cool tutorial, one problem i've been having tho is figuring out how to escape the neverending loop around the end and actually getting it to continue and change value via a non call function, can somebody please explain what im doing wrong, i have went step by step through the code and found 2 calls and then i get to the part where its neverending loop, any help is appreciated
sorta forgot the reasons i commented but i'll try to bring it back, at 2:46 im confused me because i have the same ammo write address its just my offsets look more like: view angle : "ac_client.exe"+00183828+8+8ac+30+98+98+a28 health value : "ac_client.exe"+00183828+8+14+30+30+30+64+bbc but when i check the value of address = "ac_client.exe" + 00183828 + 0x38 it doesn't show a int value in memory, it's instructions also trying to find the reocil address leads to me finding a neverending loop back and fourth and when i set a breakpoint in it it doesnt change value of recoil after stepping a hundred times
@@asm_0x90 i replied but i think youtube took my comment down...i am stuck at 11:00 where your trying to find the recoil function or instruction in the huge neverending loop that wont end also my pointer addresses look like ac_client+00183828+alot of offsets soo idk if i got a proper pointer that also points to the player base
@asm_0x90 i replied but i think youtube took my comment down...i am stuck at 11:00 where your trying to find the recoil function or instruction in the huge neverending loop that wont end, im also confused about 13:00 as to why u put a breakpoint there specifically and how that gives u a recoil change
@@BZ-nb2rh @12:31 min: The JMP at address 004C2C9C jumps to the beginning of the big loop. Since you dont want to step forever through this loop it makes sense to check different jmp´s inside of the loop in order to find out what leaves the loop. @13:07 min: At address 004C2C92 there is this jge ac_client.4C2D1D command. Above you see cmp eax, dword ptr ss:[esp+64] so when eax is bigger or equal to dword [esp+64] then this jump gets triggert. So just set a breakpoint at 4C2D1D then let the code run and after the breakpoint got triggert you can keep stepping through the code. So again: You need to find a command or call that jumps out of the loop so that you can keep stepping through the code until you find the command that changes the recoil value.
Probably yes but im busy with other stuff. What you can try: Look for your player coordinates in Cheat Engine (your player model moves slightly backwards if you shoot so the game will change your player coordinates) then set a breakpoint at the beginning of the recoil function. Then shoot so that your breakpoint gets triggered. Now step through the code with the step-over function from your debugger and observe the player coordinate values in Cheat Engine. If you see that the values are changing then you are on the right track and you can think about how to prevent the game from changing the coordinates.
@@asm_0x90 ive tried to find it before myself with ammo write as starting adress. Managed to find an adress that when noped disables the whole cordinates axis and then another that just crashes when noped. Im going to try to tommorow with your method.
@@globalsilver I have taken a quick look into the problem. I havent planned to spent much time with this because im still working on other stuff. But whatever this is what I have found in this short time maybe its helpful for you: ac_client.exe+7DFEB - 75 10 - jne ac_client.exe+7DFFD
Thanks ! ❤❤
nice work keep it up 👍
underrated
good vid
Really good video! Thx!
cool tutorial, one problem i've been having tho is figuring out how to escape the neverending loop around the end and actually getting it to continue and change value via a non call function, can somebody please explain what im doing wrong, i have went step by step through the code and found 2 calls and then i get to the part where its neverending loop, any help is appreciated
In which part of the video are you stuck?
sorta forgot the reasons i commented but i'll try to bring it back, at 2:46 im confused me because i have the same ammo write address its just my offsets look more like:
view angle : "ac_client.exe"+00183828+8+8ac+30+98+98+a28
health value : "ac_client.exe"+00183828+8+14+30+30+30+64+bbc
but when i check the value of address = "ac_client.exe" + 00183828 + 0x38 it doesn't show a int value in memory, it's instructions
also trying to find the reocil address leads to me finding a neverending loop back and fourth and when i set a breakpoint in it it doesnt change value of recoil after stepping a hundred times
@@asm_0x90 i replied but i think youtube took my comment down...i am stuck at 11:00 where your trying to find the recoil function or instruction in the huge neverending loop that wont end
also my pointer addresses look like ac_client+00183828+alot of offsets soo idk if i got a proper pointer that also points to the player base
@asm_0x90 i replied but i think youtube took my comment down...i am stuck at 11:00 where your trying to find the recoil function or instruction in the huge neverending loop that wont end, im also confused about 13:00 as to why u put a breakpoint there specifically and how that gives u a recoil change
@@BZ-nb2rh
@12:31 min: The JMP at address 004C2C9C jumps to the beginning of the big loop. Since you dont want to step forever through this loop it makes sense
to check different jmp´s inside of the loop in order to find out what leaves the loop.
@13:07 min: At address 004C2C92 there is this jge ac_client.4C2D1D command. Above you see cmp eax, dword ptr ss:[esp+64] so when eax is bigger or equal
to dword [esp+64] then this jump gets triggert.
So just set a breakpoint at 4C2D1D then let the code run and after the breakpoint got triggert you can keep stepping through the code.
So again: You need to find a command or call that jumps out of the loop so that you can keep stepping through the code until you find the command that changes the recoil value.
could you do one with knockback adress?
Probably yes but im busy with other stuff. What you can try:
Look for your player coordinates in Cheat Engine (your player model moves slightly backwards if you shoot so the game will change your player coordinates) then set a breakpoint at
the beginning of the recoil function. Then shoot so that your
breakpoint gets triggered. Now step through the code with the
step-over function from your debugger and observe the player coordinate values in Cheat Engine. If you see that the values
are changing then you are on the right track and you can think about how to prevent the game from changing the coordinates.
Let me know if you dont know how to find your player coordinates then I will explain it.
@@asm_0x90 ive tried to find it before myself with ammo write as starting adress. Managed to find an adress that when noped disables the whole cordinates axis and then another that just crashes when noped. Im going to try to tommorow with your method.
@@asm_0x90 didn't have any luck finding it :(
@@globalsilver
I have taken a quick look into the problem. I havent planned to spent much time with this
because im still working on other stuff. But whatever this is what I have found in this short time maybe its helpful for you:
ac_client.exe+7DFEB - 75 10 - jne ac_client.exe+7DFFD