jaxx0rr
How do I cheat?
![]() Reputation: 0
Joined: 04 Feb 2012
Posts: 2
|
 Posted: Sat Feb 04, 2012 1:06 am Post subject: NFS SHIFT 2 HARD ONE TO HACK |
 |
|
I have spend over 10 hours trying to hack this game..
I also posted this in the racing section but there's hardly anyone watching that.. so here is the info I gathered:
I'm trying to hack the lap count.. tried with cheatengine and Tsearch...
I found the values.. there are about 8 and I think they copy/check eachother constantly..
only if you change some of them all at once does it work so I had to multi-select in cheatengine and change value.. in tsearch u cant even do that
the lap counter is actually -1 so lap 1 is shown as 0
here are the scripts copied from autohack button script generator in tsearch:
| Code: | Patched script:
Poke 68A889 90 90 90
UnPatched script:
Poke 68A889 89 51 0C
Patched script:
Poke 68CA61 90 90 90
UnPatched script:
Poke 68CA61 89 50 0C
Patched script:
Poke 4ECC5E 90 90 90
UnPatched script:
Poke 4ECC5E 89 4A 18
Patched script:
Poke 54FC8E 90 90 90
UnPatched script:
Poke 54FC8E 89 48 08
Patched script:
Poke BB25A1 90 90 90
UnPatched script:
Poke BB25A1 01 71 28
Patched script:
Poke 5519C3 90 90 90
UnPatched script:
Poke 5519C3 89 50 30
Patched script:
Poke 4ECC79 90 90 90
UnPatched script:
Poke 4ECC79 89 42 34
Patched script:
Poke 9D6F03 90 90 90 90 90 90
UnPatched script:
Poke 9D6F03 FF 86 40 03 00 00 |
unlike other hacks where you freeze stuff here I need to increase or set the values simultaneously.. tried executing all the unpached parts to see if something happens, nope...
also in cheatengine the locations and opcodes coincide (almost, except 1 witch means the 3rd one above is not really important)
so these writes happen multiple times per second and are overwritten if I change the 5 below therefore they must have a graphic purpose only (also the targeted locations are always the same 00EDD30C and 00EDE21C)
| Code: | 0068A889 - 89 51 0C - mov [ecx+0C],edx
0068CA61 - 89 50 0C - mov [eax+0C],edx |
these writes happen when I cross the finish line (targeted locations are different every time except the last - 100882C8)
| Code: | 0054FC8E - 89 48 08 - mov [eax+08],ecx
00BB25A1 - 01 71 28 - add [ecx+28],esi
005519C3 - 89 50 30 - mov [eax+30],edx
004ECC79 - 89 42 34 - mov [edx+34],eax
009D6F03 - FF 86 40030000 - inc [esi+00000340] |
when I manually change the value of the first 4 and dont change the 5th value the game freezes..
problem is I don't know assembler language so I cant figure this stuff out..
how do I modify all the 5 targets at the same time ? or what should I write in trainer maker kit script box ?
any help is appreciated, thanks
EDIT:
I finally managed to get the pointerscan results
I made a trainer and it worked
then I changed the track and it stopped working.. one of the values was missing
then I decided to test the carrer mode and see if the endurance tracks would work, the motivated me to do this after all..
none of the values worked.. this would mean I'd have to start over and do the same thing but instead of the 100 m lap test track that I used and it took me about 10h I'd have to use a 2km track...
also turns out each track gives different pointers......
conclusion:
FUCKING PIECE OF SHIT EA DEVS.. I hope they die on christmas eve |
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
