hey im trying to make a trainer to allow me to see other enemies in Ghost Recon, i had a look at that tutorial a bit above this and that was an excelent insight, but with GR you have 4 teams, and i dont know what values to search for to find the teams, i think i worked that out and its 1-2-3-4, but i have no idea what values i need to fool the computer as to what team im on, so it shows the other team ? any insight please?

you would have to switch to all four teams and find the hex # just like the tut said i suppose.

how do i find the hex # ?

how do i find the hex # ?
I've never considered more than 2 teams in my tutorial on memoryhacking, and it might not work for GR, then again, the tutorial was not made to hack all the games, but to explain the theory of how it works...

Try finding what number corresponds to what team (like 1 for axis and 2 for allies in BF1942). If you find these numbers, try changeing them to something else.
The problem i can see right now, is that you wouldn't be able to do a NOP hack as is done in BF1942. You'd acctually have to change the Operationcodes in the memory... and that's pretty complexe if you don't know any ASM :(
If there are tags in GR, you could try doing a taghack based on the my memoryhacking tutorial.

maphack in ghost recon (SE / show enemies) = winsock32, or other kind of proxy

maphack in ghost recon = winsock32, or other kind of proxyCould you develop that explenation abit? To my knowledge, winsock32.dll is a socks handeling library that comes with Windows95 and 98... What does that have to do with proxys?

Could you develop that explenation abit? To my knowledge, winsock32.dll is a socks handeling library that comes with Windows95 and 98... What does that have to do with proxys?

i mean get raw packets with raw sockets, or any kind of proxy and using packet filtering, but i think it needs more than a memory trainer anyway. Check this out (http://aluigi.altervista.org/mytoolz.htm) it's a kickass ressource.

You should speak about it with Ulman (Terror Faction), i think he has the most advanced knowledge about messing with ghostrecon / proxy.

My two cents.

Ah, i see what you mean... yeah, i use Winpcap and WinDump to solve my packet problems.
Good site btw.

aight cheers guys ill check that out in a lil while, just wondering what else i could possibly do with mem hacks in this game ?

i just tried the erm no fog thing that was suggested in the tutorial...
i have been searching the zoom values, eg unkown value, then zoom in and put it as increased, then zoom out, would that be the correct adress? or am i barking up the completely wrong tree? if so what would the method of finding the correct adress for the fog ?

i just tried the erm no fog thing that was suggested in the tutorial...
i have been searching the zoom values, eg unkown value, then zoom in and put it as increased, then zoom out, would that be the correct adress? or am i barking up the completely wrong tree? if so what would the method of finding the correct adress for the fog ?

If you want a working NoFog in Ghostrecon you should use a D3DHook since there's no values in memory like in BF1942/BFV.

Here some usefull memory cheats:

names:
8D2CB2 00 <=> 01 (pointer)

range:
8D2CB6 00 <=> 01 (pointer)

showtextureprops:
8D2CB8 00 <=> 01 (pointer)

togglemovetrees:
8BD350 01 <=> 00 (pointer)

Fullscreen sniper scope:
49C1D7 74 <=> EB (je to jmp)

No Recoil:
646C6A 74 <=> EB (je to jmp)
646CDF 75 <=> EB (jne to jmp)
646DCA 74 <=> EB (je to jmp)

3rd person view:
63E153 89 <=> C7
63E154 46 <=> 46
63E155 60 <=> 60
63E156 0F <=> 01 <= force 3rd person view here (01 instead of the EAX register value)
63E157 9D <=> 00
63E158 C0 <=> 00
63E159 A2 <=> 00
63E15A 6C <=> 90
63E15B A8 <=> 90
63E15D 00 <=> 90

Ghost Camera:
First you need to freeze the player's view/moves:
90A86C 00 <=> 01 (pointer)

then same as 3rd person view, but with 04 as parameter to use the ghost camera:
63E153 89 <=> C7
63E154 46 <=> 46
63E155 60 <=> 60
63E156 0F <=> 04 <= force ghost camera here (04 instead of the EAX register value)
63E157 9D <=> 00
63E158 C0 <=> 00
63E159 A2 <=> 00
63E15A 6C <=> 90
63E15B A8 <=> 90
63E15D 00 <=> 90

You don't need WriteProcessMemory or memcpy for the pointers based cheats, just use something like that (VC++ syntax) :

int *names = (int*)0x8D2CB2;

// usage
*names = 1;


or using asm :

_asm mov dword ptr [0x8D2CB2], 1

If you want to see this cheats in action try this multihack : Ghost Recon - BallistiX (http://www.mpcforum.com/showthread.php?t=64772)