| View previous topic :: View next topic |
| Author |
Message |
pindakaas
How do I cheat?
![]() Reputation: 0
Joined: 10 Mar 2014
Posts: 5
|
 Posted: Tue Mar 11, 2014 5:02 pm Post subject: can't find the base address |
 |
|
Hi there,
I'm using CE for a timer-freeze in F1 Race Stars.
I found the dynamic address, but when i want to enter the hex address 0CFED83C it won't find anything. (using 'exact value, 4 bytes and 'hex checked')
What am i doing wrong? 
00E2123F - 8B 4D FC - mov ecx,[ebp-04]
00E21242 - 68 7F8D5B00 - push 005B8D7F
00E21247 - D9 44 83 3C - fld dword ptr [ebx+eax*4+3C] <<
00E2124B - 0FB7 45 0A - movzx eax,word ptr [ebp+0A]
00E2124F - D8 0D 78363F01 - fmul dword ptr [F1RaceStars.exe+613678]
EAX=00000000
EBX=0CFED800
ECX=0A49C5BF
EDX=0145C970
ESI=0A51C770
EDI=0A49C599
ESP=03FFF82C
EBP=03FFF848
EIP=00E2124B
|
|
| Back to top |
|
 |
danrevella
Master Cheater
 Reputation: 2
Joined: 11 Jun 2008
Posts: 292
|
| Posted: Tue Mar 11, 2014 5:26 pm Post subject: |
|
|
| What were the parameter you used to find the timer? exact/float?
|
|
| Back to top |
|
|
pindakaas
How do I cheat?
![]() Reputation: 0
Joined: 10 Mar 2014
Posts: 5
|
| Posted: Tue Mar 11, 2014 5:38 pm Post subject: |
|
|
| Float
|
|
| Back to top |
|
|
danrevella
Master Cheater
Reputation: 2
Joined: 11 Jun 2008
Posts: 292
|
| Posted: Tue Mar 11, 2014 6:15 pm Post subject: |
|
|
| But do you wanna search for pointer?
|
|
| Back to top |
|
|
podstanar
Advanced Cheater
 Reputation: 4
Joined: 02 May 2012
Posts: 82
Location: Flatland
|
| Posted: Tue Mar 11, 2014 9:07 pm Post subject: |
|
|
Use Pointer Scanner, or make an AOB injection.
_________________
Singularity is nearer. |
|
| Back to top |
|
|
danrevella
Master Cheater
Reputation: 2
Joined: 11 Jun 2008
Posts: 292
|
| Posted: Wed Mar 12, 2014 8:09 am Post subject: |
|
|
| Code: | [ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
subss xmm0,[ebp+08]
originalcode:
addss xmm0,[ebp+08]
exit:
jmp returnhere
"F1RaceStars.exe"+3A430D:
jmp newmem
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
"F1RaceStars.exe"+3A430D:
addss xmm0,[ebp+08]
//Alt: db F3 0F 58 45 08 |
This works for me.
Don't wast your time with searching for pointer in case a simple inject does solve your problem.
CIAO!!!
|
|
| Back to top |
|
|
pindakaas
How do I cheat?
![]() Reputation: 0
Joined: 10 Mar 2014
Posts: 5
|
| Posted: Wed Mar 12, 2014 4:53 pm Post subject: |
|
|
Thanks it worked!
Do you have this game as well?
Is it also possible to detect unlimited nitro etc?
|
|
| Back to top |
|
|
pindakaas
How do I cheat?
![]() Reputation: 0
Joined: 10 Mar 2014
Posts: 5
|
| Posted: Mon Aug 11, 2014 6:55 am Post subject: |
|
|
Hi again,
I also have another question about the same game. (F1 Racestars)
I'm looking for the power-ups that are on the race-track.
Is there somebody that can help me starting?
What value do I have to look for?
Many thanks!
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
