Jump to content

Question

Posted (edited)

Here's the problem:
I succeeded in finding the address of the value I wanted to change through the field offset finder, changing it, and confirming that it applies to the game.

Field Offset Finder (#yyzay1k)

(thanks to @Rxhacker for cool script)

However, if I end the matching and back into the another match, the address changes and the value I changed becomes useless, so I have to find it again.
Instead of shutting down the game completely and turning it back on, the problem arises just by leaving and rejoin the match in the game. Whether it's online or offline.
This is not a matter of freezing or incorrect offset. Literally, the address for that method has been changed and is not applied.

For example, if the address of the range of weapons was ABCDEF before, the address changed to ABFFFEF when it went out of the matching and came in, and it became useless to modify ABCDEF.
I don't know if I explained it well, please let me know if you don't understand.

So, why does this happen? Is there any way to solve the problem?

Edited by qwer098

14 answers to this question

Recommended Posts

  • 0
Posted (edited)
19 hours ago, qwer098 said:

Here's the problem:
I succeeded in finding the address of the value I wanted to change through the field offset finder, changing it, and confirming that it applies to the game.

Field Offset Finder (#yyzay1k)

(thanks to @Rxhacker for cool script)

However, if I end the matching and back into the another match, the address changes and the value I changed becomes useless, so I have to find it again.
Instead of shutting down the game completely and turning it back on, the problem arises just by leaving and rejoin the match in the game. Whether it's online or offline.
This is not a matter of freezing or incorrect offset. Literally, the address for that method has been changed and is not applied.

For example, if the address of the range of weapons was ABCDEF before, the address changed to ABFFFEF when it went out of the matching and came in, and it became useless to modify ABCDEF.
I don't know if I explained it well, please let me know if you don't understand.

So, why does this happen? Is there any way to solve the problem?

Is this for a script your making?

Is the value static during the match?

4 hours ago, under_score said:

Offsets.     

It's not the issue though.

Edited by Platonic
  • 0
Posted
4 minutes ago, Platonic said:

Is this for a script your making?

Is the value static during the match?

 

If possible, I'm thinking of creating a script, but I'm holding it for now. It takes a lot of effort to find the exact value, so I don't think I can afford to think about the script.
I'm not sure the value is static, but I can show you the video
Please check the link below...

Script I used in the video is this : 

Field Offset Finder (#yyzay1k)

 

  • 0
Posted (edited)
41 minutes ago, qwer098 said:

 

If possible, I'm thinking of creating a script, but I'm holding it for now. It takes a lot of effort to find the exact value, so I don't think I can afford to think about the script.
I'm not sure the value is static, but I can show you the video
Please check the link below...

Script I used in the video is this : 

Field Offset Finder (#yyzay1k)

 

Scripting this should be doable. The only issue usually is refining till you get only one result. There are two methods you could try.

One is copying the data of that specific gun and allocating that data at a read and write page with your own modified values and then setting the pointer that point to the start of your gun class equal to the start of the gun class which you have allocated. Its not a guarantee it works but it could prevent you from having to search the value all over again. But it could as well be that your game is crashing. See here for an example

Eitherway you need to script it.

Second method you can take from nok1a's script. We use the start of a char in the metadata.dat and pointer search it till the region Anonymous and set or required parameters. Then you also need to find a value that indicates when the match is finished or not. I need to do that as well for the game Tower of Fantasy. 

I believe the class your editing has a field as weapon ID's. Each weapon should be different. You can filter based on that. So that eventually all that would be left is the desired value that you would like to modify.

Actually i don't even think you need to refine to one result. Its possible that all the results you got was for different weapon ID's

42 minutes ago, qwer098 said:

 

If possible, I'm thinking of creating a script, but I'm holding it for now. It takes a lot of effort to find the exact value, so I don't think I can afford to think about the script.
I'm not sure the value is static, but I can show you the video
Please check the link below...

Script I used in the video is this : 

Field Offset Finder (#yyzay1k)

 

Nice cheat btw.

Edited by Platonic
  • 1
Posted

@PlatonicThank you for your reply. It doesn't seem easy, but I'll try.
The reason I had to refine the value was that if we changed all of those values, the game would crash every time I went into the next match. So we needed to find one exact value, and it was a problem that occurred in the process.

19 minutes ago, Platonic said:

Nice cheat btw.

I'm glad you like it. I was just lucky.

  • 0
Posted
1 hour ago, qwer098 said:

@PlatonicThank you for your reply. It doesn't seem easy, but I'll try.
The reason I had to refine the value was that if we changed all of those values, the game would crash every time I went into the next match. So we needed to find one exact value, and it was a problem that occurred in the process.

I'm glad you like it. I was just lucky.

Did you check the class: WeaponManager 

?

  • 0
Posted
5 minutes ago, Platonic said:

Did you check the class: WeaponManager 

?

 

No, I didn't know until you told me. It is highly obfuscated, so I should check with the 16.6.1 version of il2cpp. Thank you.

+ If WeaponSounds had a function about how weapons work, it seems that WeaponManager contains information about each weapon.

  • 0
Posted

It doesn't matter if its obfuscated or not. The objective would be to find a pointer that always point to your desired weapon. Here is a video example (you want to disable the sound, i recorded sound by accident). Where it shows it always finds your gun. Without needing to do everything all over again. Regardless of leaving a match. 

So can you kind of picture how you would have to script it?

 

Manually the value is not efficient ti use for edit, but when you script it, it is better then the other option of pointer searching again and again because you actually don't need to search anything. 

  • 0
Posted
50 minutes ago, Platonic said:

It doesn't matter if its obfuscated or not. The objective would be to find a pointer that always point to your desired weapon. Here is a video example (you want to disable the sound, i recorded sound by accident). Where it shows it always finds your gun. Without needing to do everything all over again. Regardless of leaving a match. 

So can you kind of picture how you would have to script it?

 

Manually the value is not efficient ti use for edit, but when you script it, it is better then the other option of pointer searching again and again because you actually don't need to search anything. 

I misunderstood what you meant. I'm sorry.
And I checked the video you attached.. And it was incredibly FANTASTIC. I don't know how to express this gratitude. Thank you very much.

  • 0
Posted (edited)

@Platonic

I have a question. It may sound like a lazy question, but please excuse me.
How did you find the hex value starting with h 57 65~ at the very beginning of the video? I think it was just hex-ed :WeaponManager so I started searching with :WeaponManager, and I succeeded in getting the Byte values, but I didn't get any results on the way to the next qword value. What is the difference between the two?

I succeeded when I copied the video as it was, but I failed when I changed the value to start the search.

Edited by qwer098
  • 0
Posted
12 hours ago, qwer098 said:

@Platonic

I have a question. It may sound like a lazy question, but please excuse me.
How did you find the hex value starting with h 57 65~ at the very beginning of the video? I think it was just hex-ed :WeaponManager so I started searching with :WeaponManager, and I succeeded in getting the Byte values, but I didn't get any results on the way to the next qword value. What is the difference between the two?

I succeeded when I copied the video as it was, but I failed when I changed the value to start the search.

This value doesnt work?: h 57 65 61 70 6F 6E 4D 61 6E 61 67 65 72 00 E4 B8 9E E4 B8 94 E4 B8 89 E4

Found it by pointer searching the first field offsets address.

  • 0
Posted
15 minutes ago, Platonic said:

This value doesnt work?: h 57 65 61 70 6F 6E 4D 61 6E 61 67 65 72 00 E4 B8 9E E4 B8 94 E4 B8 89 E4

Found it by pointer searching the first field offsets address.

No, it worked perfectly. I just wondered how to find the hex value. Thank you.

  • 0
Posted (edited)
17 minutes ago, qwer098 said:

No, it worked perfectly. I just wondered how to find the hex value. Thank you.

Well, i search the weaponSound class manually. Then i search the desired gun. The i pointer search the start address of the field address of that gun and see if there is a pointer that is always pointing to that gun or some weapon of it. Then i check which class that value that is pointing to the start of that field address of that gun belongs to. In this case it belongs to claas weaponManager.

 

2 minutes ago, Platonic said:

Well, i search the weaponSound class manually. Then i search the desired gun. The i pointer search the start address of the field address of that gun and see if there is a pointer that is always pointing to that gun or some weapon of it. Then i check which class that value that is pointing to the start of that field address of that gun belongs to. In this case it belongs to claas weaponManager.

 

Then when you find the class struct there will be a address having the value which point to the metadata. In this case its named weaponManager. But if your search weaponManager you get to much results so you copy some extra bytes to refine the results amount.

 

 

Edited by Platonic
  • 0
Posted
1 hour ago, Platonic said:

Well, i search the weaponSound class manually. Then i search the desired gun. The i pointer search the start address of the field address of that gun and see if there is a pointer that is always pointing to that gun or some weapon of it. Then i check which class that value that is pointing to the start of that field address of that gun belongs to. In this case it belongs to claas weaponManager.

 

Then when you find the class struct there will be a address having the value which point to the metadata. In this case its named weaponManager. But if your search weaponManager you get to much results so you copy some extra bytes to refine the results amount.

 

 

Thank you for answering so many questions. It was a great help. In order to approach it any more, I have to take time to study on my own. Cuz it's lazy to ask for help without trying on my own.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.