[ITEM]
Beginner's Guide to Reversing a Trainer With Cheat Engine (CE)
For this tutorial to work, you must have a working trainer for a game and of course the game itself. You should also have Cheat Engine 5.4 installed. This tutorial was meant for WinXP users, I cannot verify its usefulness for Vista users.
Why bother reversing a trainer? Why not just use that trainer instead? There are two really good reasons I can think of. First, you may be someone who is interested in making trainers in general, and you have had problems with a game, and are clueless as to how that particular hack was made (example : reveal map function in the C&C Kane's Wrath trainer). Second, you possess a trainer that is copyrighted, meaning you cannot legally distribute that trainer or share it with the your pals at CEF. By reversing that trainer, making a note of all the addresses and offsets that it uses, and all the modified opcodes that trainer performs, you can actually make your own trainer (or cheat table) with identical features/options. This is 100% legit. You can now distribute this trainer freely. One brave step for you, one giant leap for cheaters worldwide. Just make sure you give proper credit to the author of said trainer you referenced from.
The approach here is no different from using CE to hack a game. Instead of just using CE and the game you wish to hack, you are now going to use CE with a game and a trainer. Basically, start CE, start the game, start the trainer, then do a memory scan to find out what was modified. I'll be using an example game here :
Game : Wagons Ho
Game Version : 0.8.3
Trainer : outlaws.exe (trained by the OUTLAWS dox division).
Trainer options : infinite cash (when you spend money you gain it), unlimited weight (wagon can never reach full), unlimited turns (gain a turn in every move instead of losing a turn), unlimited food (with every move you gain 5 food instead of losing it).
To make this tutorial short, I'll only rip one option, the first one : unlimited money.
Step 1 :
Start CE, start the trainer, start the game.
Step 2 :
In the game, start a 'New Game'.
Step 3 :
Alt+Tab to CE, attach CE to the game 'WagonsHoPC.exe', and do a new scan for an unknown initial value.
You'll get a lot of results. This is to be expected. I got 89,444,352 results. Now we'll start to play the 'find the needle in the haystack' game, by filtering the results trying as best we can to narrow the results to less than 10.
Step 4 :
The trainer should be running in the background. Alt+Tab back to the game, and enable the infinite money cheat (F1). Buy some food to see if the cheat works / has been enabled. Then Alt+Tab back to CE, and do a next scan to find out what value has changed.
Step 5 :
Alt+Tab back to the game, buy some food, the cheat will still be enabled so you will gain money instead. Do not disable the infinite money option here, instead Alt+Tab back to CE, and find for an unchanged value. This is called pruning / filtering your searches in order to eliminate the non relevant addresses.
Step 6 :
Alt+Tab back to the game, disable the infinite money option (F1), buy some food to verify that the cheat has now been disabled. Then Alt+Tab back to CE and do a next scan to find for a changed value.
By now you should have less than 200 addresses found. Repeat this process i.e., Step 4 - enable cheat search for a changed value, Step 5 - buy something but do not disable the cheat then do a search for an unchanged value, Step 6 - disable the cheat and search for a changed value, Step 7 - buy something with cheat still disabled and search for a unchanged value. Do steps 4 - 7 over and over until you get about 10 addresses if you're lucky. I could narrow it down to no less than 46 addresses. Out of those 46 addresses found, 4 of those addresses are green meaning static addresses. It is more likely the the opcodes modified will be located within a static address (but this is just my opinion).
Step 7 :
Make sure that the infinite money cheat is disabled. Right click each address and choose 'Disassemble this memory region', the Memory Viewer will pop up (if it wasn't already open) showing you the opcodes at that address you right clicked on, make a note of the opcodes before the cheat when the infinite money cheat was disabled (write then down in notepad or whatever text app you have).
Doing step 7 for all four of the green addresses show that before the trainer's infinite money option was activated, their opcodes were :
When the cheat was disabled :
Address____Bytes______________Opcode
004C17AD__02 8b c2 29 81 f4____add cl, [ebx-0b7ed63e]
004C17AE___8b c2_____________mov eax,edx
004C17AF___c2 29 81___________ret 8129
004C17B0___29 81 f4 91 00 00___sub [ecx+000091f4],eax
Step 8 :
Now enable the infinite money cheat, and repeat step 7. This time we will look again at those 4 green addresses to see if their opcodes were modified.
When the cheat was enabled :
Address _____Bytes_____________Opcode
004C17AD___02 8b c2 01 81 f4____add cl,[ebx-0b7efe3e]
004C17AE ___8b c2______________mov eax,edx
004C17AF____c2 01 81___________ret 8101
004C17B0____01 81 f4 91 00 00___add [ecx+000091f4],eax
It seems three of those four green addresses have been modified when the cheat was enabled. They are 004C17AD, 004C17AF, and 004C17B0.
Step 9 :
Make an AA script that specifies the opcodes for those three addresses when enabled, including the opcodes for those three addresses when they are disabled. In the Memory Viewer window, select the 'Tools' submenu and choose 'Auto Assemble'.
Step 10 :
In the Auto Assemble window, choose the 'Template' menu and select 'Cheat Table framework code'.
There are two ways you can script the infinite money cheat. One way would be to define the bytes themselves instead of specifying the opcodes. The resultant script should look like this :
Or, to make it more readable you could write the script specifying the opcodes instead. The resultant script should look like this :
Note, if you decide to define the bytes manually instead of writing the opcodes, you may an error message stating that 'This instruction can't be
compiled'. This happened during the writing of this tutorial, it seems 'ret 8101' produces no errors, but specifying it using 'db c2 01 81' produces this error message. In any case, if it doesn't work, try writing the script specifying the opcodes instead.
Step 11 :
After writing the script. We need to test if it really worked. But first after writing the script, when you're still in the Auto Assemble window, choose the menu option 'File' and select 'Assign to current cheat table'. This will automatically save your script in the address table (where you freeze values). You can rename the script to something more appropriate like 'Infinite money hack'..etc.
Step 12 :
Close the trainer (not CE, I'm referring to the outlaws.exe trainer). Enable the 'Auto assemble cheat'. Alt+Tab back into the game and buy something. Your money should now increase instead of decrease. Disable the 'Auto assemble cheat' then go back into the game and buy something to verify that the disable codes work. Congratulations, you have just ripped an option from another trainer and perhaps in the process gained some insight into how the pros do it. Full credits go to OUTLAWS, and The Three Amigos for releasing/distro this trainer and of course to Dark Byte for making Cheat Engine.
I've included the cheat table and the trainer made by OUTLAWS in the slim chance that you have the game Wagons Ho 0.83 and would like to go through this tutorial by the read and do method.
[/ITEM]
19.04.2020
55
Beginner's Guide to Reversing a Trainer With Cheat Engine (CE)For this tutorial to work, you must have a working trainer for a game and of course the game itself. You should also have Cheat Engine 5.4 installed. This tutorial was meant for WinXP users, I cannot verify its usefulness for Vista users.
Why bother reversing a trainer? Why not just use that trainer instead? There are two really good reasons I can think of. First, you may be someone who is interested in making trainers in general, and you have had problems with a game, and are clueless as to how that particular hack was made (example : reveal map function in the C&C Kane's Wrath trainer). Second, you possess a trainer that is copyrighted, meaning you cannot legally distribute that trainer or share it with the your pals at CEF. By reversing that trainer, making a note of all the addresses and offsets that it uses, and all the modified opcodes that trainer performs, you can actually make your own trainer (or cheat table) with identical features/options. This is 100% legit. You can now distribute this trainer freely. One brave step for you, one giant leap for cheaters worldwide. Just make sure you give proper credit to the author of said trainer you referenced from.
The approach here is no different from using CE to hack a game. Instead of just using CE and the game you wish to hack, you are now going to use CE with a game and a trainer. Basically, start CE, start the game, start the trainer, then do a memory scan to find out what was modified. I'll be using an example game here :
Game : Wagons Ho
Game Version : 0.8.3
Trainer : outlaws.exe (trained by the OUTLAWS dox division).
Trainer options : infinite cash (when you spend money you gain it), unlimited weight (wagon can never reach full), unlimited turns (gain a turn in every move instead of losing a turn), unlimited food (with every move you gain 5 food instead of losing it).
To make this tutorial short, I'll only rip one option, the first one : unlimited money.
Step 1 :
Start CE, start the trainer, start the game.
Step 2 :
In the game, start a 'New Game'.
Step 3 :
Alt+Tab to CE, attach CE to the game 'WagonsHoPC.exe', and do a new scan for an unknown initial value.
You'll get a lot of results. This is to be expected. I got 89,444,352 results. Now we'll start to play the 'find the needle in the haystack' game, by filtering the results trying as best we can to narrow the results to less than 10.
Step 4 :
The trainer should be running in the background. Alt+Tab back to the game, and enable the infinite money cheat (F1). Buy some food to see if the cheat works / has been enabled. Then Alt+Tab back to CE, and do a next scan to find out what value has changed.
Step 5 :
Alt+Tab back to the game, buy some food, the cheat will still be enabled so you will gain money instead. Do not disable the infinite money option here, instead Alt+Tab back to CE, and find for an unchanged value. This is called pruning / filtering your searches in order to eliminate the non relevant addresses.
Step 6 :
Alt+Tab back to the game, disable the infinite money option (F1), buy some food to verify that the cheat has now been disabled. Then Alt+Tab back to CE and do a next scan to find for a changed value.
By now you should have less than 200 addresses found. Repeat this process i.e., Step 4 - enable cheat search for a changed value, Step 5 - buy something but do not disable the cheat then do a search for an unchanged value, Step 6 - disable the cheat and search for a changed value, Step 7 - buy something with cheat still disabled and search for a unchanged value. Do steps 4 - 7 over and over until you get about 10 addresses if you're lucky. I could narrow it down to no less than 46 addresses. Out of those 46 addresses found, 4 of those addresses are green meaning static addresses. It is more likely the the opcodes modified will be located within a static address (but this is just my opinion).
Step 7 :
Make sure that the infinite money cheat is disabled. Right click each address and choose 'Disassemble this memory region', the Memory Viewer will pop up (if it wasn't already open) showing you the opcodes at that address you right clicked on, make a note of the opcodes before the cheat when the infinite money cheat was disabled (write then down in notepad or whatever text app you have).
Doing step 7 for all four of the green addresses show that before the trainer's infinite money option was activated, their opcodes were :
When the cheat was disabled :
Address____Bytes______________Opcode
004C17AD__02 8b c2 29 81 f4____add cl, [ebx-0b7ed63e]
004C17AE___8b c2_____________mov eax,edx
004C17AF___c2 29 81___________ret 8129
004C17B0___29 81 f4 91 00 00___sub [ecx+000091f4],eax
Step 8 :
Now enable the infinite money cheat, and repeat step 7. This time we will look again at those 4 green addresses to see if their opcodes were modified.
When the cheat was enabled :
Address _____Bytes_____________Opcode
004C17AD___02 8b c2 01 81 f4____add cl,[ebx-0b7efe3e]
004C17AE ___8b c2______________mov eax,edx
004C17AF____c2 01 81___________ret 8101
004C17B0____01 81 f4 91 00 00___add [ecx+000091f4],eax
It seems three of those four green addresses have been modified when the cheat was enabled. They are 004C17AD, 004C17AF, and 004C17B0.
Step 9 :
Make an AA script that specifies the opcodes for those three addresses when enabled, including the opcodes for those three addresses when they are disabled. In the Memory Viewer window, select the 'Tools' submenu and choose 'Auto Assemble'.
Step 10 :
In the Auto Assemble window, choose the 'Template' menu and select 'Cheat Table framework code'.
There are two ways you can script the infinite money cheat. One way would be to define the bytes themselves instead of specifying the opcodes. The resultant script should look like this :
| Code: |
[ENABLE] //code from here to '[DISABLE]' will be used to enable the cheat 004C17AD: db 02 8b c2 01 81 f4 004C17AF: c2 01 81 004C17B0: 01 81 f4 91 00 00 [DISABLE] //code from here till the end of the code will be used to disable the cheat 004C17AD: 02 8b c2 29 81 f4 004C17AF: c2 29 81 004C17B0: 29 8a f4 91 00 00 |
Or, to make it more readable you could write the script specifying the opcodes instead. The resultant script should look like this :
Hanvon driver. Here’s how to unlock all The Division codes and cheats. All The Division cheat codes work for the PC, PS4 & Xbox One versions of this awesome game. 😀 The codes are listed below Table of Contents The Division Ubisoft Club Cheats 4 Free Division Agent Gear Sets Codes Index of The Division Guides: This. Daemon X Machina - 1.00 - +13 - Update 2. By Rysefox » Fri Feb 14, 2020 6:25 pm. Last post by Algester. Sat Feb 15, 2020 6:04 am.
| Code: |
[ENABLE] //code from here to '[DISABLE]' will be used to enable the cheat 004C17AD: add cl,[ebx-0b7efe3e] 004C17AF: ret 8101 004C17B0: add [ecx+000091f4],eax [DISABLE] //code from here till the end of the code will be used to disable the cheat 004C17AD: add cl, [ebx-0b7ed63e] 004C17AF: ret 8129 004C17B0: sub [ecx+000091f4],eax |
Note, if you decide to define the bytes manually instead of writing the opcodes, you may an error message stating that 'This instruction can't be
compiled'. This happened during the writing of this tutorial, it seems 'ret 8101' produces no errors, but specifying it using 'db c2 01 81' produces this error message. In any case, if it doesn't work, try writing the script specifying the opcodes instead.
Step 11 :
After writing the script. We need to test if it really worked. But first after writing the script, when you're still in the Auto Assemble window, choose the menu option 'File' and select 'Assign to current cheat table'. This will automatically save your script in the address table (where you freeze values). You can rename the script to something more appropriate like 'Infinite money hack'..etc.
Step 12 :
Close the trainer (not CE, I'm referring to the outlaws.exe trainer). Enable the 'Auto assemble cheat'. Alt+Tab back into the game and buy something. Your money should now increase instead of decrease. Disable the 'Auto assemble cheat' then go back into the game and buy something to verify that the disable codes work. Congratulations, you have just ripped an option from another trainer and perhaps in the process gained some insight into how the pros do it. Full credits go to OUTLAWS, and The Three Amigos for releasing/distro this trainer and of course to Dark Byte for making Cheat Engine.
I've included the cheat table and the trainer made by OUTLAWS in the slim chance that you have the game Wagons Ho 0.83 and would like to go through this tutorial by the read and do method.
| The Extension 'rar' was deactivated by an board admin, therefore this Attachment is not displayed. |
| WagonsHoPC.CT | |||
| Description: |
| Download | |
| Filename: | WagonsHoPC.CT | ||
| Filesize: | 431 Bytes | ||
| Downloaded: | 2027 Time(s) | ||
- Author: admin
- Category: Category
Search
Latest Articles
- Descargar El Libro Nacho Pdf Writer
- Avast Premier Vs Internet Security Vs Pro
- Mass Effect 3 Horsehead Nebula
- Pes 2012 English Language Patch Psp
- Mac Osx Virtual Desktop Client For Kvm
- Lackey Download For Mac
- Download Splinter Cell Conviction Full For Android
- Program Will Be Terminated Assault Squad 2
- High Frequency Sound Mp3 Download
- Alpine 3541 Service Manual
- Warcraft 3 Maps Tower Defense
- Solidworks Electrical 2017 User Manual
For this tutorial to work, you must have a working trainer for a game and of course the game itself. You should also have Cheat Engine 5.4 installed. This tutorial was meant for WinXP users, I cannot verify its usefulness for Vista users.
Why bother reversing a trainer? Why not just use that trainer instead? There are two really good reasons I can think of. First, you may be someone who is interested in making trainers in general, and you have had problems with a game, and are clueless as to how that particular hack was made (example : reveal map function in the C&C Kane's Wrath trainer). Second, you possess a trainer that is copyrighted, meaning you cannot legally distribute that trainer or share it with the your pals at CEF. By reversing that trainer, making a note of all the addresses and offsets that it uses, and all the modified opcodes that trainer performs, you can actually make your own trainer (or cheat table) with identical features/options. This is 100% legit. You can now distribute this trainer freely. One brave step for you, one giant leap for cheaters worldwide. Just make sure you give proper credit to the author of said trainer you referenced from.
The approach here is no different from using CE to hack a game. Instead of just using CE and the game you wish to hack, you are now going to use CE with a game and a trainer. Basically, start CE, start the game, start the trainer, then do a memory scan to find out what was modified. I'll be using an example game here :
Game : Wagons Ho
Game Version : 0.8.3
Trainer : outlaws.exe (trained by the OUTLAWS dox division).
Trainer options : infinite cash (when you spend money you gain it), unlimited weight (wagon can never reach full), unlimited turns (gain a turn in every move instead of losing a turn), unlimited food (with every move you gain 5 food instead of losing it).
To make this tutorial short, I'll only rip one option, the first one : unlimited money.
Step 1 :
Start CE, start the trainer, start the game.
Step 2 :
In the game, start a 'New Game'.
Step 3 :
Alt+Tab to CE, attach CE to the game 'WagonsHoPC.exe', and do a new scan for an unknown initial value.
You'll get a lot of results. This is to be expected. I got 89,444,352 results. Now we'll start to play the 'find the needle in the haystack' game, by filtering the results trying as best we can to narrow the results to less than 10.
Step 4 :
The trainer should be running in the background. Alt+Tab back to the game, and enable the infinite money cheat (F1). Buy some food to see if the cheat works / has been enabled. Then Alt+Tab back to CE, and do a next scan to find out what value has changed.
Step 5 :
Alt+Tab back to the game, buy some food, the cheat will still be enabled so you will gain money instead. Do not disable the infinite money option here, instead Alt+Tab back to CE, and find for an unchanged value. This is called pruning / filtering your searches in order to eliminate the non relevant addresses.
Step 6 :
Alt+Tab back to the game, disable the infinite money option (F1), buy some food to verify that the cheat has now been disabled. Then Alt+Tab back to CE and do a next scan to find for a changed value.
By now you should have less than 200 addresses found. Repeat this process i.e., Step 4 - enable cheat search for a changed value, Step 5 - buy something but do not disable the cheat then do a search for an unchanged value, Step 6 - disable the cheat and search for a changed value, Step 7 - buy something with cheat still disabled and search for a unchanged value. Do steps 4 - 7 over and over until you get about 10 addresses if you're lucky. I could narrow it down to no less than 46 addresses. Out of those 46 addresses found, 4 of those addresses are green meaning static addresses. It is more likely the the opcodes modified will be located within a static address (but this is just my opinion).
Step 7 :
Make sure that the infinite money cheat is disabled. Right click each address and choose 'Disassemble this memory region', the Memory Viewer will pop up (if it wasn't already open) showing you the opcodes at that address you right clicked on, make a note of the opcodes before the cheat when the infinite money cheat was disabled (write then down in notepad or whatever text app you have).
Doing step 7 for all four of the green addresses show that before the trainer's infinite money option was activated, their opcodes were :
When the cheat was disabled :
Address____Bytes______________Opcode
004C17AD__02 8b c2 29 81 f4____add cl, [ebx-0b7ed63e]
004C17AE___8b c2_____________mov eax,edx
004C17AF___c2 29 81___________ret 8129
004C17B0___29 81 f4 91 00 00___sub [ecx+000091f4],eax
Step 8 :
Now enable the infinite money cheat, and repeat step 7. This time we will look again at those 4 green addresses to see if their opcodes were modified.
When the cheat was enabled :
Address _____Bytes_____________Opcode
004C17AD___02 8b c2 01 81 f4____add cl,[ebx-0b7efe3e]
004C17AE ___8b c2______________mov eax,edx
004C17AF____c2 01 81___________ret 8101
004C17B0____01 81 f4 91 00 00___add [ecx+000091f4],eax
It seems three of those four green addresses have been modified when the cheat was enabled. They are 004C17AD, 004C17AF, and 004C17B0.
Step 9 :
Make an AA script that specifies the opcodes for those three addresses when enabled, including the opcodes for those three addresses when they are disabled. In the Memory Viewer window, select the 'Tools' submenu and choose 'Auto Assemble'.
Step 10 :
In the Auto Assemble window, choose the 'Template' menu and select 'Cheat Table framework code'.
There are two ways you can script the infinite money cheat. One way would be to define the bytes themselves instead of specifying the opcodes. The resultant script should look like this :
| Code: |
[ENABLE] //code from here to '[DISABLE]' will be used to enable the cheat 004C17AD: db 02 8b c2 01 81 f4 004C17AF: c2 01 81 004C17B0: 01 81 f4 91 00 00 [DISABLE] //code from here till the end of the code will be used to disable the cheat 004C17AD: 02 8b c2 29 81 f4 004C17AF: c2 29 81 004C17B0: 29 8a f4 91 00 00 |
Or, to make it more readable you could write the script specifying the opcodes instead. The resultant script should look like this :
Hanvon driver. Here’s how to unlock all The Division codes and cheats. All The Division cheat codes work for the PC, PS4 & Xbox One versions of this awesome game. 😀 The codes are listed below Table of Contents The Division Ubisoft Club Cheats 4 Free Division Agent Gear Sets Codes Index of The Division Guides: This. Daemon X Machina - 1.00 - +13 - Update 2. By Rysefox » Fri Feb 14, 2020 6:25 pm. Last post by Algester. Sat Feb 15, 2020 6:04 am.
| Code: |
[ENABLE] //code from here to '[DISABLE]' will be used to enable the cheat 004C17AD: add cl,[ebx-0b7efe3e] 004C17AF: ret 8101 004C17B0: add [ecx+000091f4],eax [DISABLE] //code from here till the end of the code will be used to disable the cheat 004C17AD: add cl, [ebx-0b7ed63e] 004C17AF: ret 8129 004C17B0: sub [ecx+000091f4],eax |
Note, if you decide to define the bytes manually instead of writing the opcodes, you may an error message stating that 'This instruction can't be
compiled'. This happened during the writing of this tutorial, it seems 'ret 8101' produces no errors, but specifying it using 'db c2 01 81' produces this error message. In any case, if it doesn't work, try writing the script specifying the opcodes instead.
Step 11 :
After writing the script. We need to test if it really worked. But first after writing the script, when you're still in the Auto Assemble window, choose the menu option 'File' and select 'Assign to current cheat table'. This will automatically save your script in the address table (where you freeze values). You can rename the script to something more appropriate like 'Infinite money hack'..etc.
Step 12 :
Close the trainer (not CE, I'm referring to the outlaws.exe trainer). Enable the 'Auto assemble cheat'. Alt+Tab back into the game and buy something. Your money should now increase instead of decrease. Disable the 'Auto assemble cheat' then go back into the game and buy something to verify that the disable codes work. Congratulations, you have just ripped an option from another trainer and perhaps in the process gained some insight into how the pros do it. Full credits go to OUTLAWS, and The Three Amigos for releasing/distro this trainer and of course to Dark Byte for making Cheat Engine.
I've included the cheat table and the trainer made by OUTLAWS in the slim chance that you have the game Wagons Ho 0.83 and would like to go through this tutorial by the read and do method.
| The Extension 'rar' was deactivated by an board admin, therefore this Attachment is not displayed. |
| WagonsHoPC.CT | |||
| Description: |
| Download | |
| Filename: | WagonsHoPC.CT | ||
| Filesize: | 431 Bytes | ||
| Downloaded: | 2027 Time(s) | ||
Search
Latest Articles
- Descargar El Libro Nacho Pdf Writer
- Avast Premier Vs Internet Security Vs Pro
- Mass Effect 3 Horsehead Nebula
- Pes 2012 English Language Patch Psp
- Mac Osx Virtual Desktop Client For Kvm
- Lackey Download For Mac
- Download Splinter Cell Conviction Full For Android
- Program Will Be Terminated Assault Squad 2
- High Frequency Sound Mp3 Download
- Alpine 3541 Service Manual
- Warcraft 3 Maps Tower Defense
- Solidworks Electrical 2017 User Manual
The Division Cheat Engine Money В© 2020