Ok , What is the quick way to find the DMA for the name tags. I read the posts beofre this but they really dont mention exactly how to find them..nay help is appreciated
thanks
LAsix

"the best method to find the tag-dma is xollox description. while aiming at an enemy (game paused) do a range search from 58 to 64 and while not aiming search for value 0."

it's quoted from another thread. try this and if it doesn't work you have to search for unkown value while not aiming at some1. then the values can be reduced by using value has (not) changed.

OK, IF i creat a lan game and have my other CPU act as the enemy do i still need to pause it

#2: In BF vietnam the server can control the distance a person is away beofr the name tag appears. DO i still do a search for 58-64 since they control the distance you are away?
#3: If I search for unknow value while not aiming, then when i am searching for "value has not changed" do i am at someone or not. Let me see if i got this right... Dont aim at someone and open t-search and search for "unknow value". Then search for " value has not changed" or do i need to go back into the game and then alt/tab back out and search for " value has not changed? And do i have to pause the game it with this meathod

I hope i made sense, i appreciate your help. i know can do PMs if you dont want to talk over the forum

i don't have bfv yet so i am not sure if the technique for getting to the tag addresses is the same. however, i sent you a pm about this. good luck and keep trying-

peace-
caliber

Has anyone ever got this way to work tho? What about when you do find the DMA? See xollox never even done this method before. I asked the same thing but was directed to that post. That dont explain everything. I wish people would go just a bit more in detail about it.

Originally posted by Spontaneous on 17th March 2004 at 16:53
Has anyone ever got this way to work tho? What about when you do find the DMA? See xollox never even done this method before. I asked the same thing but was directed to that post. That dont explain everything. I wish people would go just a bit more in detail about it.

Man you and me both...all i keep getting is redirected..THere is not enough info and it is so spread out. Like you said, it says nothing about what to do to the DMA if and when you find it out of the 80K of address. I guess if oyu found 58-64 you change it to Zero...well did that and no luck. I have spent the last 4 hours trying to find the damn address and nothing. I did both ways on here. PLease of someone knows of a way just post the directions or PM us. It gets frustrating.

We need a post just for doing tags

i am in the middle of moving right now so i have time for these little posts now and then but i haven't had time to hack (or play) the game in awhile, but i will post a tutorial for this when i get settled if you haven't figured it out by then. this is a bad week for me (and for xollox) to try and help in that way since we both are tied up with other things. not sure why the methods you are being told don't work for you as this is exactly how i would approach it. also, i don't have bfv yet so i might run into the same problems as you. so lots of reasons i can't help more. i've been there, where you are struggling with something and then bam it just hits you or you figure it out or the address comes into view for you. my hack only has nofog, map, and zoom. so i haven't tackled the accuracy or tag yet and i have NO hack for bfv. i don't think anyone is personally trying to frustrate you or be mean.

peace,
caliber

I have these problems with 1942 tho. Its like this, I can get it narrowed down to 2 addresses. Not quite sure which one it is. The other thing is, I believe I found it once and breakpointed but still dont know what I would do there. There is no jumps. I would assume you have to put a certain value into one of the non-dma address but I dont know what I am doing. I was going to try something else today but I am going to be playing bfv for a while.

See, I know xollox just was lazy and got it from dazhack. LOL

Originally posted by Spontaneous
I have these problems with 1942 tho. Its like this, I can get it narrowed down to 2 addresses. Not quite sure which one it is. The other thing is, I believe I found it once and breakpointed but still dont know what I would do there. There is no jumps. I would assume you have to put a certain value into one of the non-dma address but I dont know what I am doing. I was going to try something else today but I am going to be playing bfv for a while.

See, I know xollox just was lazy and got it from dazhack. LOL
Spont can Pm me or write here how you went about getting it narrowed down to 2 . Also do you pase the game if so how do you do that. I tried it in T-search but after the serch was done it stopped pausing it..maybe that is my problem. Do you find the tags when you are playing in a lan conection, let me know what way you are finding it...i can work from there i hope


Caliber: Hell man i understand about being busy. No problem just let me know when you can sit down to chat so i can pick your brain a little
thanks all
lasix

ok i will explain what i did:
bring up tsearch. make sure that freezing the game while search is enabled in the options. next look for an enemy till you get his tagname showing. then immediately search 4bytes values in range 58-64. then move your mouse elsewhere, and "search next" 0. repeat those 2 steps till you get down to 1 or 2 addies. then from there you put read/write breakpoint and you'll get many blocks of code, try nopping around you will finish to make it work!

1) Set 2 Comps up, one to run server, one to use TSearch on. It is sugguested you run the server on a seperate comp because when running a server, you will get possibly twice the amount of values you are looking for, and it can complicate things.
2) Get In Game. Find an Enemy and Focus your Crosshair on him so that his Tag Pops up. Pause the Game (p) and ensure his tag shows
3) Go into TSearch and Search 4 Bytes Range 58 - 64.
4) Go into Game Again, Unpause, Look away from the enemy so his tag disappears, Pause.
5) Do a Continued Search in TSearch. Search for 4 Bytes 0.
6) Repeat 2 - 5 until you narrow it down to two values
7) Focus on the Enemy, Pause the Game, And Enable Autohack. Autohack the values that you have.
8) Unpause Game, Look Away, Pause Game
9) Go into the Autohack window Play with Nopping the Addresses that you are given.

I would sugguest Disabling Punkbuster while you are doing this. On Bf1942 just Setting a breakpoint can get you kicked.

nice work by both of you. it doesn't get any clearer than this. i haven't messed with tags at all. can one or both of you PM me why or how you got the 58-64 range to know what to look for? just curious how you arrived at that range to search for. also, good tips about disabling pb.

peace-
caliber

originally it comes from xollox. you can find it in this thread (http://www.mpcheatz.de/mpc/forum/showthread.php?threadid=34379&perpage=15&pagenumber=1)
i have spend much time to get tags working and without xollox input it's hardly possible to find the dma. btw.. the method which is discussed here just makes the tags stay permanent. to find health-tags from infantry and vehicles you need another proceeding.

They didn't come from me, I just "forwarded" them, so to speak.

Health and armor tags are easy...One class has em, others don't. You might want to try to figure out where the game stores what class you're in and look for some CMPs...

the 58-64 represents the Opacity i believe for the tag. If the number is 0, you do not see the tag, if it is 50, it is dimmed, and 64 is the most vibrant a tag will get.

Tommy and chilli :
Ok i did waht you said to the T. I tried to pause by Pressing "P" but i dont think it does anything. I made a seperate lan on a CPU and conected to it wth my T search CPU.

I did step 1-5 but t search would only narrow it down to 16 addys..so i figured i woudl try it again...I can get any where close to narrowing down to 2 addresses.

I am trying to do this for BF vietnam...it may be different not for sure but my min map hack was almost identicle to bf1842 one i made.

so in short, let me know about pausing with "p" and why T search wont naoorw it down to 2 addresses.

Thaks for the reat posts guys, they were very detailed
Lasix

to pause the game while you search values with Tsearch, you have to do this first:
go in Tsearch, View menu, Options, then check "freeze game during search". k?

yup, did that...I have t -search pausing it. It still wont naoorw it down to 2. I can get like 15or 16 of them.. also there are address that show up that have values that randomly change.
I hate tht its not doing it, the directions are so simple and it sounds easy as hell...anyone else trying this on Bf vienam or am i the only one havein propbs here. Tell me what you think

try again. aim at an enemy. make sure he doesnt move so you can get his tagname. then immediately search for 4bytes range 58-64. switch back to game, and aim your feet. search for exact value 0. repeat those 2 steps. thats all i did to narrow it down. im sorry if that doesnt work for ya

Do you think it can have to do with the guy i am choosing? just a guess. I tried with infantry everytime..what class were you using. I have no idea why this is not working.
I have took the 16 i got and tried changing the value to zero..but that would change all the values to zero if i changed one of them..it was weird.
well let me know if anyone has an ideas

Chilli thanks so much for yur help

Lasix

try crreating a local game on the machine youre t-searching on. dont use network game

ok i have done this to a tee so i think...i always get 4 no lower its makein me go crazy i tryed on a local lan and on a diff pc no luck....

keep getting kicked


BREAKPOINT AT : 77F75554
EXPECTION ACCESS VIOLATION AT : 7CC9B7
EXPECTION ACCESS VIOLATION AT : 7CC9B7

any clue

i am not to sure how to set the nop to...any tips?

i want to know what program i need to make my own hack

anyone can you help me out with what i posted above?

I think bfv has more addresses that will change with it.

I got it down to 9 addresses. 7 of them tho are like 10 off in the address

00000010 difference.

Is there a way for us to test if we have the right dynamic address using tsearch without breakpointing?

what is Tsearch and what does it do?

Originally posted by Spontaneous
I think bfv has more addresses that will change with it.

I got it down to 9 addresses. 7 of them tho are like 10 off in the address

00000010 difference.

Is there a way for us to test if we have the right dynamic address using tsearch without breakpointing?

This works for me. (i got 8 addresses) When you get 9 addresses, aim an enemy, pause bfv and go back to tsearch. All addresses are between 58-64. Go back to bfv dont unpause and go back to tsearch. Logically only 1 address is between 58-64. Works also i f you dont aim an enemy.

Originally posted by Spontaneous on 18th March 2004 at 21:32
I think bfv has more addresses that will change with it.

I got it down to 9 addresses. 7 of them tho are like 10 off in the address

00000010 difference.

Is there a way for us to test if we have the right dynamic address using tsearch without breakpointing?

hey spont, i got it down to one. If you cant just freeze the address of each one, then go back into the game and you will see what one changes to 58-64.. each time i did it the value was i think 60...i hope this helps

Oh ya i PMd you the other day but no response... oh well
lasix

where can i get tsearch??

ok i am really new to making hacks,but from all the info u guys provided in here i able to narrow it down to one addy but i dont know what to do from here. is there anyone that can explain the rest of the steps to me. thanx

THEBIG420, please read around the bf1942 forums. It is all explained how to do this all and what todo.

Lasix, I sat there for close to an hour with 20 addresses aiming on and off, going to tsearch each time and only could get it down to 9. I know what to do, it just isnt working. Of course I am going to try again later today but I seem to be having a problem finding what I want.

Spont, I had the same problem... what you have to do is transfer those 9 you found to the cheat list. Then use the "freeze" button( a blue smiley face) and freeze each of the 9 address you found individualy. This has nothing to do with the search mode, this part is al done in the "cheat list". Again i have found the name tags so i know what you are going through!!!!!!!!!!

..i hope this helps

Lasix

AHHHHHHHH, Wanna hear something funny.

I got it down to 4 addresses today within 3 min(dont know how, just lucky today) and found the right one real quick. Whats even funnier is my 1st guess as noping a jump, got the right one. If anything, people learn from this, dont give up cause you can get lucky just like I did.

can someone plz explain the meaning of nopping.i been searching the forums all day and i cant figure out exactly what it means.i followed all chilli instruction and found the address for the name tags.i made a trainer with the address and value and it kind worked.i ran my trainer but only one bot have constant tag and it was blinking.i dont really know what im doing wrong but if someone can help me i would appericate it...............thanx


my aim name is samstyles420

yes ok, THEBIG I know this one :D Again search for the DMA nametag value and breakpoint it (read/write) it was the wrong instruction you nopped. Simply try any of these listed in autohack window...

@spont: a jump? I didnt nop a jump when making the nametag hack...

what is noping? messing with values in tsearch?

NOP = an opcode of 90 - it does nothing in the program, so isnt executed - just free space, which you can use for code caves (own code) or sth like that..

If you nop something, that means that you simply remove the specific asm code out of the program. The bytes of the opcode of the asm are replaced with 90's

E.g.

opcode

7056080001 --- any asm instruction
9090909090 --- nopped/removed asm instruction

So like when you find an ASM instruction you want to nop you nop it and then you can and in you own code using like a different .exe program?

I NOPed a JPE to be exact

spont, tell me, how did you come to to the DMA name tag value? (how did you find it...)

Originally posted by test0r on 20th March 2004 at 00:32
spont, tell me, how did you come to to the DMA name tag value? (how did you find it...)

WEll i got my Name tags to work in a my trainer....ya hoooooooo ............... I know have name tags, inf, and vehicle hacks for BF viet. Next is the FOG...anyone worked that isue out yet. I wil post a image of it if y all want ..jsut tell me hoiw to upload it

LAsix

Originally posted by Spontaneous
I NOPed a JPE to be exact


There are actually 2 codes that you canNOP in that address to get the same effect. just a tip for ya
;)

as we been trying. Aiming on, pausing game(p key), alt tab, search for range 58-64, in game, unpause, aim off, pause game, alttab, search 0, repeat. Got it down to 4 addresses. Added them 4 to cheat list. While aiming on enemy, froze 1 address, went into game, aimed off and checked to see if the nametag stayed up(it might flash on and off depending on what you have the refresh rate is set in options). If it didnt stay up, aim on enemy, alttab, unfroze that address and tried the next til found the one that made it stay up. You should know where to go from there.

here is a pic of my hack in action..damn i love this since i started doing it. I hope you all enjoy is. THis is my first hack and i finally completed most of it..damn it feels good


.....its hard to see the minmap hack but it is working great...i wish you could see it better...

Yea Lasix, I think we all know what it looks like. But good work.

sorry man i was just excited...youknow how your first is ...or do you ;)

Yes I do, but tryying to keep the forums a little more cleaner.

lasix do u have aim or msn? if you do can u add me and help me with my name tags hack im stuck on the last step and i really need some help.
my aim is"samstyles420"
my msn is "sgrillo420@earthlink.net"
if you could help i would appericate it..............thanx

Hi!
I managed to track the dma for the name tags down to 2 addresses (yay for me) but what exactly do I do next?
I moved 1 dma to the "cheat list" section of tsearch and enabled autohack. then in the autohack window under "disassembler" I get 3 entries. when I just click on "patch" for the first entry and switch back to the game the nametags above one person stay as long as I aimed on him :) that's not bad, but certainly not good enough. so what am I doing wrong? which of these 3 entries in the disassembler tab do I have to edit and what do I have to edit?
Please try to be as exact as possible, since this is the first time in my life I'm doing something like that. thanks

ae: oh and one more thing: do I have to search the dma for the nametags everytime I start BFV or does it stay the same?

ae2: I think it was Spont who said, that he "NOPed a JPE". OK, honestly I had no clue what that means but in the first disassembler entry I found one line that had a "JPE" in it. so I NOPed it, but nothing happened ingame. Do I also have to freeze the dma when I NOP that JPE? Or what is the problem? Man this really drives me nuts, cause I think (or hope at least :) ) that I'm really close.

sorry for double post, but is anyone still reading this? I'm really kinda stuck here :(

kalb im stuck in almost the same spot as you.i get mY tags to stay constant.but i dont know what code i have to change and im not really sure how to make a trainer but i got the kit and it dosent seem to hard. i also want to know why everyone time i find the address and value of the tags its different.can someone who has made a working name tag hack plz help me .i been working on this for 4 days striaght and no one is helping mei read every post about tags and none of them really explain what to do with the address once i find it.i want to know what i change the code too.
my aim name is samstyles420
my msn is sgrillo420@earthlink.net

SO CAN SOMEONE PLZ HELP ME!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

K, the adress are going to change each time you do it because you have not found the static. no you dont have to find the addresses each time if they are static

Originally posted by Kalb on 21st March 2004 at 01:33



ae2: I think it was Spont who said, that he "NOPed a JPE". OK, honestly I had no clue what that means but in the first disassembler entry I found one line that had a "JPE" in it. so I NOPed it, but nothing happened ingame. Do I also have to freeze the dma when I NOP that JPE? Or what is the problem? Man this really drives me nuts, cause I think (or hope at least :) ) that I'm really close.

The JPE you are refering to is in many of the code you will find. you just have to keep noping and undoing until you find it.
keep playing with t search trial and error..

YAY! I did it! I finally found the right jpe, noped it and bang - names showing up everywhere :)
So now, logically the next step for me would be to build a small app that nopes that jpe right? cause right now I just wrote a small easywrite script that does that, but since tsearch is in PBs process scanner it's prolly not a very good idea to use it ;)

Can Someone Show Me How To do this cause what if i dont have 2 pc 's how can i do it can some one walk me throught this?thanks reply if u can il leave you my aim name.

Look we explain how to do it in this thread.

w00t, works for me.

Yea you just have to keep tryying. If you cant narrow it down say in 15 min. Then quit the game and start over. For some odd reason it takes a bit a luck to get it. You just have to keep tryying and keep tryying.

When you get it down to 8 or so addresses with a local coop game, keep the game paused and alt-tab inbetween the game and tsearch (but don't unpause the game) and most of the values will change...you will prolly get down to 2 addresses.. Then just breakpoint both of them -- one will not do anything and the other will give you the result you want...

Well now, my small NameTag app is finished, but I'm wondering is the NameTagHack still PB secure? And even if it is, it's probably better not to use NOPs isn't it? Can anyone here give some tips what to do, to get the nametags working without nops?

credits to marlonb... [x] (http://www.mpcheatz.de/mpc/forum/showthread.php?threadid=35682)<-- nail here

How did you make the enemy items all grey?
That would be cool

>Well now, my small NameTag app is finished, but I'm wondering is the NameTagHack still PB secure? And even if it is, it's probably better not to use NOPs isn't it?

Well to the current date and pbv version no known offsets are scanned.
Just the usual stuff reading module sections up to 0x8000 bytes.
Currently it doesnt matter if nop or jump/code caves are used.

If public cheats enter the arena some offsets may be added for sure.
Of course EB/PB can follow the tutorials to find out some offsets by self ... muahahahaha.

Anyway .. did i mention that EB forgot to compress the pb client executable before delivering to EA (making it into final release -> CDROM of bfv)?
You can make a nice offline analysis of pb client code/disassembly without the need dumping/rebuild iat/manually unpacking neolite2 compressed module.
Just use your favorite tools and learn how pb works... know your enemy.
Make sure you save it somewhere, pb client sw will get updated on first internet game.

Regards

Originally posted by Lasix on 19th March 2004 at 19:51
sorry man i was just excited...youknow how your first is ...or do you ;)


My first was a 3some.......

bf194lover, you are scary..... (in a good way)....

peace-
caliber

snafubar then u woke up.......lol

...and found 2 girls next to him

yea blow up girls

what happened to this thread-- heh-

no kidding, good thing i checked in here to read the new posts.......

expendable81- if you don't keep posting regularly like you have been when you get your 30 posts, i am going to ban you immediately.... hehehahbwahahaa... just kidding. don't you have enough messages to PM yet? these one liner messages that you are writing to increase your posts are actually getting kind of funny to me..... ;)

:att: back to topic, gentleman! :att:

as far as i can see all of you have forgotten to mention some informativ extras of name tag. seeing the name is helpful in the deep woods of vietnam. adding health status too and you're fine. :cow:
i messed around with bfv to find a way leading to the class-dma. it's a bit confusing because the class-numbers aren't sorted by size so you can't find it by using decreased/increased search. am i supposed to mention all of the numbers or do you want to locate it yourself? it's not that difficult. keep on changing classes while searching for has (not) changed. in the end you have 8 addresses. watch them carefully and you'll discover which one is the class-dma. as for me i wrote down every address and change to compare them. i dont know if breakpointing dma will result in a usable address because my pc crashed before i was able to breakpoint anything. ;)
alternatively (what i did) you can read yourself through the source starting at the name-tag address (reason: name + health are tags!). you have to know which class makes the vehicle-hp appear and their value. search for a cmp including this value. voilà! :)

good work dacruel-

ok thx, I will look at it too...
(damn, again searching Nametags - i hate it :D)

what i didn't tell yesterday... it seems as if vehicle-health is the only possibility, which can be activated. i haven't found any relation to inf-health. playing some maps, you will notice that the "light" infantry sometimes has a medkit but nevertheless there isn't any health-tag visible.

yes exactly. there is no medic-class in this game - thats logical...

My hack is done.. minimap,3d map hack and name tag :)
The name tag is pretty easy to do :)
Also the 3d map is nothing special :)

good work SjaakZ0r

Thx Spontaneous..

For all the peeps out there.. There is more then enough info for you guys to make your own hack :)
And it's a nice thing to see that your work really works :P

"Still a newbie"... working on the Name Tags.

I narrowed down the Search to 7 values, all between 58 and 64. But freezing each of these values separatly or even freezing them all while looking at an enemy troop didn't work for me... I searched for 4 Bytes values...

Any hints?

Then you dont have the right address. You did a search next at sometime that got rid of the right address. You should be able to freeze the addresses while aiming at enemy and go back to game, aim off and the nametag should at least be flashing or stay solid(the flashing is due to the freeze timer not being set fast enough to keep it solid, which is just an option in tsearch

Cool, I tried it again and again and now I found the right address. Yep, the tag was flashing... And its better to play on a local game, coop server with AI level set to only 0% (gives you more time to aim)

One funny thing happened while trying to nop the correct line: only the name tags of the enemies that I had looked at already once during the game showed up :-)

Now trying the map hack for the 10th (?) time, might have to ask for help again (in the other thread)

lol hehe ;)

Hey maphack is the easiest one of all the hacks...