[TUT] How to Search and Change Offset IN .CT File

Instructions:

Step 1: First, Start the Game. Next Log on U Character. Now, Run CHEAT ENGINE and Select the Process dekaron.exe and Open it..


Step 2: Open the Memory View and Set All Options, Offstes as U See on MY Screenshot.




The First Method of Finding the Right Offsets Using Memory View -> Search -> Assembly Scan.

Instructions:

* The Codes Need to Assemble Scan:

Auto Pots Hack->->cmp dword ptr [eax+08],13
Non Agro Hack->->movzx eax,word ptr [esi+00000154]
Vac Hack->->mov edx,[eax+1c]
Speed Hack->->fld dword ptr [eax+08]
Range Hack->->mov [ecx+000000a8],al
Map Hack->->movzx ebx,word ptr [eax+00000104]
[GM] Command Hack->->mov eax,[eax+000000a8]
Zoom Hack->->movss xmm0,[edi+04]
[GM] Detect Script Hack->->mov [esi+0c],00000000
Far Eye Hack->->mov ecx,[eax+08]
Store Hack->->mov al,[ecx+08]
Elusive Hack->->mov ecx,[eax]
Wall Hack->->LEA EDI,DWORD PTR SS:[ESP+88]
Mob Speed Hack->->cmp byte ptr [esp+04],00
LVL Hack->->movzx eax,word ptr [eax]
Detect Player Hack->->mov [esi+0c],00000000

Step 1: Open Memory View Click Search and Find Assembly Code IN the Window That Will Show US Enter One of The Codes. For Example I Search Auto Pots Hack Offset Enter the Code and Click OK.


Step 2: In the New Window that Shows US After WE Click OK U See the Search Result or Results. As U Can See in the Screenshot Our Code Matches One Offset in this Example. Replace Old Offstet to New and U Have Acting Auto Pots Hack.


Step 3: If WE Have More Offsets in SEARCH RESUL WE Check the Old Hack Offset Set in the Script and Check in Search Window
Closest Offset to the Original. For example, the Speed Hack Have a Few Offstes. Check Old Offset in Script so Now WE Know the Old Offset is 007xxxxx to Find Proper Offset WE Check ALL 007xxxxx One After the Other. Here WE have Easily Only One Offset 007xxxxx Mach.




The Second Method of Finding the Right Offsets Using CHEAT ENGINE -> Array of Bytes Scan.

Instructions:

* The HEX Value Need to Array of Bytes Scan:

Auto Pots Hack->->83 78 08 13 0F 84
Non Agro Hack->->0F B7 86 54 01 00
Vac Hack->->8B 50 1C 89 51 20
Speed Hack->->D9 40 08 5F 5E C3
Range Hack->->8A 44 24 04 88 81
Map Hack->->0F B7 98 04 01 00
[GM] Command Hack->->8B 80 A8 00 00 00
Zoom Hack->->F3 0F 10 47 04 EB
[GM] Detect Script Hack->->C7 46 0C 00 00 00 00 89 47 04
Far Eye Hack->->8B 48 08 8B 50 04 51 8B 4C 24
Store Hack->->8A 41 08 C3 CC CC CC CC CC CC CC CC CC CC CC CC 8B 0D
Elusive Hack->->8B 08 8B 50 04 89 4C 24 20
Wall Hack->->8D BC 24 88 00 00 00
Mob Speed Hack->->80 7C 24 04 00 74 06 D9 40 70
LVL Hack->->0F B7 00 50 83 EC 1C 8B
Detect Player Hack->->C7 46 0C 00 00 00 00 89 47 04 5F B0 01 5E C2 04

Step 1: In Open CHEAT ENGINE Enter One of the Above HEX Value. Click First Scan. For Example I Search for Vac Hack Offset.


Step 2: U Can See On the Screenshot Our HEX Value Match One Offset in this Example. Replace Old Offstet to New and U Have Acting Vac Hack.



Instructions:

Step 1: Run CHEAT ENGINE and Open .CT File witch HACK's.


Step 2. For Example, Auto Pots HACK.. Click the Right Mouse Button ON the Auto Pots HACK and Click Change Script.


Step 3. In the New Window that Will Open..I Noted the OLD Offset 0052D83F.


Step 4. Wich I REPLACE a NEW Offset 0052A05F and Click OK.


Step 5. Now Just Save the Changes and Enjoy. Auto Pots HACK WILL Work Again.


* Do The Same Way With the Other HACK's in .CT File.

# deleted posts from all users (requested by Leviathan, he wants to hold this thread clean)

HOLY SH1T that must of took an hour or 2, and he only wants people's flame deleted, not theyr posts

No no, he told me to clear up the whole thread. Delete all posts.
And it took me something around 20-30 seconds? 2 hours xD

He requested me to do so too, but I didn't want to ruin the discussion.

I actually think that thread owners should be allowed to delete other people's posts (when granted the power, to manage a specific post, by a mod)

the only problem is that some people might misuse this even if the mods trust them

P.S. Ill the link of this thread to my LIST

ابي هكر

the fareye's array is wrong .

@samisu1
what format is that?

@strong mind
no the array is fine as well as the op-code

yea nvm i figured that out ;) .. btw samisu1 is saying he wants hacks lol.
its arabic ;)

thnx dude

Umm no offence but didn't that VxWxV guy post the exact same tut like this before? And what ever happend to him, lol...

P.S: Oh yeah your's just has a little more pictures....

He is \/xWx\/..

I have a prob when I'm using the vac hack,the monsters are just moving really fast in circles,they don't attack me,but they don't follow me either :/

Non Agro is probably bugged you can't find an address using both of these methods.

Here is the script that I'm using,found it in one of the many topics,i thought they were all the same..

[ENABLE]
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)

00450BCD:
jmp newmem
nop
returnhere:

newmem:
//DwExploreRange eax
mov [eax+08],00000020//DwSight eax+08
mov [eax+04],00000020//DwPersuitRange eax+04
//DwAvoidRange eax+0C
mov [eax+10],00000064//DwExploreStandDelay eax+10
mov [eax+14],00000064//DwExploreMoveDelay eax+14
mov [eax+18],00000064//DwStandDelay eax+18
mov [eax+1C],00000064//DwMoveDelay eax+1C
//DwFollowMyMasterRange eax+20
//DwStopMasterNear eax+24
//DwWarpMyMasterRange eax+28
mov [eax+2C],00000064//DwCallTeamPossibelHP eax+2C
mov [eax+30],00000020//DwCallTeamCount eax+30
mov [eax+34],00000000//DwBlockNFirstAttack eax+34//mov [eax+38],00000020//dwCallTeamCell byte[eax+38]
//dwFollowTarget eax+3C
//dwSpecialAttackStartHP
//dwSpecialMeleeAttackRate
//dwSpecialRangeAttackRate
//DwPowerAttacjStartHP
//dwPowerMeleeAttackProbable
//dwPowerRangeAttackProbable
//mov [eax+40],00000000//DwUnderAttackAggro eax+40
//mov [eax+44],00000000//DwMeleeAttackRangeInAggro eax+44
//mov [eax+48],00000000//DwRangeAttackRangeInAggro eax+48
//DwSightInAggro eax+4C
//DwDefeatAggro eax+50
mov [eax+54],00000000//DwBlockedAggro eax+54
mov [eax+58],00000000//DwSlideAggro eax+58
mov [eax+5C],00000000//DwHealAggro eax+5C
//DwMasterUnderAttackAggro eax+50
//DwMasterDefeatAggro eax+54
//DwMasterBlockingAggro eax+58
//DwMasterSlideAggro eax+5C
//DwCOmplusionUnderAttackAggro eax+60
//dwMaxSummonsMonsterCount eax+64
//dwReSummonsMonsterTick eax+68
//dwMaxSummonsMonsterRange eax+6C
//dwSummonsStartPcCountPatternType eax+70

originalcode:
mov edx,[eax+1c]
mov [ecx+20],edx


mov edx,99 // number spawn
mov [eax+8c],edx

mov edx,00 // time delay spawn
mov [eax+90],edx

mov edx,99 // # follow monster
mov [eax+3C],edx

//mov [ecx+20],edx // # follow my master
exit:
jmp returnhere


[DISABLE]
dealloc(newmem)
00450BCD:
mov edx,[eax+1c]
mov [ecx+20],edx

are the code to used to search for new offset same to all dekaron servers?