Fake Ping from Co.exe

Does someone have any idea how to edit co.exe and make it shows up you got 50 ping? i know its fake won't chage nothing from ur gameplay. I know CoAi used to do it before.

Yes you can edit the co.exe through memory to edit the display ping but I believe CoAi
did it through the ping packet.

you can hook _snprintf, the format is "[%s] (%03d,%03d) Ping: %s; Fps: %02d; FpsAver : %02d %02d/%02d/%d %s %02d:%02d"

I found this by ollydbg, but i have no idea how can i edit that line, when i try to whats what shows to me. [Only registered and activated users can see links. Click Here To Register...]

Quote:

Originally Posted by vamfmorbyde I found this by ollydbg, but i have no idea how can i edit that line, when i try to whats what shows to me. [Only registered and activated users can see links. Click Here To Register...]

Either you attach a DLL and hook _snprintf as teroareboss1 said. If you go this path you can check the format against what you expect it to be and make the required modifications. You would need to use va_ functions to process the varying parameter list.

Or you modify Conquer.exe directly with a different format. The URL you provided shows a PUSH instruction. You can right click it and find the "Follow" option under "Goto" (as far as I can remember). That will take you to the actual area of the memory where that format is stored. If you carefully modify the format you can stay within the memory bounds without losing any bit of information.
By using %n with printf (and any other functions alike) you can output nothing at the cost of damaging the given pointer (the function would write the number of characters written up to that point in the pointer provided for that argument) and because %s expect a string which is in fact a char pointer this works out well. More over because the ping is actually an integer the fact that it is provided as a char pointer means the actual ping value would not suffer by using %n.

A valid format would be this:
"[%s] (%03d,%03d) Ping: %n50; Fps: %02d; FpsAver : %02d %02d/%02d/%d %s %02d:%d"

Notice the changes:
"[%s] (%03d,%03d) Ping: %s; Fps: %02d; FpsAver : %02d %02d/%02d/%d %s %02d:%02d"

%02d makes it so only 2 digits would be written but because we don't really care about that we can just remove those characters (0 and 2) and make up for the 5 and 0 we added for the shown ping.

I tried to edit the way you said, "Follow" doesn't show up on that line... If u guys don't mind, coulda make a tutorial about it? I know im asking too much, don't wanna bother you guys... im using ollydbg to do it

Why do you want to edit your ping................................
that's a really shitty private server cancerism.

Only interested on it, yeah i know its crap lol

Quote:

Originally Posted by vamfmorbyde I tried to edit the way you said, "Follow" doesn't show up on that line... If u guys don't mind, coulda make a tutorial about it? I know im asking too much, don't wanna bother you guys... im using ollydbg to do it

Right click on the push instruction then select "Follow in Dump" > "Immediate constant".

That will take you to the memory where the string is stored. The dump area should be in the lower left side of the ollydbg window. You can edit then one character at a time.

Once you finish editing just save the changes to the executable. If you don't know how to do that Google is your friend.