im sure someone else post this already. finding offsets are very easy.
1.Run the bypass and select dekaron.exe (make sure u update your 2moons to latest patch!).
2.When your 2moons application is running, open cheat engine.
3.click the small computer icon at the top left, Find dekaron.exe and click Open
Now updating the offsets
1.Click drop down list icon at "Value type" and pick "Array of Bytes"
[Only registered and activated users can see links. Click Here To Register...]
2. Copy & paste an array of bytes
array of bytes list!!!
Zoom: D9 47 04 D9 44 24 28 83 C4 08
Fareye: 8B 48 08 8B 50 04 51 8B 4C 24
Shop Hack: 8A 41 08 C3 CC CC CC CC CC CC CC CC CC CC CC CC 8B 0D
Auto Pot: 83 78 08 13 0F 84
Wallhack: 8d bc 24 88 00 00 00
Maphack: 0F B7 98 04 01 00
Skill Hack 1/2: :D
Skill Hack 2/2: :bandit:
No Aggro: 0F B7 86 54 01 00
Speedhack: 80 7C 24 04 00 74 06 D9 40 70
GM Alert: C7 46 0C 00 00 00 00 89 47 04
Drako Hack (1st address): 89 56 10 8B 48 0C 89 4E 14 8B
Drako Hack (2nd address): 89 0E C1 EA 10 F3 0F 11 46 08
Elusive Hack: 8B 08 8B 50 04 89 4C 24 20
Range Hack (option 1): 8A 44 24 04 88 81
Range Hack (option 2): 88 81 A8 00 00 00 C2 04 00 CC CC CC 8D 81 AC 00 00 00 C3 CC CC CC CC CC
3.click new scan and the offsets code will show up at left
[Only registered and activated users can see links. Click Here To Register...]
4.and there u have it the new offsets
there is another way to finds offsets using auto assemble (Memory view->Assembly scan).
so if u want to try this method here are some codes
Auto POTS-> cmp dword ptr [eax+08],13
Non AGRO-> movzx eax,word ptr [esi+00000154]
Vac HACK-> mov edx,[eax+1c]
Speed HACK-> fld dword ptr [eax+08]
Range HACK-> mov [ecx+000000a8],al
Map HACK-> movzx ebx,word ptr [eax+00000104]
GM HACK-> mov eax,[eax+000000a8]
Zoom HACK-> movss xmm0,[edi+04]
HERE are some scripts im using(5.1.5) maybe i will post how to make scripts next time
WALL
[ENABLE]
alloc(blah,1024)
label(return)
007657E3://array of bytes 8d bc 24 88 00 00 00
JMP blah
NOP
NOP
return:
blah:
LEA EDI,DWORD PTR SS:[ESP+88]
CMP DWORD PTR DS:[EAX+402],5F626577
JE return
MOV DWORD PTR DS:[EAX+402],5F626577
MOV DWORD PTR DS:[EAX+406],67616D69
MOV DWORD PTR DS:[EAX+40A],616D2E65
MOV DWORD PTR DS:[EAX+40E],00000063
JMP return
[DISABLE]
dealloc(blah)
00765B53://array of bytes 8d bc 24 88 00 00 00
LEA EDI,DWORD PTR SS:[ESP+88]
POTS
[ENABLE]
alloc(newmem,1024)
label(returnhere)
label(originalcode)
label(exit)
label(check_mana)
label(finished_check)
0052D6BF: //83 78 08 13 0F 84
jmp newmem
nop
nop
nop
nop
nop
returnhere:
newmem:
originalcode:
cmp dword ptr [eax+08],01 // checking for HP pot?
jne check_mana
mov dword ptr[eax+08],11 // change to auto pot
mov dword ptr[eax+10],11
check_mana:
cmp dword ptr [eax+08],02 // checking for MP pot?
jne finished_check
mov dword ptr[eax+08],12 // change to auto pot
mov dword ptr[eax+10],12
finished_check:
cmp dword ptr [eax+08],13
je 0052d13a
exit:
jmp returnhere
[DISABLE]
dealloc(newmem)
0052D09F:
cmp dword ptr [eax+08],13
db 0F 84 91 00 00 00
GM TELE
[ENABLE]
alloc(newmem,2048) //2kb should be enough
label(returnhere)
label(originalcode)
label(exit)
004EB9C3:
jmp newmem
nop
returnhere:
newmem:
originalcode:
mov eax,00000002
exit:
jmp returnhere
[DISABLE]
mov eax,00000002
They should all work not the best scripts but decent:p
1.Run the bypass and select dekaron.exe (make sure u update your 2moons to latest patch!).
2.When your 2moons application is running, open cheat engine.
3.click the small computer icon at the top left, Find dekaron.exe and click Open
Now updating the offsets
1.Click drop down list icon at "Value type" and pick "Array of Bytes"
[Only registered and activated users can see links. Click Here To Register...]
2. Copy & paste an array of bytes
array of bytes list!!!
Zoom: D9 47 04 D9 44 24 28 83 C4 08
Fareye: 8B 48 08 8B 50 04 51 8B 4C 24
Shop Hack: 8A 41 08 C3 CC CC CC CC CC CC CC CC CC CC CC CC 8B 0D
Auto Pot: 83 78 08 13 0F 84
Wallhack: 8d bc 24 88 00 00 00
Maphack: 0F B7 98 04 01 00
Skill Hack 1/2: :D
Skill Hack 2/2: :bandit:
No Aggro: 0F B7 86 54 01 00
Speedhack: 80 7C 24 04 00 74 06 D9 40 70
GM Alert: C7 46 0C 00 00 00 00 89 47 04
Drako Hack (1st address): 89 56 10 8B 48 0C 89 4E 14 8B
Drako Hack (2nd address): 89 0E C1 EA 10 F3 0F 11 46 08
Elusive Hack: 8B 08 8B 50 04 89 4C 24 20
Range Hack (option 1): 8A 44 24 04 88 81
Range Hack (option 2): 88 81 A8 00 00 00 C2 04 00 CC CC CC 8D 81 AC 00 00 00 C3 CC CC CC CC CC
3.click new scan and the offsets code will show up at left
[Only registered and activated users can see links. Click Here To Register...]
4.and there u have it the new offsets
there is another way to finds offsets using auto assemble (Memory view->Assembly scan).
so if u want to try this method here are some codes
Auto POTS-> cmp dword ptr [eax+08],13
Non AGRO-> movzx eax,word ptr [esi+00000154]
Vac HACK-> mov edx,[eax+1c]
Speed HACK-> fld dword ptr [eax+08]
Range HACK-> mov [ecx+000000a8],al
Map HACK-> movzx ebx,word ptr [eax+00000104]
GM HACK-> mov eax,[eax+000000a8]
Zoom HACK-> movss xmm0,[edi+04]
HERE are some scripts im using(5.1.5) maybe i will post how to make scripts next time
WALL
[ENABLE]
alloc(blah,1024)
label(return)
007657E3://array of bytes 8d bc 24 88 00 00 00
JMP blah
NOP
NOP
return:
blah:
LEA EDI,DWORD PTR SS:[ESP+88]
CMP DWORD PTR DS:[EAX+402],5F626577
JE return
MOV DWORD PTR DS:[EAX+402],5F626577
MOV DWORD PTR DS:[EAX+406],67616D69
MOV DWORD PTR DS:[EAX+40A],616D2E65
MOV DWORD PTR DS:[EAX+40E],00000063
JMP return
[DISABLE]
dealloc(blah)
00765B53://array of bytes 8d bc 24 88 00 00 00
LEA EDI,DWORD PTR SS:[ESP+88]
POTS
[ENABLE]
alloc(newmem,1024)
label(returnhere)
label(originalcode)
label(exit)
label(check_mana)
label(finished_check)
0052D6BF: //83 78 08 13 0F 84
jmp newmem
nop
nop
nop
nop
nop
returnhere:
newmem:
originalcode:
cmp dword ptr [eax+08],01 // checking for HP pot?
jne check_mana
mov dword ptr[eax+08],11 // change to auto pot
mov dword ptr[eax+10],11
check_mana:
cmp dword ptr [eax+08],02 // checking for MP pot?
jne finished_check
mov dword ptr[eax+08],12 // change to auto pot
mov dword ptr[eax+10],12
finished_check:
cmp dword ptr [eax+08],13
je 0052d13a
exit:
jmp returnhere
[DISABLE]
dealloc(newmem)
0052D09F:
cmp dword ptr [eax+08],13
db 0F 84 91 00 00 00
GM TELE
[ENABLE]
alloc(newmem,2048) //2kb should be enough
label(returnhere)
label(originalcode)
label(exit)
004EB9C3:
jmp newmem
nop
returnhere:
newmem:
originalcode:
mov eax,00000002
exit:
jmp returnhere
[DISABLE]
mov eax,00000002
They should all work not the best scripts but decent:p