when i try to save my cheats on CE
for example: i scan do speed(no delay), i get my adress bla bla bla....
but i select save that adress and when i try to load (when cabal crash) it wont do it...
can u tell me how to do it?
so everytime cabal crash, i wont need scan all again
ty
Thats because the addresses that your scanning are dynamic and change everytime you start up the client. To fix this, you need to do pointer scans on the addresses holding the value your using - so for ex if you had the level address in EU, you would find the pointer address by doing a "pointer scan" in CE, or using "what accesses this address" and finding the value CE shows as what the pointer is most likely holding, so you know what to search for.
I would google around or something, I'm sure you can find plenty of forums where this is discussed and questions/screenshots are available..
It's not as simple as it seems, it does require a little time and patience if your not used to doing anything but scanning dynamic addresses over and over again each time you start.
Sorry about that post, I wasn't 100% clear about a few things I was going to type, so I held off first to double check. I will upload a short vid on finding the pointer for an address, just because I know how annoying it is to have to keep finding them over and over again.
Code:
http://www.youtube.com/watch?v=wQ89-BQFhI4&hd=1
I put it in code because it keeps embeding the video in 360 p, -.-. Copy n paste it, the 00A483A0 was the pointer, and the [ecx+00004264],eax was where I took the 4264 from for the offset to add to the pointer addy 00A483A0.
Hope that helps.
edit: Thx to omegaarma for releasing the euro fixedmain, because I couldn't do the scans for pointer addys without attaching CE debugger, but since I know what opcode and the structure I'm looking for in the asm, I should be able to figure out the pointers for NA without attaching debugger, which wouldn't have been possible without playing around on fixedmain.
i was trying to put a new thread about this..
well, i actually wanted to find base address for cabal ph..
thing is there is no such tut..though zeke's vid and by the help of sir k9crow, it shown some light but yet it got dimmer a little coz i dunno how to use offsets and such !!
anyways..if u guys can explain it a little more..
it will be just great..pls pls hehe..well if u cant then thats fine with me as well
i was trying to put a new thread about this..
well, i actually wanted to find base address for cabal ph..
thing is there is no such tut..though zeke's vid and by the help of sir k9crow, it shown some light but yet it got dimmer a little coz i dunno how to use offsets and such !!
anyways..if u guys can explain it a little more..
it will be just great..pls pls hehe..well if u cant then thats fine with me as well
Just pause the video and go over it a few times, It would probably help'd if you could see my mouse, but anyway just find whatever address you want for a certain function, best to choose was level as in the video as its pretty straight foward, Click What writes this address, then level up so that your level changes while the debugger is attached and the opcode is being displayed for the level address. After you get the opcodes when you level up, the offset is shown mov [eax+00004264],ecx
You know that 4264 is the offset for the pointer "00A483A0" for that dynamic address "0657C2AC", so you double click "0657C2AC" and then Checkbox "pointer" paste pointer address "00A483A0" then in offset type 4264. The pointer address "00A483A0" has a bunch of pointers listed besides the "mov [eax+00004264],ecx", which you could see if you had taken the address that "mov [eax+00004264],ecx" is located at and browsing memory, in this case in the opcode window that displays the offset right after I level up in the video "006135a0". Once you browse the memory region of that offset you can see there is a bunch of offsets listed there all for that one pointer address "00A483A0".
This screenshot is not from the video, but a separate time when I was looking for the pointer and offset for level, You can see the offsets in yellow/green, all for the same pointer in pink. To open and change the dynamic address you scanned, double click it then Check the pointer box as mentioned above, about "base" address, I don't know what you mean, base for what? This one pointer acts like a base address for a bunch of offsets that point to the dynamic addresses that changes everytime you start the client. once added to pointer successfully it changed from "0657C2AC" to "P->0657C2AC".
Cant really explain much else, I don't understand much of the ASM either, I just figured I'd explain what I do understand, I went through and added each offset for that one pointer, most of the functions I already had found before but its good to add the pointer so I won't ever have to scan back for them unless theres some updates/content changes to the .exe.
I'm assuming your pointer+offset would be very similiar, if not the same in the case for the offset (4264) for level.. have you tried browsing memory in the "007dbdf5" area in CE, scroll up/down looking for the same opcode displayed above where it shows this same pointer and a bunch of different offsets for that same pointer. Your pointer might be different but not that much, for example the pointer for NA was 00A493A0 while the EU pointer was 00A483A0, both had the same offsets for all the functions like combo, no skill delay(dance), level, ect ect ect..
There is probably some different pointers for GM/AOE though, because I added every offset I could find for that one pointer, lol xD. I attached a cheattable file with all the pointer/offset for NA version from that one pointer "00A493A" that I could find anyway, maybe there is more in a different region, open it and then you will browse memory at 007DBDF5 then find your pointer which would look like "00A483A0" or "00A493A0", might be a little different but in that general region you should see it pretty quickly, take that new address whatever the PH version is, and double click the Level address thats already saved in the cheat table, you can see the offset and base address added that are for NA, just change the base addy to whatever you can find around "007DBDF5" that resembles the EU/NA variant for level pointer, n the other common functions.
I guess if your level/walkspeed and all those dynamic addresses that are in the same memory region are 06500000 or higher, the further the base address would be from NA/EU, but these two versions are pretty close, assuming that since the offsets for the functions are the same.
edit: added EU table, so you can see the difference in pointer base addy, but similarity in offsets by double clicking the P-> addys. CabalMain.rar = NA, CabalMainEU = EU.
edit#2: updated CabalMainEU.rar file to include pointers for basic map addresses, will do NA later when I get time.
edit#3: Wrong cabalmain.ct file uploaded for NA, sorry got so many .ct files named cabalmain in diff folders, That one wasn't related to the pointers at all, please re-dl, lmao.
about "base" address, I don't know what you mean, base for what?
well i was wondering if i can have SP (regen or just merely editing) hack or other hacks..
though u mentioned here
Quote:
Originally Posted by zeke____
This one pointer acts like a base address for a bunch of offsets that point to the dynamic addresses that changes everytime you start the client.
so (well in my point of thinking) i nid to find each address (for all hacks) carefully so that i can more or less edit its offset to lessen my time of scanning..or is it the other way around? well anyways..the reason i got this "BASE" address thing on how to find it and how to edit it is bcoz of this thread
err..i thought its easy to find it though i've seen how to use offsets..
cant seem to find a particular address to use this offsets for other hacks..hope u and boss k9crow may understand my english..it sucks most of the time
You can tell already that the offsets in that thread for EP2 are old, because the level offset for NA/EU is 4264. I don't know if theres a way to get those working to be honest but, I imagine all those offsets are in the same region as the "00A483A0" pointer was ("007DBDF5") <- I would browse memory here and spend few hours looking for alternate pointers with offsets instead of just adding all the ones I could find for "00A483A0".
I don't know if you can actually use that EP2 stuff at all, its really outdated..
Also I haven't tried any of the other pointers in that region, so I'm sure theres other functions I can find if I spend enough time just adding offsets that I can find to other pointers... Just tedious. About SP regen, its server sided the only regen you can do is dance, I don't know about making it regen faster by somehow bypassing client rank up checks, or making it think your higher rank so it gives SP faster, but thats bout all I can think of for that...I wouldn't dwell on the sp hack too much, chances are you won't find anything in relation to the pointers for SP regeneration.
Quote:
Originally Posted by ibonehj15
so (well in my point of thinking) i nid to find each address (for all hacks) carefully so that i can more or less edit its offset to lessen my time of scanning..or is it the other way around? well anyways..the reason i got this "BASE" address thing on how to find it and how to edit it is bcoz of this thread
err..i thought its easy to find it though i've seen how to use offsets..
cant seem to find a particular address to use this offsets for other hacks..hope u and boss k9crow may understand my english..it sucks most of the time
The pointer your looking for depends on what the normal (dynamic) address is, just by knowing that its "0657C2AC" for level in that video, and you know that walkspeed, class, class level and a few other things are all in that same "0657XXXX" memory region, you know the pointer address is going to be very close if not the exact same, with just a offset difference.
The pointer your looking for depends on what the normal (dynamic) address is, just by knowing that its "0657C2AC" for level in that video, and you know that walkspeed, class, class level and a few other things are all in that same "0657XXXX" memory region, you know the pointer address is going to be very close if not the exact same, with just a offset difference.
that answers it..now browsing memory regions and how to set offsets..
well i'll try to learn it though sad to hear that sp regen/hack cant be visible..
Btw I added Cabalmain.ct for NA again, because somehow I uploaded wrong one, and it was just a chan menu one that I was testing with, didnt even have any pointers ROFL. Sorry about that. I was wondering why it was so small compared to EU one I just finished, Again apologies.
Quote:
Originally Posted by ibonehj15
that answers it..now browsing memory regions and how to set offsets..
well i'll try to learn it though sad to hear that sp regen/hack cant be visible..
Yea, well I'm not the last word on that I don't know whats possible with modifying .exe itsself, or packets maybe. I barely can get my .ct files straight before uploading Lol, total *** feeling now, I dld it wondering why it was so small, sure enough wasn't even the right cabalmain.ct -.-.
Ill finish the basic map addys pointers real quick so I dont have to mess with re-uploading anymore.
edit: added all the ones I could find for NA, EU is more complete with the map addys as I was able to get the pointers easier, NA I couldn't use debugger so it was a little more difficult for a few of the addys (GPS Map addy ect) but I added the main fusing one anyway.
Script, Stupid question and Second Stupid Question 02/20/2010 - Mabinogi - 10 Replies Script:
Since the search function fails (or maybe i do but ive tried several searches) im looking for a cor exploration script, any chance of getting one on here or a link to somewhere that i can find one?
Stupid question:
Ive seen people using a glitch to get into the rafting river, how is this actually done?
Second stupid question (live with it):
Since ive been playing longer than playing dead and stone throw have been out and theres the issue of the bug which means i cant get it (as...
Is this a stupid question? 12/22/2009 - Grand Chase Philippines - 11 Replies Guys im new here and i want to ask a question. How yo get kamiki's horn? I tried it for 50 times but still nonne pls reply
really stupid question 09/30/2008 - Dekaron - 6 Replies can u go to draco on foot at lvl 15 or so either thru norak or casper? Wanted to know, to avoid auto ban...if there is still one.
Stupid question 04/14/2008 - Conquer Online 2 - 1 Replies OK this is a stupid question, but how do you use shift screen, and how does it work??????????????????????????????:confused::confu sed::confused:
I barely can get my .ct files straight before uploading Lol, total *** feeling now, I dld it wondering why it was so small, sure enough wasn't even the right cabalmain.ct -.-.
