Can't update old script for GHOST MODE function in ASPHALT 9: LEGENDS v1.2.4a - Please Help!
Posted: Wed Jan 23, 2019 9:13 am
Hello.
Can someone help me hack again the GHOST MODE function in ASPHALT 9: LEGENDS game in 1.2.4a version? (Windows 10 Play Store)
I can't update old script for GHOST MODE in this game, here it is old script :
How I found this function?
I was using 4-byte Search and search for 0 value when the car after crash was not cover by lights, and I was searching for 1 value when the car after crash was covered by lights - and then I was able to find one address or some addresses with the function of the GHOST MODE enabled.
Now in the newest version, I can't find it anymore - I don't know why...
But I saw and recorded a gameplay for MultiPlayer Race that someone hacked it again but now, instead of BLUE LIGHTS when the GHOST MODE is enabled, now are RED LIGHTS when GHOST MODE is enabled. Why? Please watch this video --> [Link]
GHOST MODE means you are a "ghost" to other cars and noone can knock you down.
Thank you for your help.
Best Regards.
Can someone help me hack again the GHOST MODE function in ASPHALT 9: LEGENDS game in 1.2.4a version? (Windows 10 Play Store)
I can't update old script for GHOST MODE in this game, here it is old script :
Code: Select all
[ENABLE]
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
newmem:
originalcode:
mov [edi+00002228],01
exit:
jmp returnhere
"Asphalt9_w10_x86_rtl.exe"+3040D1:
jmp newmem
nop
returnhere:
[DISABLE]
dealloc(newmem)
"Asphalt9_w10_x86_rtl.exe"+3040D1:
mov [edi+00002228],al
//Alt: db 88 87 28 22 00 00
{
// ORIGINAL CODE - INJECTION POINT: "Asphalt9_w10_x86_rtl.exe"+3040D1
"Asphalt9_w10_x86_rtl.exe"+3040B5: 75 11 - jne Asphalt9_w10_x86_rtl.exe+3040C8
"Asphalt9_w10_x86_rtl.exe"+3040B7: 8B CE - mov ecx,esi
"Asphalt9_w10_x86_rtl.exe"+3040B9: E8 61 0C D3 FF - call Asphalt9_w10_x86_rtl.exe+34D1F
"Asphalt9_w10_x86_rtl.exe"+3040BE: 80 78 05 00 - cmp byte ptr [eax+05],00
"Asphalt9_w10_x86_rtl.exe"+3040C2: 75 04 - jne Asphalt9_w10_x86_rtl.exe+3040C8
"Asphalt9_w10_x86_rtl.exe"+3040C4: 33 C0 - xor eax,eax
"Asphalt9_w10_x86_rtl.exe"+3040C6: EB 03 - jmp Asphalt9_w10_x86_rtl.exe+3040CB
"Asphalt9_w10_x86_rtl.exe"+3040C8: 33 C0 - xor eax,eax
"Asphalt9_w10_x86_rtl.exe"+3040CA: 40 - inc eax
"Asphalt9_w10_x86_rtl.exe"+3040CB: 8D B7 68 05 00 00 - lea esi,[edi+00000568]
// ---------- INJECTING HERE ----------
"Asphalt9_w10_x86_rtl.exe"+3040D1: 88 87 28 22 00 00 - mov [edi+00002228],al
// ---------- DONE INJECTING ----------
"Asphalt9_w10_x86_rtl.exe"+3040D7: 8B CE - mov ecx,esi
"Asphalt9_w10_x86_rtl.exe"+3040D9: E8 1D 55 02 00 - call Asphalt9_w10_x86_rtl.exe+3295FB
"Asphalt9_w10_x86_rtl.exe"+3040DE: 80 BF 60 05 00 00 00 - cmp byte ptr [edi+00000560],00
"Asphalt9_w10_x86_rtl.exe"+3040E5: 74 4B - je Asphalt9_w10_x86_rtl.exe+304132
"Asphalt9_w10_x86_rtl.exe"+3040E7: 8B 87 58 01 00 00 - mov eax,[edi+00000158]
"Asphalt9_w10_x86_rtl.exe"+3040ED: 8D 8F 58 01 00 00 - lea ecx,[edi+00000158]
"Asphalt9_w10_x86_rtl.exe"+3040F3: 8B 40 0C - mov eax,[eax+0C]
"Asphalt9_w10_x86_rtl.exe"+3040F6: 03 C8 - add ecx,eax
"Asphalt9_w10_x86_rtl.exe"+3040F8: 8B 01 - mov eax,[ecx]
"Asphalt9_w10_x86_rtl.exe"+3040FA: FF 50 10 - call dword ptr [eax+10]
}I was using 4-byte Search and search for 0 value when the car after crash was not cover by lights, and I was searching for 1 value when the car after crash was covered by lights - and then I was able to find one address or some addresses with the function of the GHOST MODE enabled.
Now in the newest version, I can't find it anymore - I don't know why...
But I saw and recorded a gameplay for MultiPlayer Race that someone hacked it again but now, instead of BLUE LIGHTS when the GHOST MODE is enabled, now are RED LIGHTS when GHOST MODE is enabled. Why? Please watch this video --> [Link]
GHOST MODE means you are a "ghost" to other cars and noone can knock you down.
Thank you for your help.
Best Regards.
