[MARINMAN] OWNS YOUR NOOBLETS!!

Ok, let's begin...

First thing's first. You need to understand what boolean and bytehacking mean. ByteHacking is simply changing one or two bytes of data in the .u files of America's Army in order to adjust certain properties of the game to your liking. Boolean is programming slang and it means True or False. A boolean value can either be true, false, or null in some cases (and it usually isn't). In this tutorial we're gonna cover changing the boolean value of the M24 Sniper Rifle Recharge from true (it does recharge) to false (it does not recharge). Then we're going to take that info, put it in XML and use it for AAOM.

------------------------------------------------------------
LESSON 1 - Downloads
------------------------------------------------------------

You need to download three things (if you don't already have them).

1) AAOM 1.5 - Download Here (http://www.mpcdownloads.com/_mpc_d0wn_h4x_/AAO/AAO%20Manager%201.5.zip)
2) AAOM XML 2.1 - Download Here (http://www.mpcdownloads.com/_mpc_d0wn_h4x_/AAO/AAOManager%202.1%20XML.zip)
3) UTPT 2.0 B5 - Download Here (http://www.acordero.org/download/utpt20beta5.zip)

------------------------------------------------------------
LESSON 2 - Installation
------------------------------------------------------------

Ok, first let's extract AAOM. Once you download it, open it up in WinRAR or WinZip and simply extract the contents to any folder. For this tutorial, we're going to assume you extracted them to "C:\AAOM".

Next, once you have the XML 2.1 for AAOM, open it up in WinRAR or WinZip and extract the aaomanager.xml file to your AAOM directory (C:\AAOM). You will be prompted to overwrite the one in there with this one. Go ahead and do that.

Finally, once you have UTPT just open up the zip and extract UTPT.exe anywhere. For this tutorial we'll just assume you extracted it to your AAOM directory.

------------------------------------------------------------
LESSON 3 - Preparing
------------------------------------------------------------

Before we move on, we wanna make sure that no hacks are currently enabled in AAOM. If there are hacks enabled and we try to test one of our hacks we may get wrong readings if AA crashes. So goto your AAOM directory, open aaomanager.exe and click the "Clear All" button in the upper-right corner of the program, make sure everything in unchecked. Then click the "Apply" button in the lower-right corner of the program to make sure everything saves correctly. Then just close AAOM, we don't need it right now.

------------------------------------------------------------
LESSON 4 - Finding the M24
------------------------------------------------------------

Ok, because we have decided that we want to change the M24 Sniper Rifle Recharge property, we now have to find it. All of these properties (boolean, float, structure, etc) will all be located in the .u files that are in your AAO System folder. Because we are looking for a weapon property, we're just gonna assume that it's in the "AGP_Inventory.u" file (but that may not always be the case).

So, open up your UTPT.exe. Click "File > Open" at the top and goto your AA System Folder. Next, double-click on the "AGP_Inventory.u" file to open it.

Screen: http://hexsoft.gifgraphix.com/open.JPG

Now, everything you see probably looks confusing. But don't worry, cuz we aren't even dealing with that. Next what you wanna do is click on the "Export Table" tab down at the bottom-left.

Screen: http://hexsoft.gifgraphix.com/export_table.JPG

Now you see a nice, neat table of the assorted properties in this file.

Screen: http://hexsoft.gifgraphix.com/view1.JPG

Now, before we move on. Let me tell you right now, that 98% of the time, all boolean classes will start with a lowercase "b" followed directly by the name.

Next thing we wanna do is find the boolean class that we wanna change. We know we wanna change the M24 Recharge value, so instead of searching through this entire thing, let's filter out only what we wanna see.

Right click, and click on "Filter". Now the Filter window should of popped up. Since we know we're looking for the recharge value, type the word "recharge" in the Object field. Also, because we know we're looking for a boolean value, go ahead and click on "BoolProperty" in the allowed classes section. Then click ok and the program should filter your request.

Screen: http://hexsoft.gifgraphix.com/filter.JPG

Now, luckily for us there is only one thing that showed up. So we don't have to look much further. You should now see the "bRequireRecharge" boolean clean for the M24 Sniper Rifle.

Screen: http://hexsoft.gifgraphix.com/filter2.JPG

------------------------------------------------------------
LESSON 5 - Changing the Offset
------------------------------------------------------------

Now that we have located what we're looking for, it's time to do a little ByteHacking. Go ahead and right click our M24 property and click on "Analyze Raw Object". The hex information for that boolean class should now be on the right side of your screen, and there shouldn't be that much.

99% of all boolean classes will look like this. They're very, very simple to change. For those of you who don't know this, in computer terminology the numbers "01" mean "On" (or True) and the numbers "00" mean "Off" (or False). Because the game makes the M24 Sniper Rifle recharge, we assume that this bool class is currently set to True, and we want to make it False.

So, now we have to find what hex value (each one value is one byte, which is why we call this bytehacking) we want to change. Because this is a true/false situation and we know that the M24 Recharge is currently set to True, we are looking for the numbers "01". However, you will notice that there TWO "01" hex values in here. I bet you're asking yourself how the hell you know which is which, well the only way to tell is by Trial and Error. But, for the purpose of this tutorial I will tell you that the one we're looking for is the FIRST one you see.

Screen: http://hexsoft.gifgraphix.com/byte.JPG

Now, for those of you who don't know. AAOM works by changing these bytes. But, the only way AAOM can find the bytes in order to change them is by the name of Offset that the byte has. So, now that we know what byte we wanna change, we need to find the offset.

Click on the first "01" byte you see listed (see screenshot above). Now, look down at the bottom on UTPT. The offset that we're ALWAYS going to be looking for is the offset called "Offset in Package". Find the offset, and write it down.

Screen: http://hexsoft.gifgraphix.com/offset1.JPG

Now, is very, very, very important that you understand this. When you put that offset in the AAOM XML, you NEVER want to put the extra 0's. The only zero that you want is the "0x" one.

So.. the offset that UTPT gives is this: 0x0000AE08
But, we are going to write down this: 0xAE08

When you got that offset written down we can move onto the next part.

------------------------------------------------------------
LESSON 6 - Putting it in XML
------------------------------------------------------------

Yay, the hard part is over. Now here comes the easy crap. Open up the aaomanager.xml file in notepad.

Screen: http://hexsoft.gifgraphix.com/notepad.JPG

Now, all you wanna do is simply copy a current hack in there, and just duplicate it. AAOM reads the data between the "<HACK>" and "</HACK>" tags. So, simply copy any one of the hacks in there and paste it somewhere at the top, after the "<AAOMFILE>" tag of course.

Now, we need to fill in the properties. Just put whatever you want for the NAME and DESCRIPTION properties. Now, because we found the M24 Recharge bool class inside the "AGP_Iventory.u", where it says FILENAME simply type "AGP_Inventory.u". Next, where it says OFFSET you need you to type in the offset you wrote down which is 0xAE08. Last but not least, we need to enter the values we want to change. The ORIGINAL value is "01". Remember when we were looking at all the different bytes and we dertermined that "01" means True and "00" means False. Well, that's why we set it to 01. But, we don't want it to stay 01, so we need to set the CHANGED value to "00".

Once you have everything in, you should have something like this:

<HACK>
<NAME>No M24 Recharge</NAME>
<DESCRIPTION>You do not need to recharge your M24 sniper rifle.</DESCRIPTION>
<CHANGE>
<FILENAME>AGP_Inventory.u</FILENAME>
<OFFSET>0xAE08</OFFSET>
<ORIGINAL>01</ORIGINAL>
<CHANGED>00</CHANGED>
</CHANGE>
</HACK>

Now simply save the XML and move onto the next step.

------------------------------------------------------------
LESSON 7 - Using it with AAOM
------------------------------------------------------------

Last but not least, you need to test out your hack. Open AAOM and your new hack should now be listed inside the program. Click on your hack that you just put in there and click the "Apply" button in the bottom-right corner of the program. Then just close AAOM because you don't need it open to play AA.

Now open America's Army and go into a map to try it out. Because we're dealing with the sniper rifle, you may want to just go into single player because you may not always get the sniper rifle on multiplayer. To go into singleplayer, simply open the AA console and type "start bridge.aao", or whatever map you want. Then open the console again once the map loads and type "mpcheat class s24" to get the M24 Sniper Rifle. Now when you fire the gun it wont recharge! Neato!!

To re-enable the recharge for the sniper rifle, simply open AAOM and uncheck your hack and click apply.

Enjoy!!!

------------------------------------------------------------
LESSON 8 - Tips
------------------------------------------------------------

1) When doing ByteHack, if you come across an error, always remember to uncheck and apply your hack in AAOM before you move on. If you leave the hack enabled then you will always have problems running AA.

2) If you screw up your .u files while bytehacking, run the "cleaner.exe" program in the AA system folder to restore them to normal.

3) DO NOT assume that this tutorial will work for all bool classes you find. It will work for most, but not all.

4) Remember what I said above, this is all Trial and Error. If you come across multiple "01" values then simply try them one by one until you find the right one. If none of them work, then maybe your hacking the wrong property.

oh yea... you're welcome!

Thanks for this Pr3dator, looks good.

Thanks for this Pr3dator, looks good.


no prob..

GOOD POST! sticky ???

good job pred! lol i remeber a few days ago u were saying, hey i dont get a thing about this XML crap. good to see your learning the ropes man.

WOW another mistake by the devs! the left the door breacher in there eve though its not useable yet lol! another screw-up by the morons.

bump bump bump

GOOD POST! sticky ???


X2 O.O :cool:

X2 O.O :cool:


I give this post about 2 days before it fades away into nothing... :D

At request, i'm reopening this thread and moving it to the Coding section.
It looks good, please tell me if its still up to date ;)


He did a great job here!



Reopened.

Hey [PR3DATOR] Im not sure if its just me but I can't view your Links.... Besides that its a great tutorial, nice work... :popc1:

Never mind about the links I did realize that this was such an old thread...

'][MARINMAN] OWNS YOUR NOOBLETS!!

------------------------------------------------------------
LESSON 5 - Changing the Offset
------------------------------------------------------------

Now that we have located what we're looking for, it's time to do a little ByteHacking. Go ahead and right click our M24 property and click on "Analyze Raw Object". The hex information for that boolean class should now be on the right side of your screen, and there shouldn't be that much.

99% of all boolean classes will look like this. They're very, very simple to change. For those of you who don't know this, in computer terminology the numbers "01" mean "On" (or True) and the numbers "00" mean "Off" (or False). Because the game makes the M24 Sniper Rifle recharge, we assume that this bool class is currently set to True, and we want to make it False.

So, now we have to find what hex value (each one value is one byte, which is why we call this bytehacking) we want to change. Because this is a true/false situation and we know that the M24 Recharge is currently set to True, we are looking for the numbers "01". However, you will notice that there TWO "01" hex values in here. I bet you're asking yourself how the hell you know which is which, well the only way to tell is by Trial and Error. But, for the purpose of this tutorial I will tell you that the one we're looking for is the FIRST one you see.

Screen: http://hexsoft.gifgraphix.com/byte.JPG

Now, for those of you who don't know. AAOM works by changing these bytes. But, the only way AAOM can find the bytes in order to change them is by the name of Offset that the byte has. So, now that we know what byte we wanna change, we need to find the offset.

Click on the first "01" byte you see listed (see screenshot above). Now, look down at the bottom on UTPT. The offset that we're ALWAYS going to be looking for is the offset called "Offset in Package". Find the offset, and write it down.

Screen: http://hexsoft.gifgraphix.com/offset1.JPG

Now, is very, very, very important that you understand this. When you put that offset in the AAOM XML, you NEVER want to put the extra 0's. The only zero that you want is the "0x" one.

So.. the offset that UTPT gives is this: 0x0000AE08
But, we are going to write down this: 0xAE08

When you got that offset written down we can move onto the next part.

------------------------------------------------------------
LESSON 6 - Putting it in XML
------------------------------------------------------------

Yay, the hard part is over. Now here comes the easy crap. Open up the aaomanager.xml file in notepad.

Screen: http://hexsoft.gifgraphix.com/notepad.JPG

Now, all you wanna do is simply copy a current hack in there, and just duplicate it. AAOM reads the data between the "<HACK>" and "</HACK>" tags. So, simply copy any one of the hacks in there and paste it somewhere at the top, after the "<AAOMFILE>" tag of course.

Now, we need to fill in the properties. Just put whatever you want for the NAME and DESCRIPTION properties. Now, because we found the M24 Recharge bool class inside the "AGP_Iventory.u", where it says FILENAME simply type "AGP_Inventory.u". Next, where it says OFFSET you need you to type in the offset you wrote down which is 0xAE08. Last but not least, we need to enter the values we want to change. The ORIGINAL value is "01". Remember when we were looking at all the different bytes and we dertermined that "01" means True and "00" means False. Well, that's why we set it to 01. But, we don't want it to stay 01, so we need to set the CHANGED value to "00".

Once you have everything in, you should have something like this:


Now simply save the XML and move onto the next step.

------------------------------------------------------------
LESSON 7 - Using it with AAOM
------------------------------------------------------------

Last but not least, you need to test out your hack. Open AAOM and your new hack should now be listed inside the program. Click on your hack that you just put in there and click the "Apply" button in the bottom-right corner of the program. Then just close AAOM because you don't need it open to play AA.



thx for the tut .
i am runing linux i did exactly like u said but i am with armyops221

I found the offset for Weapon_M24_Sniper.bRequireRecharge to be btw AE19-AE29 witch one should i change : idont know i have 1/16 luke for finding the right one.
AAOM cant be emumated with linux so i had to use a straight hexaEditor:

$hexdump System/AGP_Inventory.u|grep -i "AE[123]0"
OFFSET HEXA TEXT
ae10 bd bc ba bb b9 b8 be bf 3f b4 b2 fa 31 36 d0 b7 œOeº»¹žŸ¿ ?Ž²ú16з
ae20 8d 0c 8a 8b 89 88 8e 8f 85 84 82 83 88 06 e0 87 ........ ......à.
ae30 9d 1c 9a 9b 99 98 9e 9f 95 94 92 93 0e 16 f0 97 ........ ......ð.

that is fooking unfair UTPT give me total diferent TEXT/HEXA value for the AE19-AE29 range.
i need somme ligth on this

NB:Maps and System/* files are the same cross platform !

Did you try it on Both PC and Linux? Because code in Linux is a little different then PC. This is for PC offsets.

Some of AAO's .u files are encrypted. To see the same values in the hex editor as in UTPT, you need AAOcrypt.

Put AAOcrypt and the .u files into their own folder

1. Run decrypt.bat
2. Open the .u file in UTPT
3. Find offset like in tutorial
3. Open the .u_dec file in hexeditor
4. Edit the .u_dec file (the byte values should be the same as shown in UTPT)
5. Run encrypt.bat

I do not know if AAOM decrypts the file before editing it or not. If not, you need the original encrypted values and the new encrypted values.
Doing a simple file compare between the ArmyOps\System\*.u and your modified .u (not .u_dec) will give you these values.

Some of AAO's .u files are encrypted. To see the same values in the hex editor as in UTPT, you need AAOcrypt.

Put AAOcrypt and the .u files into their own folder

1. Run decrypt.bat
2. Open the .u file in UTPT
3. Find offset like in tutorial
3. Open the .u_dec file in hexeditor
4. Edit the .u_dec file (the byte values should be the same as shown in UTPT)
5. Run encrypt.bat

I do not know if AAOM decrypts the file before editing it or not. If not, you need the original encrypted values and the new encrypted values.
Doing a simple file compare between the ArmyOps\System\*.u and your modified .u (not .u_dec) will give you these values.

i love u man :) :) :lol:

AAO crypt worked like a charm.

I am new to cheating and had a noob question. I understand you have a program that can turn the recharge rate on the sniper rifle on and off but is there anything from preventing you from just changing the code manually one time so its always not recharging or does punkbuster look for that?

u have only one post go read befor posting or get flamed

niceeee

niceeee

You know you bumped up a 6 month or more old topic...

niceeee

Warned for spam.
Thread debump.

I did the hack as Havoc described, and it works. But, the game crashes when I ran out of ammo for the m24 (it has a 5 round mag). So when it got down to 0 rounds in the magazine...bam, the game crashed. I wonder if I could use the same boolean hacking technique to change the ammo count, too? I bet I could. So instead of starting the game with 5 rounds in the magazine and 45 in reserve, it could be 50 rounds in the magazine...period. I'm going to see if I can do that. This is my first time doing a hack by myself on AA. But I wouldn't mind if anyone wanted to offer a suggestion ;) ...like what property or value to edit.

I wonder if I can use UTPT to change the number of rounds a gun can hold in the magazine? It would be awesome to have an m16 with a 500round mag. Lol. Then with the full auto hack, I'd be set.

could use the same boolean hacking technique to change the ammo count, too?

even if you did get your client to recognize you had a different amount of ammo, unless your doing something to trick replication then the server will know the real amount your supposed to have, memory hacking as well.

ammotype (should) and ammoamount are arranged serverside, you can change it clientside but it wont have much effect :P

- HyPz

ammotype (should) and ammoamount are arranged serverside

yeah like I said, but I also said you can trick the replication which cant be done through bytehacking ( still with 2.6, no they didnt fix it )

good luck simons, me and hypz answered your question, move onto new ideas ;)

I think I still can change the zoom feature of the weapon sights, though. Does anyone know what parameter in the AGP_inventory.u file controls the zoom factor of the m16? I'd like to know, if anyone knows.

you could either just change this

_cScopeClass=Class'ScopeW_M16A2_Rifle'

or if you really wanna just tweak, fZoomAnimFOV=25.00