Search site: 

| Home | PC Cheat Codes | Game Patch Updates | PC Game Trainers | PC Game Tools | Game Patch Fixes | Articles | Discussion Forums | Contact |

Trainer Tutorials

Latest Forum Discussions:

This section of the site is dedicated to Trainer Tutorials to help everyone get a better understanding of how Game Trainers are made and how they function.

Making One Sided One Hit Kills Hacks Tutorial

You can view this tutorial in its original format here
Making one sided one hit kill hacks - Register compare method
best read in 800x600 resolution
Yea I know I've been putting off a lot of gamehacking for my game, and I've been
meaning to do this tutorial for a while, but just for you guys, I'm going to take
some time off my game and write this tutorial for you. :)
Recommended for this tutorial:
A game that uses the same routine for both player and npc
Knowing how to find addresses.
Knowing how to make a general 1 hit kill hack.
Basic ASM
The problem with forcing jumps in routines is that the computer ends up getting the
same advantage, and you end up dying instantly too. One way around this is to find
the area of the function which identifies the player being killed and make it so
instant death only runs when it's not you.
Getting Started:

1. Open up your memory searcher, and find your health address.

2. Open up Softice, and set a on write breakpoint on your health address.

3. make your health decrease so you end up at the health decrementing routine.

4. Moving down the code you may notice something interesting after the health decrementing
routine, looks like cmp _____ , 0x0 and a jump after that.

5. force the jump after that to make sure it's the code to determine death.

6. If the condition of 5 is done look at the register for the area of the memory that's being
compared to 0, there's 3 possibilities: Your health pointer, a static identifier register, or
a dynamic identifier register.

7. Make the: 
cmp ___, 0
jle deathroutine 

portion of the code
to jump to a code cave, what you enter depends on the result of 6.

If it is your health pointer:

8. In the code cave make it something like this.

cmp [healthpointer], identifier register
jne deathroutine
jmp back

If it's not your health pointer:

8. Search for a pointer to the identifier.

If you can find a pointer:

8a. Make a function like this in your code cave:

cmp [identifier address], identifier
jne deathroutine
jmp back

If it's a static identifier:

If there's an unused register:

8a. Make a function like so:
mov unused register, identifier value
cmp unused register, identifier
jne deathroutine
jmp back

If there isn't an unused register:

8a. function:
push register not used in routine
mov register just pushed, identifier value
cmp unused register, identifier
jne _routine1
pop register pushed at beginning
jmp back
pop register pushed at beginning
jmp deathroutine

Special note: If you can use your health pointer in this routine, use it!!! as
Identifiers are different on different operating systems!
Shouts to:

Devious: Stonerifik, Tsongkie, Omega, Synbios, Micral, Mini^Me, brzi, Invader, Sn0w

renzo, bie, ddh, Vortexion, routine_error, [Ginger], Ultimate, Zekk

Web sites:

Feel free to tell me about corrections, or additions I should make to this tutorial.
If you find a copy of this tutorial on a site not listed above, feel free to contact
me about it, I'll take care of the rest.

Copyright (1998) 2004 - 2016 All Rights Reserved. Privacy Policy Disclaimer