Starship Troopers: Terran Command

[Siggymas]

babygroot can you explain how did you find all the right Values ? a youtube tutorial would be nice.or do you have a youtube channel so we could learn a thiing or 2 ?
thanks

Make a tutorial to find value in this game?

fake table with no cheat options

this guy been posting at other threads like "fake table."

just wanna asked, if i turn on traits such invulnerable by freezing will it stays with the troop through the mission? will enemy also get it?

It's better every time click the unit, set "invulnerable on" without being freeze.
I suggest adding "hotkey" for invulnerable, so every click unit press hotkey to enable invulnerable.

thank you so much for the reply

How to use this cheat table?

1. Install Cheat Engine
2. Double-click the .CT file in order to open it.
3. Click the PC icon in Cheat Engine in order to select the game process.
4. Keep the list.
5. Activate the trainer options by checking boxes or setting values from 0 to 1

[mitzonghel]

babygroot can you explain how did you find all the right Values ? a youtube tutorial would be nice.or do you have a youtube channel so we could learn a thiing or 2 ?
thanks

Make a tutorial to find value in this game?

this guy been posting at other threads like "fake table."

just wanna asked, if i turn on traits such invulnerable by freezing will it stays with the troop through the mission? will enemy also get it?

It's better every time click the unit, set "invulnerable on" without being freeze.
I suggest adding "hotkey" for invulnerable, so every click unit press hotkey to enable invulnerable.

yes,please do a tutorial video for this game on how did you find the supplies/war points and fog of war shadow values....i searched for lots of types and values and couldn't find it....also do you have a real fast pc ?
thanks

I don't know how he found the fog of war, but at least I can help you out with some info on the supplies and war support. Sometimes these are not calculated as "how many are left", but "how many have been used". For example, when you have 10/10 Supply, the value you are looking for is 0 because 0 have been used. If your supply is 8/10, you want to search for 2 because 2 supply has been used. You apply the same logic for both of them and in this case, it's 4byte. The same logic applies for They are Billions on missions where you have to defend one single point in the middle of the map and use "supplies" to spawn units/defences before you start the raid.

Hope this helps.

[realmanX]

Make a tutorial to find value in this game?



It's better every time click the unit, set "invulnerable on" without being freeze.
I suggest adding "hotkey" for invulnerable, so every click unit press hotkey to enable invulnerable.

yes,please do a tutorial video for this game on how did you find the supplies/war points and fog of war shadow values....i searched for lots of types and values and couldn't find it....also do you have a real fast pc ?
thanks

I don't know how he found the fog of war, but at least I can help you out with some info on the supplies and war support. Sometimes these are not calculated as "how many are left", but "how many have been used". For example, when you have 10/10 Supply, the value you are looking for is 0 because 0 have been used. If your supply is 8/10, you want to search for 2 because 2 supply has been used. You apply the same logic for both of them and in this case, it's 4byte. The same logic applies for They are Billions on missions where you have to defend one single point in the middle of the map and use "supplies" to spawn units/defences before you start the raid.

Hope this helps.

thanks man, what about the war points ? 4/4 points....searched on 4bytes/floats/2bytes/double..........etc...nothing
what about the cooldown ability of building turrets ? the loading bar while building turret i searched float/4bytes/2bytes/ALL/double....etc not found


how to find cool down value of turret building ?
thanks

[Allen1013]

So is war support named differently in this table? or is that not an option. I see supplies but when I change it, it just reverts back.

Found it, thanks for the table. But why isnt it named war support?

[BabyGroot]

So is war support named differently in this table? or is that not an option. I see supplies but when I change it, it just reverts back.

freeze value sir

[SunBeam]

yes,please do a tutorial video for this game on how did you find the supplies/war points and fog of war shadow values....i searched for lots of types and values and couldn't find it....also do you have a real fast pc ?
thanks

thanks man, what about the war points ? 4/4 points....searched on 4bytes/floats/2bytes/double..........etc...nothing
what about the cooldown ability of building turrets ? the loading bar while building turret i searched float/4bytes/2bytes/ALL/double....etc not found

Not everything in game-hacking is "search a value you see on screen" or "search for unknown/increased/decreased". The whole idea behind scanning memory for values is to pin-point an address whose value then leads you, through debugging, to pieces of executable code you can manipulate. Your questions indicate you're still at the "scan memory" level and haven't done any actual debugging.

To put it simpler: Unity lets the user query the namespace functions/names and THAT is a super-simplified means to figure out the things you're asking for. I easily used Telerik JustDecompile on a Mono game's Assembly-CSharp.dll and Ctrl+F'd for various names that crossed my mind in the global namespace. The usual: god, cheat, debug, developer, build, speed, etc. Or any others that have to do with the game features.

I am using "Starship.Troopers.Terran.Command.v1.07.01.56553-GOG" for the exemplification purposes.

Note the game uses il2cpp ([Link]). So it's NOT Mono. Which means a bit of conversion is required to get a binary (DLL) you can decompile.

For that matter we'll use Il2CppDumper like I described here: viewtopic.php?p=252050#p252050.

The files are to use with Il2CppDumper are:

1) G:\Games\Starship Troopers - Terran Command\GameAssembly.dll
2) G:\Games\Starship Troopers - Terran Command\Starship Troopers_Data\il2cpp_data\Metadata\global-metadata.dat

Of course, replace the directory with the one of your installation.



Once done, you can drag the resulting binary (StarshipTroopers.Core.dll -- that's the game) into JustDecompile:







From here on, you will have to STUDY the way the functions work, find their correspondent in active memory (CE helps with that) and patch out parts of those functions which help your cause. I have no tutorial for that, you will just have to EVOLVE your skills (read, learn, practice).

As you can see from above, CE isn't always the ONLY tool you can use in research.

BR,
Sun

[realmanX]

yes,please do a tutorial video for this game on how did you find the supplies/war points and fog of war shadow values....i searched for lots of types and values and couldn't find it....also do you have a real fast pc ?
thanks

thanks man, what about the war points ? 4/4 points....searched on 4bytes/floats/2bytes/double..........etc...nothing
what about the cooldown ability of building turrets ? the loading bar while building turret i searched float/4bytes/2bytes/ALL/double....etc not found

Not everything in game-hacking is "search a value you see on screen" or "search for unknown/increased/decreased". The whole idea behind scanning memory for values is to pin-point an address whose value then leads you, through debugging, to pieces of executable code you can manipulate. Your questions indicate you're still at the "scan memory" level and haven't done any actual debugging.

To put it simpler: Unity lets the user query the namespace functions/names and THAT is a super-simplified means to figure out the things you're asking for. I easily used Telerik JustDecompile on a Mono game's Assembly-CSharp.dll and Ctrl+F'd for various names that crossed my mind in the global namespace. The usual: god, cheat, debug, developer, build, speed, etc. Or any others that have to do with the game features.

I am using "Starship.Troopers.Terran.Command.v1.07.01.56553-GOG" for the exemplification purposes.

Note the game uses il2cpp ([Link]). So it's NOT Mono. Which means a bit of conversion is required to get a binary (DLL) you can decompile.

For that matter we'll use Il2CppDumper like I described here: viewtopic.php?p=252050#p252050.

The files are to use with Il2CppDumper are:

1) G:\Games\Starship Troopers - Terran Command\GameAssembly.dll
2) G:\Games\Starship Troopers - Terran Command\Starship Troopers_Data\il2cpp_data\Metadata\global-metadata.dat

Of course, replace the directory with the one of your installation.



Once done, you can drag the resulting binary (StarshipTroopers.Core.dll -- that's the game) into JustDecompile:







From here on, you will have to STUDY the way the functions work, find their correspondent in active memory (CE helps with that) and patch out parts of those functions which help your cause. I have no tutorial for that, you will just have to EVOLVE your skills (read, learn, practice).

As you can see from above, CE isn't always the ONLY tool you can use in research.

BR,
Sun

thanks for information, i used to use dnspy and ce...nice tools....but when i saw game used il2cpp i felt bad because il2cpp is little complex as it requires compiling/decompiling
i was wondering how we could find value for stuff like that ( turret cooldown/ 4/4 poiints ...floating values of health bar that got no values in any search )
but thanks for your info.

[realmanX]

how to recompile after changing values ? how to put it back in game folder as a working file / dll ?

[SunBeam]

I never recompile stuff. I use static analysis to assist the dynamic, in real time, one. You can find the functions in memory, JustDecompile tells you the offsets. So just go to $process+offset to get to the function.

[BabyGroot]

Table Update Rev4

• Debug Helper
  • Map Editor Save To Repository Folder?
    Fast Start Dev?
    Edge Scroll Disabled?
    Little Rico Cheat Enabled?
    Rico Cheat Enabled?
    Max Recent Maps Count?

[realmanX]

Table Update Rev4

• Debug Helper
  • Map Editor Save To Repository Folder?
    Fast Start Dev?
    Edge Scroll Disabled?
    Little Rico Cheat Enabled?
    Rico Cheat Enabled?
    Max Recent Maps Count?

hi,thanks ...can you explain how do you find these values ? i really want to learn more as i am unable to find other stuff like throwables and fog of war in map...etc

[realmanX]

sunbeam can you make a simple tutorial of 5 minutes on how to use justdecompile with cheat engine ?because a video tutorial is very good method to explain stuff.....so i decompiled the files and got the game dll...now how do i find the right values to war supplies/ fog of war/ turret cooldown/ sniper flare ....etc ? i mean with cheat engine how to find the address ?
thanks

[SunBeam]

sunbeam can you make a simple tutorial of 5 minutes on how to use justdecompile with cheat engine ?because a video tutorial is very good method to explain stuff.....so i decompiled the files and got the game dll...now how do i find the right values to war supplies/ fog of war/ turret cooldown/ sniper flare ....etc ? i mean with cheat engine how to find the address ?
thanks

Learn debugging first. How to trace lines of executable code, understand what the registers contain, make sense of what CALLs do, the calling convention on x64, etc. A lot of stuff you need to get accustomed with. Once you master that: use JustDecompile to Ctrl+F for get() functions. Head into CE with the game running to the offset indicated by JD and place a breakpoint there. When the game runs the get() function to retrieve a resource, you will see the "address" and "value" there, in the debugger.

For the sake of the argument, if you check the OP's table (e.g.: Debug Helper) you can see the code snippets contain WORDS. The code LITERALLY tells you what it's doing:

Code: Select all

GameAssembly.dll+59EC8B: CC              - int 3 
GameAssembly.dll+59EC8C: CC              - int 3 
GameAssembly.dll+59EC8D: CC              - int 3 
GameAssembly.dll+59EC8E: CC              - int 3 
GameAssembly.dll+59EC8F: CC              - int 3 
Modules.StarshipTroopers.Infrastructure.EditorExtensions.DebugHelpers.Cheats.get_HasCheatControlAllUnits: 48 83 EC 28     - sub rsp,28
GameAssembly.dll+59EC94: 33 C9           - xor ecx,ecx
GameAssembly.dll+59EC96: E8 65 30 17 00  - call Assets.Scripts.DebugHelpers.DebugHelper.get_Get
GameAssembly.dll+59EC9B: 48 85 C0        - test rax,rax
GameAssembly.dll+59EC9E: 74 09           - je GameAssembly.dll+59ECA9
// ---------- INJECTING HERE ----------
GameAssembly.dll+59ECA0: 0F B6 40 18     - movzx eax,byte ptr [rax+18]
// ---------- DONE INJECTING  ----------
GameAssembly.dll+59ECA4: 48 83 C4 28     - add rsp,28
GameAssembly.dll+59ECA8: C3              - ret 
GameAssembly.dll+59ECA9: E8 62 7C CF FF  - call GameAssembly.dll+296910
GameAssembly.dll+59ECAE: CC              - int 3 
GameAssembly.dll+59ECAF: CC              - int 3 
VLB_Samples.CheckIfInsideBeam.FixedUpdate: C6 41 18 00     - mov byte ptr [rcx+18],00
GameAssembly.dll+59ECB4: C3              - ret 
GameAssembly.dll+59ECB5: CC              - int 3 
GameAssembly.dll+59ECB6: CC              - int 3 
GameAssembly.dll+59ECB7: CC              - int 3 

"Modules.StarshipTroopers.Infrastructure.EditorExtensions.DebugHelpers.Cheats.get_HasCheatControlAllUnits" is the function. Inside the function there are several lines of executable code, a CALL and so on. And to make it dead simple, you see the function names in CE. Which is a HUGE leap forward, as most non-Unity games don't come with a means to see symbols.

Like I said, start reading, learning, doing more than "scan memory, find address" and you'll slowly get there. If you think me making a video will make you smart over night, you're mistaking. What happens when you move to the next game? You're gonna ask again for help or some video, right?

Cheers,
Sun

[realmanX]

hi, thanks for advice...of course 1 video will not make me super smart knowing everything ...but it helps me understand your idea ....also i done some of your instructions....downloaded jd...decompiled...searched for fogofwar....then searched in ce (binary search/decimal ) then....how do i know which value is responsible for the fog of war ?

[Link]

2 questions:

1. what offset should i choose from the search in justdecompile ?
2. how do i find the right effecting value in cheat engine after searching for the offset ?

that's why i wanted a simple video to understand the basics...as i alone canno't understand the big picture even if i wanted to i guess !?

[SunBeam]

You can also go directly to the name of the function once you've enabled Mono in CE (main CE GUI > Mono > Activate mono features). Then go to the name of the function you see in JD. Example: Memory Viewer > Ctrl+G > Modules.StarshipTroopers.Infrastructure.EditorExtensions.DebugHelpers.Cheats.get_HasCheatControlAllUnits. Then click OK.

I don't know which is responsible because, like I mentioned, you will have to do this on your own. Without me guiding you. Cheers.

Frankly, I don't know what's your obsession with this fog of war... Also don't see why you don't study the OP's cheat table; it tells you exactly what he's doing there...