kann jemand was damit anfangen
I have found what in a forum where toot one talk about God fashion
somebody can do what with that
Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
FAQFAQ SearchSearch MemberlistMemberlist UsergroupsUsergroups RegisterRegister
ProfileProfile Log in to check your private messagesLog in to check your private messages Log inLog in
In-Depth Tutorial On Finding Godmode
Goto page 1, 2, 3, 4 Next
Post new topic Reply to topic Cheat Engine Forum Index -> Cheat Engine Tutorials
View previous topic :: View next topic
Author Message
x0r
Maple moderator
Reputation: 49
Joined: 04 Feb 2007
Posts: 1218
PostPosted: Fri Mar 02, 2007 10:50 am Post subject: In-Depth Tutorial On Finding Godmode This post has 4 review(s) Reply with quote
Hey everyone!
Today I'm going to teach you how to find "god-mode" (invulnerability to all attacks). Now, "god-mode" can be found in many ways using Cheat-Engine & there's really an infinite amount of methods you can use to get to achieve the same result but I'm going to show you what I believe to be the three main methods;
Knock-back/blink Exploitation (Most likely to work)
HP Exploitation
Collision Nullification (Requires usage of method #1)
1. Knockback/blink exploitation
In most games when you get hit there's a certain amount of time in which you're unable to get hit. When you're in a tight situation & if you were to stay in one the same location as many many monsters, you'd be barraged with constant hits. By implimenting a timer that makes you temporarily invulnerable it can also create a huge security flaw, this is because the timer can be frozen which can make users permenantly invunlrerable. (note: you'll have to take one hit for it to activate) The easiest method of finding an exploit for this in a game with a blink/knockback timer is to find the boolean or the variable that defines your state. This can be done with Cheat Engine but it requires speed/pausing the process. You can do the following:
1. Stay in a stationary & safe position (away from anything that can force you to blink) & then search for an "Unknown Initial Value" with Cheat Engine.
2. Now go & get do something to get put into a blinking state then quickly search for a changed value.
3. Repeat 2-3 until you have a few addresses then check to see if they're triggered by going into that blinking state.
Now we should have some very useful addresses when it comes to the blinking state. There are usually two ways of setting the blink state as I said before. There may be a boolean (possibly a 0 when in an idle state & a 1 when blinking) or there may be a speed for the interval between blinking (usually increases when getting hit) you should freeze them when you're in the blinking state. You may have just discovered "blink god-mode" in your game!
If you've discovered the hack then congratulations Very Happy However for those of you who have discovered that you disconnect when trying this there's probably a check to see if you always have the boolean/blink speed at the same value but don't fret! Although you may not be able to change the variable without disconnecting you can have the variable change and still stay in the blinking state. To do this we must do some memory editing (beware, some games check to see if the memory has been modified). Right click on the variable that you usually freeze & click "Find out what accesses this address". Now go & get hit then wait a few seconds... You should see a few things appear, we're hoping for an instruction with a MOV or a CMP. For any MOVs. We should look for an instruction which stores the value of the blink-state variable in a register. (so something alone the lines of MOV EAX, [400300]) Then after that there should be a TEST or a CMP which checks the register which the value of your blink-state is stored in. After that we'll be looking for a condition jump like JNE, JE, JA, etc. Here's an example of what we'll be looking for:
Code:
MOV EAX, [400300] // Moves the value of the blink-state into the EAX register
CMP EAX, 0 // Checks to see if the blink-state is true (in boolean values, 1 usually = true). It may skip the MOV & just CMP [400300], 0
JNE 400400 // Jumps if blink-state is true
As you can see, this will check if the value of your blink-state is 0 (example of a boolean check) and if it isn't 0 (disabled) it will jump to the "blink activator". Now, how do we fix this?! Well, in this case we turn the JNE into a JMP or we can make the EAX (in the CMP or the MOV) a 0 by setting a debug register. This may vary in other cases but you get my drift, it involves changing the jump or the CMP. (CMP is much better because changing jumps can be dangerous) Smile
2. HP Exploitation
Well this is a bit easier but less likely to work because it's much more orthodox & generic to check the client's HP value to that of the server. There are many ways of doing this;
Stop HP From Changing
Stop Death Sequence From Occuring
Decrease Damage Taken
i) Stop HP From Changing
This is pretty straight forward, simply look for your HP value then freeze it (note: there may be a few, some for GUI elements [HP bar, etc] & the real one)
ii) Stop Death Sequence From Occuring
Well, you can look for a CMP or a MOV;
Code:
MOV EAX, [600300] // Moves HP value into EAX,
CMP EAX, 0 // Compares HP to 0, can skip MOV by doing CMP [600300], 0
JE 600700 // Death Sequence
As shown, the HP is compared to 0 and it will jump to the death sequence if the HP is equal to 0. Another way of doing this is to check for a boolean for death and then freezing it.
iii) Decrease Damage Taken
Two methods:
The first method involves the following following: Get hit then search for the damage that you had just taken, then get hit again and do it again. You should end up with a value, freeze it at 0. (This may result in a "miss-mode" effect)
The second method involves looking for what reads to the HP address and then looking for some kind of decrease which will eventually bring apon the DEC operand, look for something like this;
Code:
MOV EAX, [500300] // Moves value of HP into EAX register
SUB EAX, ECX // Subtracts ECX from EAX
You can easily combat this by changing ECX into a 0 or using a deub-register to change the value of ECX into 0. Hopefully now you'll have a working damage reduction hack Smile
3. Collision Nullification
This is probably the best variant of god-mode because it stops you from getting hit at all simply due to the fact you don't collide with the monsters in the first place. The concept revolves around the idea that there's a boolean to see if you're currently in contact with a monster & if so it initiates the damage calculation. We combat this by trying to find the boolean then freezing it or manipulating it. We can find the boolean by doing the following;
1. Stay in a stationary & safe position (away from anything that can hit you) & then search for an "Unknown Initial Value" with Cheat Engine.
2. Now go & stand on/over a monster then quickly search for a changed value.
3. Repeat 2-3 until you have a few addresses then check to see if they're triggered by touching monsters.
After this we'll have a value that we may be able to freeze to achieve a state in which we don't get hit Very Happy We can also do this by changing a CMP/TEST or a conditional jump, we should look for something like the following:
Code:
MOV EAX, [430100] // Address storing boolean for contact with monster
CMP EAX, 1 // Checks if you are touching a monster, can be CMP [430100], 1
JE 400100 // The code to initiate damage calcuation
We can stop this from jumping by NOPing it (making the jump a no-operation instruction). This will potentially result in a god-mode Smile
Shoutouts:
SunBeam - Coolest guy on CEF
Labyrnth - Haven't met you but a moderator at gamehacking.com must be cool!
appalsap - Coolest female on CEF
Renko - So I won't get nagged for not including him.
Joseph - So I won't get nagged for not including him.
Distribution Rights:
This may only be distributed with credits to me Smile
x0r - 2007
_________________
Last edited by x0r on Tue Mar 20, 2007 7:24 am; edited 3 times in total
Back to top
View user's profile Send private message MSN Messenger
EvilSanta
Master Cheater
Reputation: 0
Joined: 24 Dec 2006
Posts: 449
PostPosted: Fri Mar 02, 2007 11:15 am Post subject: Reply with quote
Nicee ;D This helps alot Cool
_________________
^ Click to get directed
Back to top
View user's profile Send private message
furiosity
Master Cheater
Reputation: 2
Joined: 03 Oct 2006
Posts: 451
Location: The Netherlands
PostPosted: Fri Mar 02, 2007 11:36 am Post subject: Reply with quote
Imma test it out on some games.
Back to top
View user's profile Send private message MSN Messenger
Renkokuken
GO Moderator
Reputation: 8
Joined: 22 Oct 2006
Posts: 3325
PostPosted: Fri Mar 02, 2007 12:59 pm Post subject: Reply with quote
Great job, but I don't nag. I bitch.
_________________
Back to top
View user's profile Send private message
GameSpy
Grandmaster Cheater
Reputation: 0
Joined: 18 Aug 2006
Posts: 760
Location: Sweden
PostPosted: Fri Mar 02, 2007 1:39 pm Post subject: Reply with quote
*CLAP CLAP* This is way better than Exidis bragging about his vac. Great TUT.
_________________
Back to top
View user's profile Send private message
FrozenLightningHacker
Expert Cheater
Reputation: 0
Joined: 05 Nov 2006
Posts: 172
Location: Wherever you want me to be
PostPosted: Fri Mar 02, 2007 2:32 pm Post subject: Reply with quote
GameSpy wrote:
*CLAP CLAP* This is way better than Exidis bragging about his vac. Great TUT.
Ditto
Back to top
View user's profile Send private message
DeadOrAlive
I post too much
Reputation: 2
Joined: 12 Apr 2006
Posts: 4809
Location: Singapore
PostPosted: Fri Mar 02, 2007 7:17 pm Post subject: Reply with quote
Oh wow. Finding godmode and other stuff. This is really useful [/sarcasm]
Back to top
View user's profile Send private message Visit poster's website
x0r
Maple moderator
Reputation: 49
Joined: 04 Feb 2007
Posts: 1218
PostPosted: Fri Mar 02, 2007 8:19 pm Post subject: Reply with quote
DeadOrAlive wrote:
Oh wow. Finding godmode and other stuff. This is really useful [/sarcasm]
Oh wow, you're an idiot. This is useful for games that may not have godmode discovered yet & it's also useful for other people who wish to learn. GTFO you ignorant punk.
_________________
Back to top
View user's profile Send private message MSN Messenger
furiosity
Master Cheater
Reputation: 2
Joined: 03 Oct 2006
Posts: 451
Location: The Netherlands
PostPosted: Sat Mar 03, 2007 7:53 am Post subject: Reply with quote
x0r could you help me finding godmode for a game called Conquer online, I have tried many things non have worked so far. So if you have some spare time, and willing to help me, then contact me.
Back to top
View user's profile Send private message MSN Messenger
x0r
Maple moderator
Reputation: 49
Joined: 04 Feb 2007
Posts: 1218
PostPosted: Sat Mar 03, 2007 8:05 am Post subject: Reply with quote
furiosity wrote:
x0r could you help me finding godmode for a game called Conquer online, I have tried many things non have worked so far. So if you have some spare time, and willing to help me, then contact me.
I'll download it & then do some experimentation, after I do my tests I'll give you hints Wink
_________________
Back to top
View user's profile Send private message MSN Messenger
furiosity
Master Cheater
Reputation: 2
Joined: 03 Oct 2006
Posts: 451
Location: The Netherlands
PostPosted: Sat Mar 03, 2007 11:02 am Post subject: Reply with quote
Thx i really appriciate that you say hints, i hope you can point me in the good direction. Thanks Smile
Back to top
View user's profile Send private message MSN Messenger
Labyrnth
Moderator
Reputation: 32
Joined: 28 Nov 2006
Posts: 3139
PostPosted: Sun Mar 04, 2007 8:08 pm Post subject: Reply with quote
.:Bumped:.
Seeing allot of question about this.
_________________
ŦẼĂm ẽאּŦåĿĨÂ
Back to top
View user's profile Send private message
TheSorc3r3r
I post too much
Reputation: 4
Joined: 06 Sep 2006
Posts: 2404
PostPosted: Wed Mar 07, 2007 11:34 pm Post subject: Reply with quote
Completely useless tutorial ; you took an extremely simple concept (which could be explained in a few paragraphs), and turned it into a multi-page essay that ultimately adds up to nothing.
You dressed it up with color to cover the fact that it has no meat, put shout-outs for no obvious purpose other than arrogance (along with the distribution right BS), and posted it in tutorial requests.
Not only are you arrogant, you're also rep-whoring.
It's beginning to show, more and more, that the only special talent/threat you have is DDOSing (which can be found by googling).
You will most likely respond to this with completely irrelavent insults that you can't back up (like you do with every person that dares to question your superiority).
Changing your name won't change the asshole you are, Irwin.
_________________
Don't laugh, I'm still learning photoshop!
Back to top
View user's profile Send private message
Ungreat
Expert Cheater
Reputation: 0
Joined: 27 Feb 2007
Posts: 215
PostPosted: Wed Mar 07, 2007 11:40 pm Post subject: Reply with quote
This whole thing is plain logic Confused This post is only relevant to those who didn't know that 'godmode' is when you can't die due to a form of invincibility.
I even pointed out to you on MSN when your ASM looked incorrect, and you proved to me that you didn't know your ASM correctly (or at least not even understand pointers correctly) when you replied (on MSN that is.)
Code:
MOV EAX, [600300] // Moves HP value into EAX,
CMP [EAX], 0 // Compares HP to 0, can skip MOV by doing CMP [600300], 0
JE 600700 // Death Sequence
Lol look, it is still there!
Edit: Err... I'll break down how he fucked up for you. This is about the very first thing you learn in ASM after you learn what a register is. x0r is fucking up on value tags: why are we learning from him? Lol
his comment:
Code:
// Compares HP to 0, can skip MOV by doing CMP [600300], 0
Ok: Lets look at the ways we can do this...
Like he said, you can do:
Code:
cmp [600300],0
JE 600700
at least he got the comment right Confused
his code, however...
Code:
MOV EAX, [600300] //gets the value heald at 600300 (like 233 for low health)
CMP [EAX], 0 // compares the value of the address 233 to 0
JE 600700 //jump if equal. By the way: you would crash before getting here. could not be "read" exception. 233 is inexistant memory
Some of you might be thinking 'oh well people could make simple mistakes like that' ... first of all: not someone as pro as x0r says he is... also: not even a complete noob to ASM would make that mistake if they understood what the value tags ( [ ] ) do.
And the worst part about it: I already told him/warned him in MSN that he had messed up! After I warned him is when he added a comment that further told you that he fucked up Confused (the cmp [600300],0 comment.)
the real way to do this that he meant was either
Code:
mov eax,600300
cmp [eax],0
je 600700
OR
Code:
mov eax,[600300]
cmp eax,0
JE 600700
You fucked up at the basics x0r Confused No wonder this tutorial is on finding the most basic hack Crying or Very sad
edit for a laugh:
Code:
MOV EAX, [430100] // Address storing boolean for contact with monster
CMP [EAX], 1 // Checks if you are touching a monster, can be CMP [430100], 1
JE 400100 // The code to initiate damage calcuation
hey look, he didit again! xD (That rules out the 'oops, I put some bracket on by accident' assumption that I mentioned earlier forthose that don't know much ASM)
_________________
Code:
mov r10, qword ptr [rsp+0A28h+arg_5F8]
shl rdx, 20h
mov r11, 7010008004002001h
or rax, rdx
mov rcx, r10
xor rcx, rax
lea rax, [rsp+0A28h+var_2C8]
Oh man, I'm getting too excited
Back to top
View user's profile Send private message
TheCrow
Cheater
Reputation: 0
Joined: 26 Nov 2006
Posts: 25
PostPosted: Thu Mar 08, 2007 12:23 pm Post subject: Reply with quote
thx! its very helpfull
_________________
Back to top
View user's profile Send private message
Display posts from previous:
Post new topic Reply to topic Cheat Engine Forum Index -> Cheat Engine Tutorials All times are GMT - 6 Hours
Goto page 1, 2, 3, 4 Next
Page 1 of 4
Jump to:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
Powered by phpBB © 2001, 2005 phpBB Group
