| View previous topic :: View next topic |
| Author |
Message |
CrossBreed
Cheater
![]() Reputation: 0
Joined: 30 Oct 2007
Posts: 37
|
 Posted: Sat Aug 09, 2008 11:52 pm Post subject: How would I create my own message |
 |
|
1. Look at the picture
2. I want to append my own custom message to the log in my game. How would I do it?
| Description: |
|
| Filesize: |
36.97 KB |
| Viewed: |
6707 Time(s) |
|
|
|
| Back to top |
|
 |
lolOkayBailolOkayBailolOk
Master Cheater
![]() Reputation: 1
Joined: 23 Jun 2007
Posts: 307
|
| Posted: Sun Aug 10, 2008 10:49 am Post subject: |
|
|
That depends is that game downloadable or flash?
You would look for the string "The weapon is already full" and change it. I'm pretty sure if it has text by text then you can use resource hacker. You can also change it with Cheat Engine by using the text scan but you would have to do that everytime you open the game.
|
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Sun Aug 10, 2008 12:16 pm Post subject: |
|
|
| You would find the function that writes that text. Then either find the buffer that it reads the text from and edit that or make it point to another buffer or you could reverse engineer it, find out what parameters that function takes and make your own call to it or hook it.
|
|
| Back to top |
|
|
CrossBreed
Cheater
![]() Reputation: 0
Joined: 30 Oct 2007
Posts: 37
|
| Posted: Sun Aug 10, 2008 9:52 pm Post subject: |
|
|
| Slugsnack wrote: | | You would find the function that writes that text. Then either find the buffer that it reads the text from and edit that or make it point to another buffer or you could reverse engineer it, find out what parameters that function takes and make your own call to it or hook it. |
Here is what I have done so far
1. I searched for the text message in unicode
2. I found it and took a look at what accesses it
3. Two things were found
| Code: | | Code :0071fcea - 66 8b 14 43 - mov dx,[ebx+eax*2] |
| Code: | | Code :0071fd4e - 66 8b 14 43 - mov dx,[ebx+eax*2] |
If I NOP both of them all the text dissapears...
What should i do now?
|
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Mon Aug 11, 2008 8:10 am Post subject: |
|
|
| Okay so ebx+eax*2 at that point points to the message string. And 2 bytes, the word, there is being moved to dx. Now then if I was you, I would breakpoint those instructions and trace/step them to try to see what is happening. If you can post the next bunch of instructions after that, it might help us analyse it for you.
|
|
| Back to top |
|
|
CrossBreed
Cheater
![]() Reputation: 0
Joined: 30 Oct 2007
Posts: 37
|
| Posted: Mon Aug 11, 2008 12:26 pm Post subject: |
|
|
| Code: | | Code :0071fcea - 66 8b 14 43 - mov dx,[ebx+eax*2] |
| Code: | | -0071FCEE - 66 83 fa 3c - cmp dx,3c |
| Code: | | -0071FCF2 - 0f 85 f8 00 00 00 - jne 0071fdf0 |
| Code: | | Code :0071fd4e - 66 8b 14 43 - mov dx,[ebx+eax*2] |
| Code: | | -0071FD52 - 8a 46 28 - mov al,[esi+28] |
| Code: | | -0071FD55 - 84 c0 - test al,al |
|
|
| Back to top |
|
|
Eraser
Grandmaster Cheater
 Reputation: 0
Joined: 23 Jul 2008
Posts: 504
Location: http://www.youtube.com/PCtrainers
|
| Posted: Tue Aug 12, 2008 12:28 am Post subject: |
|
|
| Just use hexworkshop. It changes the text permanently IF the game is client sided.
|
|
| Back to top |
|
|
CrossBreed
Cheater
![]() Reputation: 0
Joined: 30 Oct 2007
Posts: 37
|
| Posted: Tue Aug 12, 2008 1:08 am Post subject: |
|
|
| Eraser wrote: | | Just use hexworkshop. It changes the text permanently IF the game is client sided. |
i dont want to overwrite text, i want to add my own custom text.
|
|
| Back to top |
|
|
sponge
I'm a spammer
 Reputation: 1
Joined: 07 Nov 2006
Posts: 6009
|
| Posted: Tue Aug 12, 2008 3:04 am Post subject: |
|
|
find the beginning of the procedure. find out what calls it and look if its a simple text parameter.
aka
push buffertostring
call procedure
there could be more parameters though.
_________________
|
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Tue Aug 12, 2008 7:01 am Post subject: |
|
|
| Most string output/draw functions tend to take a parameter that is length of string (usually exclusive of zero terminator).
|
|
| Back to top |
|
|
CrossBreed
Cheater
![]() Reputation: 0
Joined: 30 Oct 2007
Posts: 37
|
| Posted: Tue Aug 12, 2008 12:32 pm Post subject: |
|
|
| Slugsnack wrote: | | Most string output/draw functions tend to take a parameter that is length of string (usually exclusive of zero terminator). |
Ok I tried something different. I know the game already has the message "This weapon is already full" in memory before you click your gun. I found the address and told cheat engine to look at what reads to it. I switched back to my game and click on my weapon to reload it. And i got this stuff.
The ECX Register has my memory address! this is very interesting. but why is it moving the value at ecx-0c into edx?
| Description: |
|
| Filesize: |
22.21 KB |
| Viewed: |
6527 Time(s) |
|
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
