TKC-Community
Hacking and Art => Armed Assault 3 => Armed Assault 2 => Topic started by: Gerk on May 29, 2012, 06:52:15 pm
-
If you want to create trainer which will overwrite some scripts path to redirect it to your mod app init then following information will be extremely useful for you:
1. You need to find stable pointer for text string that you will be overwriting to call your init. (I recommend using cheat engine for that)
2. Your C++ trainer should be able to calculate address of required pointer since each time you'll restart your game your pointer address will change.
3. There is a template of C++ trainer on this website which can be used as base for your future C++ arma2 trainer
4. Here how path to pointer looks in armA2 [[[[Arma2.exe + someAddress]+Offset 0]+Offset 1]+Offset 2]+Offset 3
Here are some stable pointers (you can use them for creating trainer or just use them in cheat engine to boost requred string search and overwrite :)):
private ["_dummy"]; _dummy = [_this,"onload"] execVM "\ca\ui\scripts\dedicatedServerInterface.sqf"; >> [[[[Arma2.exe + 0080CB44]+800]+2f4]+400]+8 //this is for arma2
if (isNil('IGUI_GEAR_activeFilter')) then { IGUI_GEAR_activeFilter = 0;}; private ['_dummy']; _dummy = [_this,'onLoad'] execVM '\ca\ui\scripts\handleGear.sqf'; _dummy; [[[[[Arma2.exe + 0080CB44]+674]+1b4]+7d8]+7f8]+ 8 //Gear Arma2 1.11
-
hm strange, these strings are always at a random place in the 0xFxxxxxxx address range for me (I guess where the game allocates memory), every time I restart the game its different
-
gerk, i saw your edits. its much more simple to just scan the process's whole memory for the string (doesnt take too long actually) instead of trying to find a static base for the address.
-
gerk, i saw your edits. its much more simple to just scan the process's whole memory for the string (doesnt take too long actually) instead of trying to find a static base for the address.
Yep or that way, yeah had to edit this article since didn't have game installed for long time, forget some shit. What confused me first is that I run game and write down the address of some text string and when I restarted game address was the same lol, but after some testing it's became obvious that address changes
-
gerk, i saw your edits. its much more simple to just scan the process's whole memory for the string (doesnt take too long actually) instead of trying to find a static base for the address.
Yep or that way, yeah had to edit this article since didn't have game installed for long time, forget some shit
oh i see you found a static base and pointer path. good job if it actually works
-
gerk, i saw your edits. its much more simple to just scan the process's whole memory for the string (doesnt take too long actually) instead of trying to find a static base for the address.
Yep or that way, yeah had to edit this article since didn't have game installed for long time, forget some shit
oh i see you found a static base and pointer path. good job if it actually works
it works m8 :) tested on arma2, not sure about OA, didn't test it there
-
Oh right awesome, thanks.
-
gerk, i saw your edits. its much more simple to just scan the process's whole memory for the string (doesnt take too long actually) instead of trying to find a static base for the address.
Yep or that way, yeah had to edit this article since didn't have game installed for long time, forget some shit
oh i see you found a static base and pointer path. good job if it actually works
it works m8 :) tested on arma2, not sure about OA, didn't test it there
cool. how did you find it so quickly? i guess simply via breakpointing + tracing asm?
-
gerk, i saw your edits. its much more simple to just scan the process's whole memory for the string (doesnt take too long actually) instead of trying to find a static base for the address.
Yep or that way, yeah had to edit this article since didn't have game installed for long time, forget some shit
oh i see you found a static base and pointer path. good job if it actually works
it works m8 :) tested on arma2, not sure about OA, didn't test it there
cool. how did you find it so quickly? i guess simply via breakpointing + tracing asm?
Why do you think that I found it now? I found this the first day patch 1.11 came out lol, and it wasn't pretty fast. No not Via breakpointing + tracing asm.
-
gerk, i saw your edits. its much more simple to just scan the process's whole memory for the string (doesnt take too long actually) instead of trying to find a static base for the address.
Yep or that way, yeah had to edit this article since didn't have game installed for long time, forget some shit
oh i see you found a static base and pointer path. good job if it actually works
it works m8 :) tested on arma2, not sure about OA, didn't test it there
cool. how did you find it so quickly? i guess simply via breakpointing + tracing asm?
Why do you think that I found it now? I found this the first day patch 1.11 came out lol, and it wasn't pretty fast. No not Via breakpointing + tracing asm.
well, because i saw how you edited the post and it wasnt there before. ;) ok, just wondering as this stuff takes a while. i usually do this via breakpointing + tracing in olly, so i wondered how you did it?
-
gerk, i saw your edits. its much more simple to just scan the process's whole memory for the string (doesnt take too long actually) instead of trying to find a static base for the address.
Yep or that way, yeah had to edit this article since didn't have game installed for long time, forget some shit
oh i see you found a static base and pointer path. good job if it actually works
it works m8 :) tested on arma2, not sure about OA, didn't test it there
cool. how did you find it so quickly? i guess simply via breakpointing + tracing asm?
Why do you think that I found it now? I found this the first day patch 1.11 came out lol, and it wasn't pretty fast. No not Via breakpointing + tracing asm.
Telepathy? :icon_laugh