Sethioz Industries Forum

[Sethioz]

Knowledge Database Article of Basic Game Hacking available. It is strongly recommended to read that article.


First, here's some good tools that will come in handy if you want to hack / exploit games.

- Tsearch- its a memory editor with a debugger and disassembler in it. It is very good to edit game's memory.
- ArtMoney - another memory editor, which can filter for text strings.
- Cheat Engine - memory editor, very poor one i'd have to say and fucks up a lot, so i dont use it anymore.
- GhostKiller - memory editor that can bypass some defenses.
- MoonLight - another memory editor that can bypass some game defenses.

- CommView - a packet editor. i use this to manipulate packets in games, resend them and analyze the info sent/recieved. It has very powerful effect on games if you know what you are doing. It has very powerful capabilities, such as alarms and triggers.
- Notepad++ - no words needed i think, i use this to edit game files. not normal notepad, but notepad++ (its very advanced and supports lot of languages, C, C++, perl, css, php, html..etc)
- XVI32 - HEX editor. i use this to edit ''non-editable'' game files. under non-editable files i mean, the files that does not have a simple text or values in it. or i simply use it to replace HEX strings in a file to make it more readable while editing with notepad++
- cmd - command prompt, well i don't use it actually, but some programs can only be ran thru cmd. mostly Luigi's programs. such as fake player tools and server crash exploits.

I also want to take few more toolz in use. such as SoftIce and Olly.
- SoftIce - it was made for windows driver debugging. so it runs ''under'' windows and probably cannot be detected by any anti-hack game defense such as PB, VAC, gameguard ..etc. this is why i want to test it on such games. and yeah it can edit memory and find things.
- Olly - its a debugger and better than the ones in those memory editors. some games crash when you enable debugger in memory editor or when you try to edit something with debugger. so this is why i want to try Olly on those games.

How to setup Tsearch properly so you will find what you looking for:
- Go to View > Options > Map Area > check all the checkboxes and click ok

//////////////////////////////////////////////////////////////////////////////////////////////////////////

There are also some video tutorials available on my youtube channel

//////////////////////////////////////////////////////////////////////////////////////////////////////////

Some basic explaination and background, why, where, what:

tought ill add few details. ok lot of ppl have no clue where to start.
here i'll describe what i do when i want to get something done in game.
if you want simple health, ammo, time ..etc. you simply use one of the memory editors (tsearch is my favorite) and use ''search'' (scan in some tools ..etc) option to search for the value (ammo, health..etc). if you cant see value on screen then use ''unknown'' search and then use ''decreased'' or ''increased'' depending what happend to your value in game.
if you using unknown search, then after first search, i suggest doing nothing in game that changes the searchable value (if u search for ammo, then DO NOT shoot, but move and jump around. also dont change weapon ..etc. make sure ammo stays SAME) and then search for not changed. this will eliminate lot of false addresses. and then next only shoot few bullets and search decreased. those are really good methods to eliminate lot of wrong addresses at start.

about HEX editor... lot of games have quite readable memory. so you open the HEX memory editor inside of Tsearch or ArtMoney .. or what tool you like best. actually Cheat Engine has very good memory view. you can simply open it and just look at it. some games have things you can change right there. For example aliens vs predator 2 game has ''bute'' files that you can use to compare memory with.

game loads those files into memory. if you edit those files directly, then you wont be able to join any server (u can only play offline). so this is why you have to change them with memory editor. simply open the ''bute'' file and then compare it to the memory. you can clearly see pattern there and its very easy to find values.
here's few games that can be edited like that:
colin mcrae rally 05
GRID
aliens vs predator 2
cold fear
resident evil 4 (not really, cuz it has no ''readable'' memory. only values, but once you understand them its easy)

so other games like RE4, which i mentioned can be edited too, but theres no 'readable'' memory values. it means its hard to understand what is what, but once you find what you looking for, you will notice that game's memory has its pattern and it uses one specific way to map memory.
example: aliens vs predator 2 holds all memory values related to weapons close by. so if you find like ''ammo type (ammo you shoot)'' you can easily find lot of other things that effects weapons in some way. This method is used in most games. game always maps memory like that. For example in car games. all car settings are close by.

It is not a tutorial, just a simple explaination how memory works and how most games load files into memory. you should also really check my video tutorials about it. specially the one where i explain the ''search types'' in memory editor. and learn to use calculator to convert HEX values into DEC and other way around.

//////////////////////////////////////////////////////////////////////////////////////////////////////////

If you want more detailed tutorial on how to find health, ammo and such, then take a look here > How to hack / get unlimited ammo in single player games
Note that this method is not only for ammo, you can use exactly same way to get anything that is value based in nearly any game.

[Sethioz]

Tutorials:

1. How to get infinite ammo in most games.
> UPDATE <

Knowledge Database article of Unlimited Ammo Hack is available, it explains everything in detail. if you still do not understand, then read this thread further and reply with a question/s.

> also read the FULL TUTORIAL about ammo hacking
-I'm using Tsearch to do that. so far it have worked in every game ive tried (in single player, because in multiplayer, server controls ammo and it cannot be done, some games have glitches, but ammo CAN NOT be changed directly in multiplayer)
-Open Tsearch
-In Tsearch click "process"
-choose your game's process (some games like red alert 3 has .exe and .dat files, in that case do not choose .exe, but other file)
-now go into game and look how much ammo you have (in clip lets say)
-now in Tsearch click on this magnificant glass to start search
-search for the ammo value (if you have 303 bullets, then search for 303, most of the case it can be found on 4byte search, so use this first)
-once search is done, go back in game and shoot few bullets
-now if you have 299 bullets left
-click on other magnificant glass in Tsearch (one with ... at end, this is filter)
-now filter for 299, you should get way less addresses
-keep doing that, until you end up with 1-4 addresses
-add all of them into cheat list, by double clickign them or clicking that green + icon
-now freeze one of them (check the checkbox in front of the address)
-go into game and shoot
-do this until you find the address that freezes your ammo.

this method works fine, but problem is that in most games address changes after you restart game or even in loading places (doom 3 for example) so to prevent that:

-click on "autohack" - enable debugger
-click on "autohack" - autohack window
-right click your ammo address and click on autohack
-now go into game and shoot (make sure your ammo address is NOT freezed)
-now go back into autohack window
-you will see breakpoint there, one that appeared when you shot
-highlight that breakpoint and click on "tmk" button and choose "button script"
-there you will need to look for line that says "Poke some_address 90 90 90" (it can contain more 90 90 90 90...etc) you get the point.
-now lets say this address there is 3003 90 90 90 90 90 90 90
this means that there are 7 addresses (3003 address on 7bytes will overwrite all of them)
-so what you do, is add all those 7 addresses into cheat list, one by one (ofcourse if your address says poke 3003 90 90 90, then it means there's only 3 addresses, if you dont understand, then you too dumb :) )
huh ? 7 ? where ?
-yes 7 addresses, here's how you get other 6.
-first address is 3003, then next is 3004, 3006, 3007, 3008, 3009, 300A (A ?, YES, because it is in HEX !!! remember that)
if you do not know how to add in HEX, then use your windows calculator.
-now you have added all 7 addresses (on 1byte !!!) into cheatlist
-now its time to make hotkeys.
if you think its necessery to turn it back to normal, then you should make 2 hotkeys for each address
if you think you don't want to turn it back to normal (it will turn back to normal after you quit game ofcourse), then you need 1 hotkey for each address.
-right click address, click edit, from there you should be able to add hotkeys on your own.
-1 hotkey should do this: num1 = set value = 144 (144 in dec, is 90 in HEX)
i took num1 just as an example. set same hotkey for all 7 addresses
-now click the hotkey so all addresses will have 144

thats it, you are done. you will have infinite ammo. This works in 99% of games. just few games where ive done it:
Resident Evil 4
Dead Space
Far Cry 2
Aliens vs Predator 2
Cold Fear
Just Cause
Grand Theft Auto Vice City
Grand Theft Auto San Andreas
RoboCop

NOTE - this method works also for health, credits, money, funds..etc

2. How to find health, when game does not show numeric value

> UPDATE <
Knowledge Database article of Finding Unknown Values is available, read this first, then read the post.

-Follow the previous tutorial to the step where you have to search for values.
-Instead of "exact value" choose "unknown"
it will list ALL addresses in game. there is no right or wrong way to search it, so here's tips what i do:
-DO NOT lose or gain health in game, simply move around, shoot, jump..etc
-go into Tsearch and filter for "not changed"
-do that 5-10 times
-now quickly lose or gain some health
if you lost health, filter for "decreased"
if you gained health, filter for "increased"

-now simply keep repeating those steps in random order, until you end up with 1-11 addresses, then simply test them one by one.
-now you can use debugger to do same with health, just look above.
-NOTE, also once you find your unknown value, you should make a note what it is when its full. if you searched health in some game, then fill your health on max and then simply look at the value on the address. (for example in Far Cry 2, flamethrower does not show numeric values, but full tank of gas is 300). that will make it way easier to find, in case you should need it again.

[twister329]

I tried this to the game last chaos and the gold value changed but I couldn't use it. O.o, any idea how to fix that?

[Sethioz]

that's because you CAN'T change server side things lol. i did add a note, that this works on SINGLE PLAYER games. in multiplayer games you CAN NOT edit the server side values, because your server controls it. as i also mentioned, you can only exploit the game and hope there is a bug that allows something. For example in Aliens vs Predator 2, there was 2 values that controlled the fall damage and using those allowed you to get health, it is very rare case, haven't seen such thing in any other game so far.

[mnsfhhwtmx0]

oh yeah. thanks alot man. health works very well. i had trouble the first time but i got it. anyways i was thinking of finding a money hack (or pestesas hack with me because im playing resident evil) with tsearch. i think i got the whole basic concept of finding it. it shouldnt be that hard. anyways, if i do find it, ill post it up. thnks alot.

[Sethioz]

most games allocate at least 4 bytes for money (credits, or whatever game uses), so you just need to search for the on screen value and then use some credits and filter. Also note that in some games, where you have to enter some shop to buy, you also have to exit shop after buying or selling and then filter, because some games change the actual value after you exit the shop (buying place)

[hideo]

do you know how to hack money in games such as warlord battlecry or company of heroes or cossack where each resource are increased every second??? for warlord battlecry i already obtained the address and it know the value but even after i changed the value...it still don't change when i go into the game again..

[Sethioz]

sounds like strategy games, for example like Supreme Commander ? im quite sure you mean this sort of resources, so you should check the hacking topic for Supreme Commander Forged Alliance and see how its done there.

[hideo]

i think its different, its not the same...company of heroes and warlord battlecry or maybe cossack, the resource they use is like increasing all the time

[Sethioz]

this is exactly whats going on in SupCom FA, did you read the topic ?
there when you build Energy Generator, then it generates +100 energy all the time. if your usage is like -60, then you have constantly increasing energy by +40. also if your energy storage is like 10000 and its full, then ofcourse it wont go bigger than that, then you need to build some energy storage to get more.
try the method i used in SupCom

[Hackz45]

Hello Sethioz, I seem to have a problem. I've gotten the money hack down, along with the Unknown Value etc. I can NOT seem to find the four values for the wheels of a car. I have a emulator and I am asking does some values get affected when you pause the game? By the way I use Float to try and find it along with the range, and when I change the value on the right, the memory editor comes up with nothing, even when the game is not paused, I don't think I need to change the value on the right and only on the left. What is your suggestion?

[Sethioz]

what game are you talking about and if its emulator, is it some console game ?
if its PC game and something specific, make a new topic with proper title (game name - hacking)

you can read WRC 2010 hacks
i have done exactly that in wrc 2010, changed speed of each wheel without even using the engine of car.

[w_4exr7]

bro seth .... why i can't download that video above ? i want to download that video tutorial .... :(

[ModdingSince]

Hi joined your forum basically to ask a question. I was having the exact problem you were talking about with the game disconnecting online after making changes using the memory editor offline.

about HEX editor... lot of games have quite readable memory. so you open the HEX memory editor inside of Tsearch or ArtMoney .. or what tool you like best. actually Cheat Engine has very good memory view. you can simply open it and just look at it. some games have things you can change right there. For example aliens vs predator 2 game has ''bute'' files that you can use to compare memory with.

game loads those files into memory. if you edit those files directly, then you wont be able to join any server (u can only play offline). so this is why you have to change them with memory editor. simply open the ''bute'' file and then compare it to the memory. you can clearly see pattern there and its very easy to find values.
here's few games that can be edited like that:

[Sethioz]

so ... umm .. what is the question? and yes, i have posted all about comparing files to memory, since files are loaded into memory anyway, just bit distorted, but still readable usually.

[ModdingSince]

so ... umm .. what is the question? and yes, i have posted all about comparing files to memory, since files are loaded into memory anyway, just bit distorted, but still readable usually.

Sorry about the PM message obviously you're annoyed by the constant messages there but I wasn't sure if you'd respond or not in a timely manner.

I've been trying to edit a game called PES 2013 on PC (Sports Soccer game) and I found a value when I change it edits one of my players stats to maximum values, if I scroll up or down on the memory edit I can also edit all my other players ratings within the same area, but obviously when I try and use the same memory edit online it disconnects me within 3-10 seconds but I can tell the edit has taken affect and is the reason why the server won't allow me to stay connected. When I tried doing a pointer search for the address I could only get it down to around 620 results before I struggled to get it to reduce even with 5-10 attempts at a rescan.

I usually get 4-5 (4 bit results) one of them is always the same address (permanent) and another is the one that has an affect on the in game rating attributes (all of them are bunched together in 5-6 addresses one after the other) but it doesn't change their stats visually) like a health bar that gives you twice as much life but doesn't change in size I guess.

But I also find 2-3 (1 bit results) and one of those results allows me to change the visual rating of a player attribute (like acceleration or sprint speed or shot power) but by itself it has no effect in game, like a health bar that increases to twice the size but is like having the same life you originally had still.



I'm asking only theoretically at this point but if I can find the pointer or breakpoint or whatever it is I need to find for the 4 bit result that influences the player attributes gameplay directly (the 4 bit value) would I stand a better chance of staying connected in a game in multiplayer ? or would it simple be a waste of time

[Sethioz]

its hard to say, there might be online check against stats (like a patch specifically designed to prevent such hacks), in that case, it is server sided and not possible, server will always notice.
There might be way to fool server to think you have higher stats, in that case server would think it is legit, but that requires lot of reverse engineering and researching into game protocol.

if you can host your own server, do that and monitor what is going on between server <> client.
often server logs tell you what was the reason for kick, that helps you coordinate the attack against server or just bypass whatever is causing the kick.

as about pointer scan .. LOL .. pointer scans will always have tons of results, you don't have to get pointer scan down to 1, even with 1 million + its fine, just pick the one that never changes (after reboot of game and pc) and use it, that's it.
We always scan in 2 PCs, to make sure it will work on any PC, but if you don't have 2 PCs and noone who can rescan for you, just reboot game and pc and whatever results are still correct, just pick the first one and use it.