bong1934
31st March 2006, 01:07
Well, I have been trying to use the code-cave tutorial for gravity, speed, jump that Sunbeam made, and it hasn't worked for me. I searched for other tutorials on the same subject got about 3 or 4, most said basically the same thing as Sunbeam's did. So I figure I must be doing something wrong, so I have been rechecking what I do against the tut for the past hour, cant find anything wrong. I was wondering if anyone could check to see if these steps are right, and if not help me fix.
1. Open CE (I know I'm doing this very slow because I really need it specific appearently :/)
2. Open MS and attach
3. Change scan type to double and search for 125
4. Double click address 00677918 (for v.20 OMS)
5. Right click, click Find out what Accesses this address
6. Alt+tab, move, click the top one and select Show Disassembler (should be 005ee87b)
7. Tools, Scan for Code-Caves
8. I use 004001c5, so goto that address
9. Double click the Cheat-Engine single-line assembler and type "fmul qword ptr [00677918]"
10. Go one address below that (004001c7) and change to "jmp 005ee87b"
11. Goto 005ee87b, right click change register at this location (I have also done these steps with the address that is below 005ee87b which is 005ee881
12. Tick the EIP checkbox, type 004001c7 (I have also tried with 004001c5)
*Note: sometimes MS will stop working and I will have to restart my comp like LuciferGuard was having trouble with, it does this when I change 005ee881 instead of 005ee87b*
13. Click Add Address Manually, type 004001c7 (also tried 004001c5), change type to Double
14. Change value of new address to what you want. (this is where MS just closes)
*Note: Everytime I add it the value I get for it is like -2.387387438743 E23 or something wierd like that. I am pretty sure that this is the problem, just cant figure out how I can fix it.*
Also couldn't I just search for a unknown initial value, take off my +speed shoes, search for decreased, put on search for increased untill I get one address?
1. Open CE (I know I'm doing this very slow because I really need it specific appearently :/)
2. Open MS and attach
3. Change scan type to double and search for 125
4. Double click address 00677918 (for v.20 OMS)
5. Right click, click Find out what Accesses this address
6. Alt+tab, move, click the top one and select Show Disassembler (should be 005ee87b)
7. Tools, Scan for Code-Caves
8. I use 004001c5, so goto that address
9. Double click the Cheat-Engine single-line assembler and type "fmul qword ptr [00677918]"
10. Go one address below that (004001c7) and change to "jmp 005ee87b"
11. Goto 005ee87b, right click change register at this location (I have also done these steps with the address that is below 005ee87b which is 005ee881
12. Tick the EIP checkbox, type 004001c7 (I have also tried with 004001c5)
*Note: sometimes MS will stop working and I will have to restart my comp like LuciferGuard was having trouble with, it does this when I change 005ee881 instead of 005ee87b*
13. Click Add Address Manually, type 004001c7 (also tried 004001c5), change type to Double
14. Change value of new address to what you want. (this is where MS just closes)
*Note: Everytime I add it the value I get for it is like -2.387387438743 E23 or something wierd like that. I am pretty sure that this is the problem, just cant figure out how I can fix it.*
Also couldn't I just search for a unknown initial value, take off my +speed shoes, search for decreased, put on search for increased untill I get one address?