Star Wars Jedi Knight - Jedi Academy hacks / exploits

get your superiourity here ! be an offline or online GOD of the game. infinite ammo, unlimited nitro, turbo boost, god mode, you name it !
Post Reply
User avatar
oneandonly
Newbie..
Newbie..
Posts: 12
Joined: Sun Nov 23, 2008 12:36 pm

Star Wars Jedi Knight - Jedi Academy hacks / exploits

Post by oneandonly »

Hi there I wanna ask you guys some questions about hacking this game. I've been playing it online for some year now and recently wanted to try find some exploits and stuff.
First I've found things like cheat engine on the innernet. I've got a little into it. I think I've got the adress finding thingy etc.
But I wanna find things that are for me as a beginner hard to understand
Ok lets start. I've found that there are alot of bugs in jedi academy since it was patched just once after the actual release. There no such thing as a Punkbuster, Gameguard whatsoever for the multiplayer. The damage that the opponent gets from the lightsaber depends on many things, such as the opponents internet speed, your/his internet settings, like RWIN, MTU etc etc... and also the ingame connection settings
So if you have your cl_maxpackets set on a 100 which is the max. value you do more damage etc. So in jka your damage hits saber blocks depend on your config.
There are some bugs regarding the saber block system so if you have good cl_maxpackets, rate, snaps,cl_packetdup, cl_timenudge settings so can easily block most of the opponents hits.

What I'm interested in is finding/exploiting, maybe also packet editing saber range, damage( the more packets you send the more the damage is) maybe saber blocks editing so when the opponent tries to hit you you easily block the hit and return a slash, hitbox editing so i can do more damage to the opponent

Any suggestions? ideas? I've tried some things but atm I haven't had much success with it. I would try further but I don't have yet the skill neither so much ideas for this so i need some guidelines :D
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by Sethioz »

Interesting. i had no idea about saber damage and such. I do not have game installed, but i may install it again (still have it on CDs somewhere i think). I've been thinking to try some hacks for it, because lot of ppl talk about it. Luigi have found lot of exploits for it too, but he do not hack games, he simply finds exploits like server crash or fake players..etc and he also sometimes releases patches.
About range..hmmm. It can be tricky. wasn't there source code of JA somewhere ? If you do not know the range of weapon, it is extremely hard to find it, because address usually do not change.
one way to find range, is to find weapon's in-clip ammo, then go to that location in memory (memory HEX editor) and check the values there. usually weapon's hold all such values very close by. if you see what i mean. ofcourse you can not change ammo online, but try it offline first. if you do find range in sp, then you know that it CAN be changed. it is very unlikely that range is controlled by server (i think none of the game's server control range, exept MMOs where you can get higher range with higher level, i think)

I remember that Medulla Oblongata told me that you can make a fly hack in jedi academy. I haven't tried it, but here's how i would try it:
if im right, there is freefly mode (spectate or something). go there and search for...umm 0 ?
then go into battle and search for changes, then back on freefly and 0. you have to do like 40 searches or even more i assume.
If this method doesn ot work, then try "unknown" as first search and keep searching for changed or not changed (changed if you go from spec to normal mode, and changed if you go from normal to spec...all makes sense, if you see the point ?!, and not changed if you are on spec mode, move around..go into normal and go back into spec)
I've done fly hack in 2 games with this method (both was using lithtech engine). in FEAR and AvP2 (prolly AvP too). In there it was 0 when normal and 24 (in avp) and 4 (in fear), but i doubt it is same in JA. i mean method is prolly same, but not values.

Now about packets. you say that more packets you send, the more damage you do ? basically you saying that packet contains something like:
"usr_action_slash" so when you keep clicking your fire button FAST, then it sends more packets and does more damage ?
if thats the case, try resending the packets using either WPE pro or commview. you NEED a friend's server to test this out, otherwise results will not be 100% correct. i suggest you to ask some friend to host a server and lock it. so there's only you and him.
Here's two videos from avp2, what i did with packets:
-Video 1
-Video 2
You can also try to replicate the infinite ammo i did. Or try to make it collect health packs..etc. Just to test and learn packet editors.
Do you know more about those settings ?
cl_maxpackets
rate
snaps
cl_packetdup
cl_timenudge
are those client side only ? I mean it should be client side. so it means you can use memory editor to put some custom value there. if 100 is max, then you can set it on 200.
User avatar
oneandonly
Newbie..
Newbie..
Posts: 12
Joined: Sun Nov 23, 2008 12:36 pm

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by oneandonly »

If you don't have the cd-s u may wanna DL them ^^ http://thepiratebay.org/torrent/3304329 ... di_Acadamy

Basicly I've found out that the more packets you send the better the damage is, example when someone sets his packets near the lowest value 14 hes very hard to kill etc, he ghost. And there is no punkbuster etc as i said to prevent them doing that.
(LOOOOL) The saber value is 40 for single sabers, for staff I'm not sure but you can easily unpack the .pk3 files there and find the saber , open the file with notepad and you see how much it is. So it's 40
Btw the game is very moddable and customizeable every one can make his own mod, map, everything.
Ok here you have some things about the behavior of packets, fps etc http://www.funender.com/quake/console/q3connection.html

Example this are the settings i use: com_maxfps 100, cl_maxpackets 100, rate 25000, snaps 40,cl_packetdup 1, cl_timenudge 0

With 100 fps and packets i should get constant packet sending of 100, if you read the guide there u'll get why 166 fps can't send 100 packets because it's not a integar of 1,2,3,4...so it sends 83 packets instead. It would be interesting if you/somebody could somehow check the behavoir on various settings. For a single saber this settings are good. But for two-handed saber (staff) a higher fps is better, example if you have like the rate 25000, snaps 40, fps 166, packets 83, packetdup 1, and timenudge -40 you easy kill outblock the other person easily, but with like 100 fps 100 packets its harder.
Sometimes the dependancy don't have any sense at all, but work good for blocks etc....
In the community a negative value of cl_timenudge is considered cheating, because the model lags weirdly and blocks are strange. But you can only surely say that player has timenudge if his inagem lagometer is somehow spiky

And yea they are client settings except for rate and snaps, rate is determined by sv_maxrate and snaps by sv_fps

cl_packetdup sends extra packets when u have packetloss, what is not common for dsl settings, but w/e, when i tried to play with five, i have breater block and abnormal damage, but its very buggy so i ghost much of the time and cant hit what i want

rate is somehow better on 20000 dunno why but the game is more fuild for me etc...at least i think so
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by Sethioz »

so it has the files where you can see values for stuff ? then its really easy. can you post the file here ? either add it as attachment (rar) or use code block and paste part of file here.
In AvP2 there was also files. what i did was really simple. I used Tsearch's memory HEX editor. opened it and then opened the attribute file too. then i simply compared it. game loads that file into memory, in same order as it is. so you only have to find right place and edit it (just like it would be a file). so when you find saber's range in memory and change, it should work fine. in avp2 there was like 10 of those places in memory, but only 1 was for multiplayer. others was friendly NPCs or something like that.

i took a quick look into those packets, i doubt it effects much. as you said..its buggy. so its not good way to hack. unfortunetly, i just remembered one other thing. since it uses q3 engine, it has "challenge response" system, it means that every packet is checked and you can't send your own packets using commview, WPE pro should work, because it doesn't send whole packet, it sends only content of packet and requests for new header (i think its like that). however filter is something else, you can modify packets.

anyways post the file or paste some part here (use code block plz, otherwise it goes too long).
User avatar
oneandonly
Newbie..
Newbie..
Posts: 12
Joined: Sun Nov 23, 2008 12:36 pm

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by oneandonly »

I think this is what your looking for, not quite sure. Other saber files were saber models(.glm and some images), i can upload them too if you need
Attachments
sabers.rar
(9.95 KiB) Downloaded 699 times
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by Sethioz »

yes it seems VERY easy. so what you can do is:
This is how Saber looks like:

Code: Select all

// WP_SABER
{
weapontype       WP_SABER
weaponclass      weapon_saber
weaponmodel      models/weapons2/saber/saber_w.md3
weaponIcon       gfx/hud/w_icon_lightsaber
firingsound		 sound/weapons/saber/saberhum1.wav
ammotype         1
ammolowcount     5
energypershot    1
firetime         100
range            8192
altenergypershot 3
altfiretime      100
altrange         8192
missilemodel     models/weapons2/saber/saber_w.md3
}
so if you want to change range, then in Tsearch open HEX view of game's memory. Now search for "WP_SABER" (case sensitive). Now in game's memory you should see all the fields (weapon_saber, models/weapon2/saber/saber_w.md3..etc) exept the words that specifies what is what. like range, firetime, weaponicon..those things you wont find in memory. ok once you have found WP_SABER, then compare it to the WP_SABER in file and see where values start and end. ofcourse in game's memory it is not so clear, there's probably lot of 00 00 00 between them or even some other values, but its all there. so now you do this:
8192dec converted into HEX is 2000. I'm not sure about JA, but in AvP2 game swapped the hex values. so it looked like this:
"00 20" on either case...if its "20 00" or "00 20" it should be very easy to find. now click on first byte of the value and look at the "offset" below. (word offset is used when you talk about specific address) so add that address into cheatlist on 2 bytes (remember that 2 bytes can only hold 65535 (FF FF in hex) and change value and see if it changed. If it did not change, then try searching memory for more "WP_SABER", im quite sure it exists more than once there, try same with all the sabers you find in game's memory.

Im 99% sure that it will work, there is nothing that checks this (no anti-hacking stuff). only problem is that all weapons have same range, i have no idea why its like this. its not the fire range after all ? its probably, because other weapons use vectors to make damage and they are models, so it is counted as moving model and it has no range, it travels as long as it hits something. just a tought.

anyways i found something more interesting.
"energyPerShot - amount of energy used per shot"
in AvP2 i changed that from 1 to like 20-30 and had one shot kills. its basically a hack that cannot even being detected. even if you change from 1 to 2, then you make twice the damage already.

i also think that you can change ammotype. so it means you can shoot anything out of saber (having infinite ammo). in AvP2 it was possible (to shoot rockets from knife..etc), but only problem was that ammotype was not what it was in the file. first try range and vectors.

NOTE, if you get range working, but you want more than 65535, then first check the memory position of the address and see if it is like this: "00 20 00 00"
huh ? in other words, first make sure that your value you found has at least 00 00 at end of it (extra 2 bytes). If it has 00 00 at end, then simply change your address type to 4 bytes and put higher value (4bytes can hold 4294967295).
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by Sethioz »

Update:
It's just the way i tought it is. I have no idea what this range is, because it makes no difference at all. I managed to make my weapon shoot as fast as minigun. There's also 2 ways to get infinite ammo. either change ammo type to 0 (0 means that weapon needs no energy to operate) or change energypershot to 0 (this means that weapon needs 0 energy to shoot), both works. I made a video too and upload it shortly.
I'm not even going to test it online yet, i need a test server without time limit and without other idiots who would screw it up. Now i remember why I didn't find those files, because they not there, well they are, but not in plain .dat files. Which pk3 file did you extract exactly ? which ones hold the game data ? Here's a quick shot of saber data in game's memory too.
you can clearly see that game allocates 4 bytes to each value. Don't ask me, but again as i predicted.. range and such are not what you see in calculator. if you convert 8192 into hex, you will get 2000, but in game's memory it is "00 20" just as i said it would be.

Video available:
-Click HERE-
Attachments
MSNscreen_330.png
MSNscreen_330.png (19.81 KiB) Viewed 26671 times
User avatar
oneandonly
Newbie..
Newbie..
Posts: 12
Joined: Sun Nov 23, 2008 12:36 pm

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by oneandonly »

Ok I will try this things out, but if you have time could you exactly look into how to edit range, blocks(saber locks), and damage because I'm not rly interested in weapons xD, just saber stuff ^^

Sure I'll try this out. I will post here if I get some results
Ok i found it, it was in assets1.pk3 simply rename pk3 to zip and extract, i think you know that ;)

Btw update game to 1.01 if you already haven't http://www.lucasfiles.com/index.php?s=& ... ile&id=235
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by Sethioz »

It was simply a quick test, to see how and if it even works. But as i mentioned, this range is wierd, because all weapons have same range. I did change range, but saber had no effect at all, maybe i need to specifically change one handed saber.
It was also a demonstration on HOW you do those things, so you would get a overview of it.
I will also try to make the fly hack. who knows what else i find.

already got 1.01 patch. I use Demonoid to download torrents, my first choice.

Update:
well here's what YOU can do. Why don't you make backup of your files and then edit them directly in those .dat files. See if you can make your saber better at all. I tried to change firetime and range, but it seems that it has no effect at all. Or is there some other files that hold the damage info ? I took quick look into pk3 files, but couldn't bother with them much.
User avatar
oneandonly
Newbie..
Newbie..
Posts: 12
Joined: Sun Nov 23, 2008 12:36 pm

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by oneandonly »

Maybe the .glm of the sabers hold it....but blah... doubt it its just the model of the saber, maybe its somehow managed trough the jampgamex86.dll or cgamex86.dll

Isaw some time long time ago that people talked about .dll's
Maybe making a custom dll and then injecting it in jamp.exe? xD
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by Sethioz »

and what exactly that .dll would do ? you mean like write your own function (something like aimbot) ?
It doesn't matter how its managed. I mean that saber is something else, there can be several ways how it works. mabye it is part of animation (like in MMO called last chaos, there when you changed animation of the magic, then it gave you instant magic. it means there was no animation, allowing you to do magic over and over again as fast as you wanted). so maybe its same in JA, maybe if you change the animation of the saber, then it would work faster. Actually it was also same in avp2, i simply changed model of the knife to minigun, so knife looked like minigun (only on my screen) and was shooting at rate of minigun. im quite sure it would work, just not 100% sure which model i should change. you can test by editing directly the pk3 files. This should give you speed for start.
Ill test it myself some time soon and then ill update this post/topic
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by Sethioz »

Just a lil something i did, because i found out that its faster to make a trainer than add like 20 addresses into cheat list and then make 2 hotkeys for each.
can somebody test if it works ? it works for me, but not sure about others. its for version 1.01.[/color]


Update:
i tried something online, but uhm, i think that there's another file for jamp weapons. I also tried to make few hacks, but it kept fucking up all the time. it kept disconnecting me for nothing with some stupid cl_packet..blabla error. I made my own LAN dedicated server to test, can't do anything if it keeps disconnecting me even when im just running. Maybe ill take another look in it some other time.
Attachments
JATrainer.rar
1.01 version.
(234.88 KiB) Downloaded 733 times
imamonstar
Newbie..
Newbie..
Posts: 2
Joined: Fri Feb 20, 2009 3:27 pm

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by imamonstar »

did you ever figure out how to make any of these work in JA multiplayer?
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by Sethioz »

figuring out is one thing, but making it really work is other.
problem is that game does not use those values for multiplayer. If you can find the place where game stores that data, then yes its easy. i mean i couldn't even find another file where game might keep those values.
the files i listed and mentioned...only for singleplayer. I also tried to search memory for other locations, but it seems that multiplayer uses totally different system.
uh thats not even possible, must be something im missing.

Here's example:
in AvP2, there was about 10 or more memory locations which held nearly the same data. only difference was that game loaded each one for each thing. 1 was for single player, next for single player bots (enemys or allies), next for multiplayer..etc. all you had to do was click 'find next'. I tried same in JA, but it doesnt seem to have same place. so maybe it simply uses same data, exept the damage, range..etc values, which are stored somewhere else as simply values, and cannot be found so easily.

I don't have the game installed anymore, so i can't test more. I surely update the topic IF i get it back and test.
imamonstar
Newbie..
Newbie..
Posts: 2
Joined: Fri Feb 20, 2009 3:27 pm

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by imamonstar »

Sethioz wrote:figuring out is one thing, but making it really work is other.
problem is that game does not use those values for multiplayer. If you can find the place where game stores that data, then yes its easy. i mean i couldn't even find another file where game might keep those values.
the files i listed and mentioned...only for singleplayer. I also tried to search memory for other locations, but it seems that multiplayer uses totally different system.
uh thats not even possible, must be something im missing.

Here's example:
in AvP2, there was about 10 or more memory locations which held nearly the same data. only difference was that game loaded each one for each thing. 1 was for single player, next for single player bots (enemys or allies), next for multiplayer..etc. all you had to do was click 'find next'. I tried same in JA, but it doesnt seem to have same place. so maybe it simply uses same data, exept the damage, range..etc values, which are stored somewhere else as simply values, and cannot be found so easily.

I don't have the game installed anymore, so i can't test more. I surely update the topic IF i get it back and test.
Ok thanks. If you can't find it, then I have no hope of finding it .dh.
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by Sethioz »

i did not look much. however i came up with one idea. go to SP and see if any values change when you change your weapon, if they do then you can scan for them in MP. values may not be same, but you can use range or unknown search and then filter several times (tead the basic game hacking tutorial if you dunno how).
User avatar
haco.pk3
Newbie..
Newbie..
Posts: 13
Joined: Fri Jan 23, 2009 10:18 pm

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by haco.pk3 »

Sethioz wrote: If you can find the place where game stores that data, then yes its easy. i mean i couldn't even find another file where game might keep those values
What you mean with "stores that data" ? When you play MP the game makeing temp file or someting else ? Probably the .log file ;sp or no
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by Sethioz »

LOL no, game does not make a temp file, i mean't maybe there is another file for multiplayer data or its compressed or encrypted in memory, maybe thats the reason why i couldn't find it.
but most likely values are different from single player values (like in most games)
User avatar
haco.pk3
Newbie..
Newbie..
Posts: 13
Joined: Fri Jan 23, 2009 10:18 pm

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by haco.pk3 »

Oh crap :o Hmm I should pick up pakscape and start searching while playing, maybe there's some chanse to be able to find someting, but I doubt I will with my low programing skills. Halp meh programers if u ever read that :lol:

Hmm what bout JK2 :o anyone ever tried to hax, crack, tsearch it ? Maybe the system of working is teh same
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by Sethioz »

system is always the same, problem is that you don't know the right values to search. read the basic tutorials under "Hacks / Cheats / Exploits / Trainers". those should help you out with tools, so you know how to use them.
User avatar
haco.pk3
Newbie..
Newbie..
Posts: 13
Joined: Fri Jan 23, 2009 10:18 pm

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by haco.pk3 »

Ok but you told meh I cant change those "server side " things like saber, ammo, health, shield, sv_'s on the server, so there's nothing left to change. o,O
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by Sethioz »

uhm just read the other topics. saber is not server side, at least should not be. also models, speed, shooting speed, attack speed..etc should not be server side.
also server side data can be manipulated (read avp2 hacking topic to see how it was possible there)
User avatar
haco.pk3
Newbie..
Newbie..
Posts: 13
Joined: Fri Jan 23, 2009 10:18 pm

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by haco.pk3 »

hmmm... you're right bout the saber. I've seen peeps how use "1 hit kill" pobably modified saber file or someting. Also I know person who just get teh rcon of the server easly. I'd made lil test - I choosed 1 random server and we joined. After few minutes he was ready with the rcon o,O. I think thats probably bypass the sv_allowDownload 0 ( like he changed it to 1 and downloaded the server cfg file, but not sure ) or some kind of glinch or idk its so confusing :S. He even told me he do that only with the console, maybe he exac some kind of file with other scripts attached to it [ as ADS's maybe ] ( if you ever had the BobaFett's Hax Toolkit you will know what ADS I talk bout ), and then he download server.cfg file or idk that's just supposition'n theoryes
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by Sethioz »

that rcon matter was discussed on Luigi's forum too, but never confirmed. unless he does this in my server, which i don't have, i won't belive that. i don't say its impossible, but most ppl these days simply use some other method and then claim that they did it. ..however if you chose the server where to enter, then hmmm. maybe there is some bug in the mods they use or maybe the server you selected is vulnerable for older exploits..etc.
its very old game and does not interest me at all, so i dunno much about it.

note that you probably can't change files and join, only way is do it in memory.
User avatar
haco.pk3
Newbie..
Newbie..
Posts: 13
Joined: Fri Jan 23, 2009 10:18 pm

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by haco.pk3 »

Sethioz wrote:only way is do it in memory.
hmm...do you have someting in teh forum that I can read bout that way ?
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by Sethioz »

User avatar
haco.pk3
Newbie..
Newbie..
Posts: 13
Joined: Fri Jan 23, 2009 10:18 pm

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by haco.pk3 »

Sethioz wrote:LOL no, game does not make a temp file, i mean't maybe there is another file for multiplayer data or its compressed or encrypted in memory, maybe thats the reason why i couldn't find it.
but most likely values are different from single player values (like in most games)
Is that file can be .dll ?
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by Sethioz »

as far as i know no game stores data in .dll files. ..actually "command & conquer generals" does. if you want to hack it you need to open generals.dll (or whtever it was) as process, but it does not mean that it stores data in that .dll. it simply runs it as process.

plz read the basics first, do not ask questions that has been explained in the topics which i linked you to already.
i don't have JKA so i dunno where the MP values might be or how exactly MP mode works in there. i already said what i know about JKA based on other games and few of my own tests.
Zabuza
Newbie..
Newbie..
Posts: 5
Joined: Fri Apr 03, 2009 12:59 am

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by Zabuza »

Hey Sethioz, do you have a download available for BobaFett's Hax Toolkit?
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by Sethioz »

never even heard about such thing
Zabuza
Newbie..
Newbie..
Posts: 5
Joined: Fri Apr 03, 2009 12:59 am

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by Zabuza »

Could you explain more on how to do the fly hack please?
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by Sethioz »

i can't remember it, but you can read this topic > Killing Floor hacks discussion
scroll down to my 6th post/reply, where i explained how i would search for the 'freefly'. for sure i know that it is possible in jka, but that was at least 5-6 years ago, if it would work online now, no idea.
Zabuza
Newbie..
Newbie..
Posts: 5
Joined: Fri Apr 03, 2009 12:59 am

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by Zabuza »

Well i found an address, 00977155 , on dedicated basejka, but it doesnt work so i guess free fly doesnt work with jka :/
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy exploits

Post by Sethioz »

that address tells me nothing, because it is different in every game, unless its source address (or how to explain it).
i already said that it does work and been confirmed, but it maybe patched. so test it in unpatched jka, in your own non-dedicated first.
tableg
Newbie..
Newbie..
Posts: 12
Joined: Wed Jun 05, 2013 6:08 am

Re: Star Wars Jedi Knight - Jedi Academy hacks / exploits

Post by tableg »

Per Sethioz request I've moved my discussion from Here to this thread. I've read over the thread before and followed some of the suggestions (as mentioned in my original post).

It seems no one was able to find the exact addresses saber range was set? Every time I think I've found the right address and edit the value, it usually ends up being a value for graphics for the saber or how quickly you can swing the saber for certain moves.

I'd like to revive this discussion and try to solve this mystery. Any assistance would be much appreciated!
tableg
Newbie..
Newbie..
Posts: 12
Joined: Wed Jun 05, 2013 6:08 am

Re: Star Wars Jedi Knight - Jedi Academy hacks / exploits

Post by tableg »

Update: I have found the saberLength property in the saber files (i.e. saber_1.sab). You can manipulate this data in memory. It seems to increase the graphical size of your lightsaber (client side) but also increases the hitbox range. However, when I go onto MP, the addresses change, I have found them and changed the values as well. The lightsaber size increases but it does not increase the range... any ideas?

Table:
Capture.PNG
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy hacks / exploits

Post by Sethioz »

were you able to increase range (hit range) in SP ?
if yes, do a pointer scan for that address.

btw where can i get the game? there's nothing in torrents ... and i can't find my CD with it either. i wanted to re-install it while ago, but blah.
tableg
Newbie..
Newbie..
Posts: 12
Joined: Wed Jun 05, 2013 6:08 am

Re: Star Wars Jedi Knight - Jedi Academy hacks / exploits

Post by tableg »

I did all the debugging in my own MP server, I figured it would be better to skip SP as the addresses are probably different. Maybe that was a mistake? I'm also not familiar with pointer scanning. I'm using CE - would you recommend Tsearch instead? Either way, I found some sort of range for each saber (or hilt), which appeared to alter the hit range. But as I said, it didn't alter hit range on other MP servers. It did however make saber blades look gigantic :). This leads me to believe the actual hit range is stored somewhere else.

Lost my CDs a long time ago as well... I can PM you a drop box link with the images later today.
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy hacks / exploits

Post by Sethioz »

pointer scanning is very good to do, sometimes you can find a general pointer that points to active weapon's address, so you can edit the active weapon and no need to find value for each weapon seperate.
read this article: http://sethioz.com/mediawiki/index.php5 ... ng_Pointer

if there is no way you can find the hit range in MP and you said you hosted your own server, instead of opening game process, open server process and try finding it in there, if you do find it, then its obvious that its server sided.

yes it would be great if you can dropbox it and PM me the link.
tableg
Newbie..
Newbie..
Posts: 12
Joined: Wed Jun 05, 2013 6:08 am

Re: Star Wars Jedi Knight - Jedi Academy hacks / exploits

Post by tableg »

Thanks for the link. I read the article, so basically values don't necessarily exist in the address you find? It will constantly change and that is why you use pointer scanning - to find the address that is actually being read? I'm not sure how to use this as the values I'm changing are two addresses that hold 1 byte each. The range for a single saber is 40. I found the 4 (hex 1byte: 34) and 0 (hex 1 byte: 30). You can change either and it will obviously alter the range. I could just pointer scan the address that holds the first value as the second is not as necessary. Or do I have to group the values somehow?

I noticed that the addresses I found did not exist on the other MP server I tested on, I searched again and found a completely different set of addresses. I wonder if I am just finding one of many dynamic addresses in memory because it didn't seem to have an affect on the hit range once I changed it. It still changed the visual appearance of the saber client side though... maybe I just imagined the hit range increasing on my server but I tested it several times. I was able to hit a frozen npc from farther away than a single saber I did not alter... it just seems weird to me that this value would affect two different aspects of the game (I also checked processes that reference the address, I don't recall seeing anything call it).

Sounds good, I'll PM when I get home later today.
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy hacks / exploits

Post by Sethioz »

you pointer scan the address (right click > pointer scan).
i would start with level 2-3 pointer scan with offset of 150000. in most cases it gives good results, obviously you will have tons of pointers there, this is where you reboot your game and re-scan the pointer, either by value (if you know the value) or find the address again and then re-scan the pointer list, its all explained in article how it works.

so in short, address can change as many times as it wants, but pointer always points to that address, so you don't have to search again. you could go with asm script too, but i prefer pointer scanning, all you do is just few clicks, no need to write code injections.

i can't remember this game so well, does it have different weapon ranges? like pistol is more close range than some rifle ? i mean can you visually and physically confirm that? like trying to hit enemy from certain distance with pistol has no effect, but with rifle you can hit them?
if so, try using those 2 weapons as base, increased / decreased.

also keep in mind, that in some games things don't make sense, if range increases in game, then value decreases (i had similar thing in NFS Shift 2, where something increased in game, but value decreased). so in those cases, i do changed / not changed only, make hotkeys for it so you don't have to alt-tab out of game.
tableg
Newbie..
Newbie..
Posts: 12
Joined: Wed Jun 05, 2013 6:08 am

Re: Star Wars Jedi Knight - Jedi Academy hacks / exploits

Post by tableg »

I have not tested physical range recently. From what I remember, any weapon's projectile will move forward indefinitely until it hits an object. I will confirm though. The weapons all have the same range in the jk3 files. Which means the weapon may not hold the range but the projectile itself (and saber would be some connection to the blade length).

I'm starting to think range is not as easy to find as ammo, weapon speed, etc (values held in one of the jk3 files) but somewhere else in memory in game... hopefully not server side. If you get a chance to look let me know.
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy hacks / exploits

Post by Sethioz »

well something definetely specifies the range, but it might be something that does not change.
or do you have different lenght sabers there?
also even if you have different lenght sabers, value might be static, that there is 1 address for each weapon and you can't find it by searching, because value never changes. so you would have to find weapon stats, then edit it directly.

yeah i got the game downloaded (you can delete it now), not sure if i have time to install it this week. been busy with Resident Evil Revelations and GRID 2 hacking and i wanted to take a look into Bulletstorm too, but Jedi Academy has been in my list for quite some time actually.
tableg
Newbie..
Newbie..
Posts: 12
Joined: Wed Jun 05, 2013 6:08 am

Re: Star Wars Jedi Knight - Jedi Academy hacks / exploits

Post by tableg »

Single sabers have a length of 40, double bladed have a length of 32 per blade. I'm not sure about dual blade - probably 40 per saber. However, this arbitrary value is just for the graphical length. Not sure what the actual hit range value is.

I attempted to contact a fellow hacker on youtube on this video, he just replied today stating he believes the hit range is server side... :\
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy hacks / exploits

Post by Sethioz »

try server side then, open your server as process and try there, see if you find the range, however i don't know how you gonna filter, i don't think that value ever changes.
but give it a try like you do normally, increased / decreased and make sure to hit at least once before searching, so server registers which saber / weapon you have out.
tableg
Newbie..
Newbie..
Posts: 12
Joined: Wed Jun 05, 2013 6:08 am

Re: Star Wars Jedi Knight - Jedi Academy hacks / exploits

Post by tableg »

If it is server side then there isn't much I can do to manipulate it other than on my server.. I've also tried freezing HP. I have done it successfully on my server, tested with a bot. He wasn't able to kill me. But on other MP servers it seems to only affect the HUD display - nothing else.
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Star Wars Jedi Knight - Jedi Academy hacks / exploits

Post by Sethioz »

yes ofcourse, health is always server sided and so is ammo, well there are rare cases, what shocked me, is that AvP2010 (aliens vs predator 2010 / 3) had ammo client sided when it came out, but after i released some hacks in public they patched it. why it was shocking, is that game was released in 2010 with client side ammo lol.
in avp2 there was a possibility to manipulate health, i can't remember exactly, but its on forum. i think it was done via fall damage. there were 2 values.
1. safe distance you can fall from (lets say 500)
2. 100% death distance you can fall from (lets say 2000) - this means that no matter how much health you have, you always die from that distance
trick was to swap them around, making safe distance higher than death distance, so instead of dieing, you gained health when you fell. then you was able to make values really small, so even a small jump gave you loads of health, even tho server controlled your health, it was server that gave you health, because you told server to do so.

This is what i call server manipulation. it's possible to get lot of stuff like that, but its very hard finding something like that.


what i was suggesting, find out if saber range is server side or not.
1. host dedicated server in your pc
2. instead of game.exe open server.exe
3. try finding saber range and change it.

i still haven't installed it, have too many games going on atm.
Post Reply