[Help] To freeze/nop value (hunger value of character) - Robin Hood - Sherwood Builders

Anything Cheat Engine related, bugs, suggestions, helping others, etc..
Post Reply
mohanhegde
Noobzor
Noobzor
Posts: 11
Joined: Mon Dec 03, 2018 5:39 pm
Reputation: 0

[Help] To freeze/nop value (hunger value of character) - Robin Hood - Sherwood Builders

Post by mohanhegde »

Edit: I found out that "VCRUNTIME140.dll" is a common dll being used for many instrctions and OPcodes in the game. So I'm going to try follow some tutorials about backtracking and Break-and-Trace to find out the particular instruction which only deals with the hunger value.

Edit2:
Couldn't figure it out. Could someone please help me with doing this properly as I'm stuck after the Break And Trace for RAX. Below are the screenshots and values of the registers for reference:
RobinHood_BreakAndTrace.rar
(407.63 KiB) Downloaded 62 times
I followed this YouTube tutorial related to another game using the same VCRUNTIME140.dll and many instructions going through 1 OpCode - [Link]

I'm finding it difficult since the RDX address is being accessed by literally 100s of other OpCodes. So I'm stuck there and not able to proceed further. Any help is really helpful and appreciated.

Thanks.


References if someone else is still interested for any game which uses "VCRUNTIME140.dll" Hi guys, I need help in moving a float value into [rax] in the code below.

My AOB script looks like below:

Code: Select all

[ENABLE]

aobscanmodule(INJECT,VCRUNTIME140.dll,8B 0A 89 08 C3 90 49 83 F8 20 77 17 F3 0F 6F 0A F3 42 0F 6F 54 02 F0 F3 0F 7F 09 F3 42 0F 7F 54 01 F0 C3 48 3B D1 73 0E 4E 8D 0C 02 49 3B C9 0F 82 41 04 00 00 90 83 3D D1 4B 01 00 03 0F 82 E3 02 00 00 49 81 F8 00 20 00 00 76 16 49 81 F8 00 00 18 00 77 0D F6 05 56 4F 01 00 02 0F 85 64 FE FF FF C5 FE 6F 02 C4 A1 7E 6F 6C 02 E0 49 81 F8 00 01 00 00 0F 86 C4 00 00 00 4C 8B C9 49 83 E1 1F 49 83 E9 20 49 2B C9 49 2B D1 4D 03 C1 49 81 F8 00 01 00 00 0F 86 A3 00 00 00 49 81 F8 00 00 18 00 0F 87 3E 01 00 00 66 66 66 66 66 66 0F 1F 84 00 00 00 00 00) // should be unique
alloc(newmem,$1000,"VCRUNTIME140.dll"+140A)

label(code)
label(return)

newmem:

code:
  mov ecx,[rdx]
  mov [rax],ecx
  ret 
  jmp return

INJECT:
  jmp newmem
return:
registersymbol(INJECT)

[DISABLE]

INJECT:
  db 8B 0A 89 08 C3

unregistersymbol(INJECT)
dealloc(newmem)
So far I've tried the following but not successful.

Code: Select all

mov ecx,(float)100

Code: Select all

push ebx
mov ebx,(float)100
mov [rax],ebx

Code: Select all

mov [rax],(float)100
When I try any of these the game crashes. Am I doing it wrong? Or is this particular game programmed in a different way that it cannot be modified using simple AOB injections?
any suggestions, feedback and help is appreciated. Thanks.

I also put a Cheat Table request post, in case someone wants to post there - viewtopic.php?f=2&t=17491&p=212158#p212158

Thanks
Last edited by mohanhegde on Wed Sep 22, 2021 9:30 am, edited 2 times in total.

Frouk
Expert Cheater
Expert Cheater
Posts: 84
Joined: Wed Jun 30, 2021 10:21 am
Reputation: 14

Re: [Help] To freeze/nop value (hunger value of character) - Robin Hood - Sherwood Builders

Post by Frouk »

Are you sure that VCRUNTIME140.dll is right dll file to find hunger?

mohanhegde
Noobzor
Noobzor
Posts: 11
Joined: Mon Dec 03, 2018 5:39 pm
Reputation: 0

Re: [Help] To freeze/nop value (hunger value of character) - Robin Hood - Sherwood Builders

Post by mohanhegde »

Frouk wrote:
Mon Sep 20, 2021 5:17 pm
Are you sure that VCRUNTIME140.dll is right dll file to find hunger?
Hi, yes I'm sure VCRuntime140.dll is the right assembly, because when I did "Find what writes to this address" to the hunger value and then disassemble this memory region, it points to the line with VCRuntime140+ line.

Should I use a different debugging option from Cheat engine debugger settings or something?

GreenHouse
Expert Cheater
Expert Cheater
Posts: 857
Joined: Fri Oct 12, 2018 10:25 pm
Reputation: 889

Re: [Help] To freeze/nop value (hunger value of character) - Robin Hood - Sherwood Builders

Post by GreenHouse »

You shouldn't ever use "VCRUNTIME140.dll". Lots of other things will get written by the same instructions. So you need to find some other way to get to that address, but never change an instruction in that DLL.
Maybe do a Break&Trace in there, and change the breaking condition to your address. If RAX has your address, then set the start condition to "RAX == 0xADDRESS". Change ADDRESS to the address being written in there.
That way you should see functions that came before that one, and see if any of those is useful. Like there could be one that is the one writting the hunger, which calls VCRUNTIME140 to do it.

mohanhegde
Noobzor
Noobzor
Posts: 11
Joined: Mon Dec 03, 2018 5:39 pm
Reputation: 0

Re: [Help] To freeze/nop value (hunger value of character) - Robin Hood - Sherwood Builders

Post by mohanhegde »

GreenHouse wrote:
Tue Sep 21, 2021 7:11 am
You shouldn't ever use "VCRUNTIME140.dll". Lots of other things will get written by the same instructions. So you need to find some other way to get to that address, but never change an instruction in that DLL.
Maybe do a Break&Trace in there, and change the breaking condition to your address. If RAX has your address, then set the start condition to "RAX == 0xADDRESS". Change ADDRESS to the address being written in there.
That way you should see functions that came before that one, and see if any of those is useful. Like there could be one that is the one writting the hunger, which calls VCRUNTIME140 to do it.
Hi Could you please help me with doing this properly as I'm stuck after the Break And Trace for RAX. Below are the screenshots and values of the registers for reference:
RobinHood_BreakAndTrace.rar
(407.63 KiB) Downloaded 53 times
I followed this YouTube tutorial related to another game using the same VCRUNTIME140.dll and many instructions going through 1 OpCode - [Link]

I'm finding it difficult since the RDX address is being accessed by literally 100s of other OpCodes. So I'm stuck there and not able to proceed further. Any help is really helpful and appreciated.

Thanks.

Post Reply

Who is online

Users browsing this forum: No registered users