Would anyone be able to shed a bit of light on this DMA stuff I got a tut from max powers page on dma and man did i think it made it sound easy but i cant get it to work out for me.
I can find all the addys i need for minimap and for name tags but of course after the map change i have to get them again.
I have read lots on it and i am sure im just missing just a lil something so if someone might give the n00b a push in the right direction I will be most gratefull.

Also any views on visual c++ 6.0 trainer template? I have found one but im not really ready for this step yet just thought i might start looking for a few to see which is best.

Boy my brain hurts from all this reading lol

DMA(Dynamic Memory Address) changes all the time. You need to read on how to defeat DMA so you have a static address instead of the Dynamic address. DMAs get choosen on the load of the game process(which happens everytime you reload the map). Static address will be the same unless EA/Dice change it with a patch. You got the right idea on finding the DMA but now you need to take that DMA, memory break point the DMA address to get the static addresses that grabs info from that DMA address. So pretty much, DMAs are dynamic and the static addresses grab the value from that DMA to do the stuff its surpose to do. Hope that helps some.

Right but after i set the BP and get all those addys that were being written to then I am able to get to the jumps i need to change but i cant figure out how to find the static part.
I can change the jump to make minimap with vehicles and infantry even and i have done it so many times that i can go right to it in just a few min. but i can not for the life of me figure out how to compute the static address from the one i get. In the dma tut it says to take your team addy which i will say is 11A87E1C - AC =26959956654(i know this # isnt correct)

You do not have to use that method of all the hacks. Only some of the hacks. Mess around with the code around the jumps and what not. If you got to the part of the jumps, you got the static addresses. NOPing the jump or what not will do exactly what you want. To make it PB proof you need to go a step further then NOPing a line of code, such as codecaves.

DMA (dynamic memory allocation) is like this:

The game doesn't know certain things when it is first run (like number of players, which map, what gun they will have, which features are turned on, etc.) so the game dynamically reserves the memory it needs at the time you select these things. This is done to conserve memory since the game would have to reserve quite a chunk of memory to have enough put away for every circumstance and option. So the memory is reserved dynamically when it is needed. Therefore, when the game calls to the system to reserve a space of memory for a certain feature (like fog or zoom) then the system sets aside a small chunk of memory for holding that value. The system generally gives the game memory at the end of the program code, which means that each time the game runs, if the game has different numbers of players with different weapons on a different map, etc. then the location of that variable in memory (for the fog or zoom or whatever) will be different.

Therefore, what you need is to find the STATIC POINTER in memory that points to the DYNAMIC MEMORY ADDRESS. There is generally (nearly always found in the game code itself) an address that is called the static pointer which is always in the same location in memory and this pointer points to many of the DMA addresses. So you have to work backwards and if the DMA address is at location XXXXXX then you have to find the code that writes to that address by doing a breakpoint (for instance the code may be something like mov eax, (ebp+YY) ) where YY is a hex number and is called the modifyer. Then the actual address you are trying to find is going to be XXXXXX-YY, which we will call the base address (lets call it ZZZZZZ). Somewhere in the game code, there will be a pointer that points to ZZZZZZ. so you do a 4 byte LONG search in memory for the value ZZZZZZ (may have to convert ZZZZZZ from hex to decimal to do your search in TSEARCH) and you will likely get 1 or a few places in memory that point to the base address (ZZZZZZ). This pointer is the magical static pointer we were talking about (let's call it CCCCCC).

So here is the process:

Static Pointer points to Base Address. Base Address + Modifyer is the DMA address for the particular feature you are hacking. The Base Address is pointed to by the Static Pointer address. The modifyer is determined by doing your breakpoint. The DMA address is determined by adding the modifyer to the Base Address. Confused yet?

Here it is in formula: CCCCCC points to ZZZZZZ, and ZZZZZZ+YY is the address for XXXXXX which holds the value you are trying to manipulate in the game.

So once you know CCCCCC (which never changes), you can do a read to it of type LONG (four bytes) and that will give you the address to the base pointer (ZZZZZZ). Add the known modifyer to it (ZZZZZZ+YY) and you will get the address of the DMA which you can then modify. This is DMA defeat-

Now feel free to pick apart my explanation-

damn way better then what I said. Geese MAN. I tried making it so normal people can understand it easier then all these terms and what not. Still great explanation.

Thanks for the replys fellas I will see if i cant get back to it when i get home from work
cause i have a feeling when i start to "pick apart" calibers explanation it will spawn several more questions.

O and a big thanks for the BIG explanation caliber it was long and i know it took a while to write so thanks for taking the time to do it:)

Yea Thanks Caliber I also learned a couple of things there, especially regarding the terminology.

yeah... sometimes you can even make your hacks calculate the DMA and write directly to the dynamic address, which is very much less undetectable than nopping, of course.