Trouble with making unlimited ammo (encrypted values)

[marek1957]

Hello guys!
I have a problem, can you help me?

I am trying to hack Sniper Fury game, exactly ammunition. I know already that value of ammunition is encrypted, but I found two addresses that contains encrypted value of ammunition. Now is my first question:

1. Why I must freeze two addresses (Double and 8-Bytes) to have unlimited ammo? If I freeze only one address (no matter which of these two) ammo ends. I must have these two addresses freeze to have unlimited ammo.

On the next images you can see "what is writting to these addresses" and "what is accessing these addresses".

My last question:

2. How can I write a script for unlimited ammo for this game?

I need help so much. I was trying also dissect structures but I am not good of this

[SunBeam]

Which game are you trying to hack again? Cuz that's not what this: [Link] tells me. As for your encryption issue, make sure the underlying code is actually the game's code and not a VM interpreter for Windows Store games.

[marek1957]

This is Sniper Fury game for Windows from Windows Store.

[marek1957]

[marek1957]

Which game are you trying to hack again? Cuz that's not what this: [Link] tells me. As for your encryption issue, make sure the underlying code is actually the game's code and not a VM interpreter for Windows Store games.

This is 100% game code. So what to do bro?

[marek1957]

Ok people, I watched a lot tutorials from youtube from Chris Fayte and Chapman and I already did a 100% working script for unlimited ammo

This is the script:

Code: Select all

[ENABLE]
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
newmem:
originalcode:
jmp FutureWar_W8.Windows.exe+32F76E
mov eax,[FutureWar_W8.Windows.exe+13AA478]
exit:
jmp returnhere
"FutureWar_W8.Windows.exe"+32F716:
jmp newmem
nop
nop
returnhere:
[DISABLE]
dealloc(newmem)
"FutureWar_W8.Windows.exe"+32F716:
jne FutureWar_W8.Windows.exe+32F76E
mov eax,[FutureWar_W8.Windows.exe+13AA478]