This is a work in progress, but I decided to make tutorials for the forum so that those of you wondering the techniques used to hack the code of the program. It will be released in parts as each section is done. Thanks to all coders and those of you who helped in my knowledge (from way back years ago to today's forum members) who made this possible. My goal is to do these tutorials for all facets of the game. BTW, this will be done only on the demo version of BF2, although the techniques are exactly the same for retail version.

Download, enjoy, and possibly learn. More coming soon-

As usual, I would appreciate one of the mods moving this to the download section and then editing this message accordingly. The uploads thingie still sucks and doesn't work, even when i divide into smaller rars...

Best,
cal


(EDIT) I took the liberty to upload it, Upload 1 at the time and it should work, but its done so ;) CptCox
PS Sorry for the name of the files "Neue ordner" New folder in German, I was to lazy to give it a name....

SMoD NOTE: Attachments here no longer work, please goto this thread for them: http://www.mpcforum.com/showthread.php?t=132351

REALY Nice work man, Nice graphics and clear, Super job man, keep it up.

thanks for this, ill try that, hope i understand it

O.O got crc error while extracting for 6.jpg

cant see different pictures :ermm:

retry now, i used a different server to save it on. hopefully one of the mods will download it and then put it into the mpcdownloads section. should work now with the new link above in the message...

Nice work there cal.

i tried to convert it to .pdf but still too big (1MB), did manage to convert to word.doc which is more manageable (43k) but i'm using Word XP 2003 version so not sure if others can view properly.

anyways, y didn't u convert it? if u would like and don't mind i could upload for u.

Nice work there cal.

i tried to convert it to .pdf but still too big (1MB), did manage to convert to word.doc which is more manageable (43k) but i'm using Word XP 2003 version so not sure if others can view properly.

anyways, y didn't u convert it? if u would like and don't mind i could upload for u.

the upload feature for attachments with this forum allows you to send files, but they have to be 500K or less or something. anyways, i made it into .rar files (multiple volumes .rar, .r01, .r02) and it only took three of them. however when sending the attachments, only the .rar will go through. it acts like it uploads all three, but only the .rar goes through. so basically i can only send ONE attachment and it has to be around 500K. i couldn't shrink it any further than 1.2Meg so sorry about that. The problem, in my opinion, is with attachments feature of this forum or that i am an ***** and can't do it right. How hard could sending three attachments be, though?

Anyways, what I would like is for one of the mods to make it available at the downloads and change the original message above to point to that link instead. Also, this tut could be linked to in the sticky for tuts.

Thanks for all the nice comments. More tuts to come (got to find time)-

Best,
cal

Cpt.Cox, I made some quick fixes of typos and errors in the tut and i re-uploaded it to:

http://www.savefile.com/files/1100225

could you d/l it, repack it into .rar volumes and resave it to the downloads and fix the first message above to point to it again and then delete this message?

sorry all the trouble, just want it to be right and not confuse anyone.

thanks-

big thx man! hope i'l enjoy it :)

np cal, theres no need to aplogise about the size. i thought it might be helpful to have it here in a simple 1 file dl. i managed to get this converted to a .pdf and reduce file size down to 638kb - the pics needed to be optimised. gotta love batch file process in paintshop pro ;)

anyways nice tut, and will come in handy when i finally get this game...weddings are so expensive.... :(

Bit off topic, but some guy on another forum was posting links to .bmp files the other day. When I suggested he save them as .jpg he responded calling me a "noob"..How's that for a laugh?

I still did not upload the latest stuff, the link dont work and I PMed him, I will do it ASAP or when Cal contacts me

very nice TUT id just like to say ;) Helped me alot even if it is only for SP :)

Very nice tutorial.....I would like to see some more stuff like this. I have a short attention span (ADD) and found this tutorial to be long enough to be informative and short enough so I didnt get overloaded/distracted. :) In the past when I've opened tuts and its a gazillion pages long with tons and tons of ASM code my eyes just glaze over and I say fsck it.

Keep up the good work....maybe a tut on ASM basics and/or Olly in the future?

Tap

P.S. I just realized that TSearch was created by a guy I use to get cheats from for Total Annihilation back in the day using MTC, Oliver Pasqulini. :P He use to hook me up with multiplayer cheats for the latest TA versions.... 3.1 being the last. Sadly I lost the cheat files for TA 3.1 sometime ago and from what I can tell he never made them public :( I'm hoping by reading a few more tuts i'll be able to make my own trainer for TA 3.1 to work with the modified .EXE that allows for 5000 units, etc :)

tnx just what i was waiting for good job! now even "n00bs" like me understand all the things that you posted in the forum ^^

1st post in thread updated with the latest version.

Nice Tut! Was easy to understand, and look what i was able to do after doing the Get team thing: http://home.tiscali.nl/blomracingrc/KickeBf2.wmv small movie of AT doing overtime (572Kb)

Nice Tut! Was easy to understand, and look what i was able to do after doing the Get team thing: http://home.tiscali.nl/blomracingrc/KickeBf2.wmv small movie of AT doing overtime (572Kb)

ROFL Did you really do that?

Tap

ROFL Did you really do that?

Tap

yeah You can do it with any weapon only when i tried it with C4 it only lets ypu drop 5 of them, drop more and the old ones dissapere :(, also did it with the Tank but it has a low recharge time so you can put 200 shells in it but the ROF will suck

funny vid, Fosco. anyways- thanks for all the replies and nice comments. Part II has been released in another thread and contains info about OllyDbg and hacking the minimap-

now get to it-

best,
cal

i got something really wierd i can not use the autohack enable debugger in the full version of the game , any one else have the same problem if you got it fix who did you do it ?

i got something really wierd i can not use the autohack enable debugger in the full version of the game , any one else have the same problem if you got it fix who did you do it ?
read the tutorials and use the search function befor posting that again, please.

i got something really wierd i can not use the autohack enable debugger in the full version of the game , any one else have the same problem if you got it fix who did you do it ?
read the tutorials and use the search function befor posting that again, please.


lol, sounded just like my dad ;)

hanny a little hint in the sticky for tutorials read the one made by faldo. also cal mentioned this and started a thread some weeks back.

sorry all the trouble, just want it to be right and not confuse anyone.

thanks-

I was born confused....

I mean he was....

What the.... I'm confused again

Ok, I found the address of the team, well I actually find it along time ago but didn't realise it and couldn't work out why my own team was trying to kill me.:confused:

Anyway I got up to the part where I'm supose to open up the auto hack feature and enable the debugger it's not working. And I'm pretty sure it has something to do with that Battlefield 2 is "already" being "debugged".

I also read the tutorial on debugging an already debugged process and that didn't work at all. I need some extra help on the other tutorial as it just doesn't work for me.

Thanks.

"debugging an already debugged process" is the right tutorial and the method does work most of the time.

Occasionaly i get nothing but ???????'s in the memory viewer even though I have an Intel CPU, however I just shut it all down (inc. my pc) and go for it again.

This is the easiest way by a million miles to attatch your own debugger to a debugged process so stick with it!

remember that these tutorials were designed for battlefield demo and so there isn't debugger protection there. if you are going through the tutorial for the first time, you might want to just do it on the demo until you for sure can do it. then after that you can move to the battlefield 2 retail and do the debugger protection override that faldo described.

note- you can't have ollydbg attached and then try to autohack with tsearch with the demo either, unless you do the debugger protection override for that as well.

best,
cal

Mmmm, thanks for that bit of info.

One thing though is, I was able to debug the retail... but :cry: I couldn't debug it whilst it was running, only when not running.

So if I do find the team address, which in turn is only a static memory address and I have to turn the game off after I find that address so I can debug it then the memory gets cleared.


So what am I suppose to do??

Thanks

there's a post about debugger protection of bf2, look it up with a search and also the sticky at the top has a tutorial about it (look under tutorials at the sticky at the top of the list of threads)

OK, I got everything to work. But how would I go about writing the script so I can do it on the fly in the game. Just like p3n1 with his ITC hack did.

there are some templates for c++, visual basic, and other stuff in the battlefield general forum i think...

any other contributors here can help now if they like (does anyone have a blank template they can give?)

also you can try to do this with TMK (trainer maker kit) first to see if you can get that working (understand the concepts of overwriting memory locations with your own code).

best,
cal

you will need to go to the battlefield general forum and look for templates for C++,Visual Basic, several others and then modify it (pick a language that you like)... see the sticky's in battlefield general-

you might also ask p3n1 what he used to compile his hack and see if he can help you along-

best,
cal

I have a question. I found the hex responsible for teamchange. How would I go about finding the address the hex is handling? I think I found a way backwards to make the instand team switch without writing any scripts. But first, I have to know to how to find an address using specific hex number.

Im just starting out playing with the tsearch thing. I do have a question however. Everytime i try to change a value from 2 to 1 my tsearch program locks up and the rest of my computer chugs along very slow. Is this normal?I cant seem to get past that stage in tsearch. I saw where it said to change refresh time but what is a suitable time? And what refresh time do I change? Search, Network or Cheat List?

I just checked it again with the mptest game and it still locks up no matter what. The program runs fine until I try to change a value number. Maybe I have a bad download or something? Im not sure. This is kind of frustrating seeing as Im not very far at all into the learning curve. Any help would be great. Thanks.

Hmmm quick question I just downloaded all 3 parts but the files in all 3 are exaclty the same, anyone having the same problem?

Special_K, yea its a multiple rar. 1 rar split into 3 parts that continue from 1 part onto another.

where do i get the programs...the link in the download doesnt seem to work???

To find the static address that calls the DMA where the Team Values are stored, use the AutoHack feature in Tsearch, set the Read/Write breakpoint on your DMA value, it will list all static addresses that call the team value. This is explained in detail in Calibers1942's tutorials.

Tsearch should not crash when you change values, try to reboot :P or format your PC.

Okay, so I got debugging to work with battlefield 2 using Cheat Engine. But in T-search when I set the breakpoint to the address which contains my team it doesn't pick anything up. I did everything exactly how you said in Tutorial #1. I even installed the demo and it still wont work.

Okay, so I got debugging to work with battlefield 2 using Cheat Engine. But in T-search when I set the breakpoint to the address which contains my team it doesn't pick anything up. I did everything exactly how you said in Tutorial #1. I even installed the demo and it still wont work.

After you breakpointed your getteamfunction () , did you then go back into the game and swap teams a few times to p/u the static addys ? Im thinking you might not have .

Cheers .XR.
-------------------

are the selfmade hacks with tsearch always undetected ?
which hack is safer ?
-a hack,which was made by DUBBLS (online trainer)
-or a selfmade hack with tsearch

[sry for my english]

are the selfmade hacks with tsearch always undetected ?
which hack is safer ?
-a hack,which was made by DUBBLS (online trainer)
-or a selfmade hack with tsearch

[sry for my english]


1] T-Search isn't used to make hacks but find the address needed for hacks.

2] Public hacks will get detected very quickly as PB know what to scan for. A private hack will last longer as PB will have to either get a copy or guess what to scan for.

After you breakpointed your getteamfunction () , did you then go back into the game and swap teams a few times to p/u the static addys ? Im thinking you might not have .

Cheers .XR.

Yes i did swap the teams back and fourth. It worked when I used autohack on my ammo.

Yes i did swap the teams back and fourth. It worked when I used autohack on my ammo.

So it works for youyr name tags then ? if not i would go back and get your get-team addy again , there is no reason why it shouldnt work unless you have done something wrong :O.

Good luck

Cheers .XR.
----------------

2] Public hacks will get detected very quickly as PB know what to scan for. A private hack will last longer as PB will have to either get a copy or guess what to scan for.

So basically no need to use any sort of trick to defeat pb if the hack stay private? :s

you definitely have to use tricks. PB just doesn't detect public hacks. They also check for memory modification, api hooking.. etc

and if you have a privat hack....how you turn on your hack ? you should always do the steps you see in the tutorials,or you can save it ?

I cannot downlaod the attached files,
open a blank webpage when I click it.
why??

>and if you have a privat hack....how you turn on your hack ? you should always do the >steps you see in the tutorials,or you can save it ?

You write a program that will install a global keyboard hook to capture keystrokes ( SetWindowsHookEx (WH_KEYBOARD_LL, ...) ) then when the key you want to assign to activate the hack is pressed you open the remote process (Bf2) and write directly your mod to the remote process memory (you'll have probably to allocate memory in the remote process to duplicate code for a larger code cave to avoid PB detection).

Hi,

when i work with this tutorial, it is even PB undetected?
Or is it like that if I program sooner or later more punkbuster noticed it?

Sry my English is only for worst case :D *ger*

Hi,

when i work with this tutorial, it is even PB undetected?
Or is it like that if I program sooner or later more punkbuster noticed it?

Sry my English is only for worst case *ger*

If you make a hack following this tutorial, it is going to get detected, but that is nothing to worry about yet. Make an executable hack first which gives you the features needed, and try it out in single player thats a big accomplishment for most people. After you have completed that, to make it undetected you need to codecave.

http://www.mpcforum.com/showthread.php?t=132351
On the bottom of that link are many files, 2 of which say OLLY CODE CAVE TUT. Download the two parts and view the powerpoint. BTW you also need to know the PB scanrange. Now that PB has updated, your going to need to wait until someone posts it. It will be on the sticky PB Scan Ranges 20/02/06

I cant download any of the tuts

I cant download any of the tuts


All tuts have been re-uploaded in this thread: http://www.mpcforum.com/showthread.php?t=132351

it would help if you checked the stickies.



Since the attachments here no longer work I'm closing this thread. All files mentioned here can be found here: http://www.mpcforum.com/showthread.php?t=132351