Right... how bout for English client :p
Memory address of cyclone
06/06/2008 22:23
hok30#16
06/07/2008 00:00
Some-Guy#17
You'll have to find the address in memory which stores the latest timestamp related to your jumps and make sure it's over 500, best bet would be to freeze it at 1000 or so.
Also @ Lateralus you could make a proxy to do that, but you'd need to crack the new encryptions used. Unless the spanish client didn't get that update.
Also @ Lateralus you could make a proxy to do that, but you'd need to crack the new encryptions used. Unless the spanish client didn't get that update.
06/07/2008 03:55
Lateralus#18
I understand that.. But how in the WORLD can I find the timestamp related to jumps? That's where I'm stuck. :PQuote:
You'll have to find the address in memory which stores the latest timestamp related to your jumps and make sure it's over 500, best bet would be to freeze it at 1000 or so.
Also @ Lateralus you could make a proxy to do that, but you'd need to crack the new encryptions used. Unless the spanish client didn't get that update.
06/07/2008 18:44
shitboi#19
easiest way to find speedhack(or any other values) address for foriegn clients is to make a reference to maglobal.inf
Firstly, find out the difference between addresses of a simple to find value(say, money you have), and the value you want to locate(in this case, char mode/speedhack).
In this example i am refering to maglobal.inf 5016(lazy to update)
MoneyInv=&H50BBF4
CharEffects=&H50ADF6
do a hex calculation, BBF4 - ADF6 = DFE
So the difference between money address and char address is DFE.
Now log into your foriegn client. find the address for money, i am sure even a retard can do that without much prob. Substract DFE from the address for money and you will get your cyclone address. You will know what to do with other addresses.
However, this doesn't work for certain addresses. Then you will have to find it the traditional way.
As for timestamp thingy, i have no idea what is going on. I'd like to learn more about it.
Firstly, find out the difference between addresses of a simple to find value(say, money you have), and the value you want to locate(in this case, char mode/speedhack).
In this example i am refering to maglobal.inf 5016(lazy to update)
MoneyInv=&H50BBF4
CharEffects=&H50ADF6
do a hex calculation, BBF4 - ADF6 = DFE
So the difference between money address and char address is DFE.
Now log into your foriegn client. find the address for money, i am sure even a retard can do that without much prob. Substract DFE from the address for money and you will get your cyclone address. You will know what to do with other addresses.
However, this doesn't work for certain addresses. Then you will have to find it the traditional way.
As for timestamp thingy, i have no idea what is going on. I'd like to learn more about it.
06/07/2008 22:25
Lateralus#20
AH, I understand! Much thanks!!!!!!!!Quote:
Firstly, find out the difference between addresses of a simple to find value(say, money you have), and the value you want to locate(in this case, char mode/speedhack).
In this example i am refering to maglobal.inf 5016(lazy to update)
MoneyInv=&H50BBF4
CharEffects=&H50ADF6
do a hex calculation, BBF4 - ADF6 = DFE
So the difference between money address and char address is DFE.
Now log into your foriegn client. find the address for money, i am sure even a retard can do that without much prob. Substract DFE from the address for money and you will get your cyclone address. You will know what to do with other addresses.
However, this doesn't work for certain addresses. Then you will have to find it the traditional way.
As for timestamp thingy, i have no idea what is going on. I'd like to learn more about it.
06/08/2008 00:20
shitboi#21
So, no pros is going to explain timestamp? lol
06/08/2008 01:37
IAmHawtness#22
That's exactly what I'm waiting on. I keep looking for this thread when I go here, hoping to see some post that explains the timestamp things:(Quote:
06/08/2008 01:42
hartoman#23
many thx that was vry infrmative i thank u from pits of my hart :bow: :bow:
:hearts and kisses:
:hearts and kisses:
06/08/2008 05:43
shitboi#24
hmmmm, i'll suggest this method. though i am very doubtful it will work. but here it goes.
Firstly, since that timestamp can be done client side, there has to be a way to locate it.
In normal conditions, the timestamp thingy is set to (eg) X. When cyclone activates, timestamp will be set to X+Y where Y is TQ programmer defined. When cyclone is over, it will be set back to X.
So, by doing a search for unknown value -> changed value -> initial value, it should give us a proper result. However, there are problems like, unknown type, and address not within the memory declaration of Conquer.exe (should be within, lmao)
Firstly, since that timestamp can be done client side, there has to be a way to locate it.
In normal conditions, the timestamp thingy is set to (eg) X. When cyclone activates, timestamp will be set to X+Y where Y is TQ programmer defined. When cyclone is over, it will be set back to X.
So, by doing a search for unknown value -> changed value -> initial value, it should give us a proper result. However, there are problems like, unknown type, and address not within the memory declaration of Conquer.exe (should be within, lmao)
06/08/2008 13:07
Some-Guy#25
The timestamp stores the amount of time between each jump, if this is less than a certain value it is allowed, if it is not then you are disconnected (set amount stored server side).Quote:
06/08/2008 15:52
Lateralus#26
I have an idea, but I'm about to leave to go somewhere.. Can someone possibly find out for me?
My idea - search for unknown value, use cyclone and jump, search for increased value.. when cyclone ends, jump and search for decreased value until you are limited to only a few addresses.
My idea - search for unknown value, use cyclone and jump, search for increased value.. when cyclone ends, jump and search for decreased value until you are limited to only a few addresses.
06/08/2008 16:05
UPSman2#27
problem is time stamp doesn't increase, its the same value since its like
if jump < 1 second then disconnect
if jump < 1 second then disconnect
06/08/2008 16:22
Lateralus#28
Breakpoint?Quote:
if jump < 1 second then disconnect
06/08/2008 21:52
shitboi#29
Yeti told me that is it's actually a series of asm codes injected into conquer process. -.-?(i don't know what i am talking here, lol)
He did say it can be done by writing array-of-byte values to -->2<-- addresses. But didn't mention how the address is to be located. This timestamp thingy should be a kiddy thing for those who reverse engineered co. lol. Help!!! omfg..
He did say it can be done by writing array-of-byte values to -->2<-- addresses. But didn't mention how the address is to be located. This timestamp thingy should be a kiddy thing for those who reverse engineered co. lol. Help!!! omfg..
06/08/2008 22:01
Lateralus#30
Ok, this brings up more questions. How will we know what arrays to write to it?Quote:
He did say it can be done by writing array-of-byte values to -->2<-- addresses. But didn't mention how the address is to be located. This timestamp thingy should be a kiddy thing for those who reverse engineered co. lol. Help!!! omfg..
Lol @ kiddy thing for those who reverse engineered conquer. *sigh*...