Search site: 

| Home | PC Cheat Codes | Game Patch Updates | PC Game Trainers | PC Game Tools | Game Patch Fixes | Articles | Discussion Forums | Contact |

Trainer Tutorials

Latest Forum Discussions:

This section of the site is dedicated to Trainer Tutorials to help everyone get a better understanding of how Game Trainers are made and how they function.

Building your Trainer Part 2

You can view this tutorial in its original format here
Finding Values
1024 x 768 PLZ
:::::::::::::::::::::::::::::::::::::::::::::
:: GAMEHACKING TUTORIAL PART 2 ::
:: BY BLIZZARD ::
:::::::::::::::::::::::::::::::::::::::::::::

I assume you have also read part 1 of my tutorial. In the first tutorial you saw a littlewhat cheating in games actually is, and how fun it is. But you could only change 1 value.We don't want that now do we? We want to make a trainer!

Okey let's do that.In this tutorial I will teach you how to make a trainer. You will learn how to get the information for your trainer. In the next tutorial I will teach you how to actually buildyour trainer in it's physical form.

Okey let's start. You have to download a program called TSearch. It is available at:http://fly.to/mtcI will use the game Stronghold:Crusader for example.

So I start a skirmish game and look around. Let me build a Marketplace. Mmmm money is at 2000 now.So I start TSearch and press the OPEN PROCESS button on top left and select StrongholdCrusader.exe from the list.

Then I press the small button of a magnifying glass just under the OPEN PROCESS button.

I fill in 2000 and I get 97 results. Back to the game. I will buy some iron so my money is at 1775 now. In TSearch press the button RIGHT of the magnifying glass with the _ behind it.

Fill in 1775 and press OK. I get 1 result. For me the address is D5E168. For you it willbe different for sure. So we can't make a trainer for this trainer because it will be different every time you restart the game. This is called a DMA-address which means DYNAMIC ALLOCATED MEMORY ADDRESS. The address we need is the one that says to the DMA what the ammount of money is. This address will not change and is called a STATIC ADDRESS.

Remember DMA and STATIC, they are important in gamehacking!

Click on your (DMA) value 1 time and press the green + symbol a little above it. You see that it is also on the right now. Click on that 1 time and type "Marketplace Cheat" (without the ") As you will see now you changed the Description. Now you can easily see what that cheat is for. Now select that it again and press the blue smiley. As you see your line now has a smiley before it.When I go back into the game and buy something I see that it stays 1775 even if I buy orsell anything. This is actually the same as we did with Cheat 'O Matic in the first tutorial. But now you have a cheat and not a trainer yet right? Right :-)

Okey let's make a trainer. Remove the blue smiley by clicking on your line and pressingthe blue smiley with a red cross through it.On top of your screen you see Process, File, View etc press AUTOHACK and then Enable Debugger.

Again go to AUTOHACK and now select AUTOHACK WINDOW.
Another window pops up which we call the Autohack Window. Minimize it for now and rightclickon your line and select AUTOHACK (not the one on top of your screen but the one you see whenyou rightclick on your line).

Now go back into Stronghold:Crusader and buy something 1 time! Then ALT+TAB back into theAUTOHACK screen and you will see something like this:
* 40FF98: add [eax], ecx* 40FFBF: mov [ebp+0xD5A774], edx* 464FA2: mov [edi+0xD5A774], ecx

Now we are going to use what they call the TRIAL AND ERROR way of which one is the one we need. First click on the square before 40FF98 so you will see a red smiley in the square.

Go back to the game. Now buy something.
What you will see is that your iron will become 0 and your money will still decrease. So we know now that the first line (* 40FF98: add [eax], ecx) adds the iron to your stock. This can not be the good one. Remove the smiley. Now add a smiley at the second line in the AUTOHACK window, (* 40FFBF: mov [ebp+0xD5A774], edx). Again go into the game and buy something. Now you will see that nothing happend. Mmmm...Remove the red smiley before the second line and add one to the third line, (* 464FA2: mov [edi+0xD5A774], ecx). Back to the game and buy something.

As you will see your money will not be decreased anymore! NOTE: In the autohack window there might have come more options but do not use those! They came there because you placed red smilies before the first and later the second line. Don't use them.

Okey so we know now that the line:* 464FA2: mov [edi+0xD5A774], ecx is the line that we have to use. This is our STATIC ADDRESS and it will be the same everytime you, or someone else, starts the game.

But what do we do with it now? Select the * 464FA2: mov [edi+0xD5A774], ecx line and go to TMK at the top of the AUTOHACK screen and select BUTTON SCRIPT. You will see this

:::::::::::::::::::::::::::::::::::::::::::::::
Tmk button script
Copy and Past into tmk using ctrl+V
Ex: Patched script for a ON button and Unpatched script for a OFF button

Patched script:
Poke 464FA2 90 90 90 90 90 90

UnPatched script:
Poke 464FA2 89 8F 74 A7 D5 00
:::::::::::::::::::::::::::::::::::::::::::::::

Copy this into a text file because we will use it to build our final trainer!
But that in the next tutorial ;-)

:::::::::::::::::::::::::::::::::::::::::::::::
Greetings go out to all of Computer knightS (EFNET, #computerknights) especially Solata
Greetings go out to all of Extalias members especially Snok
Greetings to [Sheep] for helping me out.
Greetings to #cracking4newbies.
Greetings to #gamehacking.
Greetings for all the others. You know who you are ;-)::::::::::::::::::::::::::::::::::::::::::::

BliZZard, blizzard_1337@hotmail.com

Copyright (1998) 2004 - 2016 GamePatchPlanet.com. All Rights Reserved. Privacy Policy Disclaimer