8:07 am Post subject: |
|
|
you doing injection wrong that because game crash.
| Code: | [ENABLE]
alloc(newmem)
label(newmem)
oo4a070:
jmp newmem
nop
returnhere:
newmem:
mov [edx],0 //make the money do not decrease
[DISABLE]
dealloc(newmem)
oo4a070:
mov [edx],ecx
ret
jmp dword ptr |
look at this:
newmem:
mov [edx],0
in here after write your code you must come back to where you break code and create jump to cave.
it should be like this:
newmem:
mov [edx],0
jmp returnhere//come back to where you break code and do your injection.
about this:
jmp dword ptr
in here this part is missing.
it should be like this:
jmp dword ptr [address]
look down of your code you must see original code of this instruction.
and in here you must restore originalcode after your code:
| Code: | newmem:
mov [edx],0 |
it should be this:
| Code: | mov [edx],0
mov [edx],ecx
ret
jmp dword ptr [address] |
and in here you must write size of your cave:
| Code: | | alloc(newmem,512)//e.g:512 byte.//you can write how much you want. |
and here is true scripts://i don't know this scripts work or not because i don't have the game but this is the true scripts.
| Code: | [ENABLE]
alloc(newmem,512)
label(returnhere)
oo4a070:
jmp newmem
nop
returnhere:
newmem:
mov [edx],0 //make the money do not decrease
mov [edx],ecx
ret
jmp dword ptr [address]
jmp returnhere
[DISABLE]
dealloc(newmem)
oo4a070:
mov [edx],ecx
ret
jmp dword ptr [address] |
i hope this help you.
(sorry for my bad english)
|
|
| Back to top |
|
|
Labyrnth
Moderator
![]() Reputation: 10
Joined: 28 Nov 2006
Posts: 6301
|
| Posted: Fri Dec 21, 2007 10:13 am Post subject: |
|
|
The script is messed up like your saying but, still not sure you can inject on snes  .
Guess i could try and see. lol
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
