Swimhack

Runes of Magic/Radiant Arcana (http://www.runesofmagic.com)
Post Reply
Message
Author
AnitsNZ
Posts: 11
Joined: Sun Feb 09, 2014 8:46 pm

Swimhack

#1 Post by AnitsNZ » Sat Oct 10, 2020 4:39 am

I've been using the rock5 multihack (which was amazing) for years but it doesn't seem to be updating properly after the latest update. I still need swimhack so had to make my own. I dunno about guidelines or whatever on attaching exe files so here is the method I use. Bear in mind that I filtered pointers only several times, pretty lazy actually got down to like 600 results. I recall that it was once a simple change in value on playerstate and you were done but I am pretty drunk. Now you do that but you need to nop the call to change back and forth aswell.

nop 6 bytes here this will stop the playerchar switching between states.
Client.exe+4DAC7 - 89 83 B4000000 - mov [ebx+000000B4],eax

then and this is the sketchy part but works for me so far. The address at the end of this pointer is your playerstate. 0 is normal, 3 is swim.
client.exe(400000)+4BD98C + 204 + 5A8 + EC + 74 + B4

enjoy :)

User avatar
Administrator
Site Admin
Posts: 5306
Joined: Sat Jan 05, 2008 4:21 pm

Re: Swimhack

#2 Post by Administrator » Sun Oct 11, 2020 11:31 am

Very nice info. Thank you very much.

Were you able to get this to work as a Cheat Engine script, or did you custom-write a program to modify the memory?

AnitsNZ
Posts: 11
Joined: Sun Feb 09, 2014 8:46 pm

Re: Swimhack

#3 Post by AnitsNZ » Fri Oct 16, 2020 8:34 pm

Never done a cheat engine script before lol. Here is simple program in vb(source).

Code: Select all

Public Class Form1

     Dim toggle As Boolean = False

     Private Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click
          If toggle = False Then
               toggle = True
               writebytes(&H4DAC7, &H90, 1)
               writebytes(&H4DAC8, &H90, 1)
               writebytes(&H4DAC9, &H90, 1)
               writebytes(&H4DACA, &H90, 1)
               writebytes(&H4DACB, &H90, 1)
               writebytes(&H4DACC, &H90, 1)
               WritePointer(3, &H4BD98C, {&H204, &H5A8, &HEC, &H74, &HB4})
               Me.Text = "on"
          Else
               toggle = False
               writebytes(&H4DAC7, &H89, 1)
               writebytes(&H4DAC8, &H83, 1)
               writebytes(&H4DAC9, &HB4, 4)
               Me.Text = "off"
          End If
     End Sub
End Class

Code: Select all

Module bleh

     Private Declare Function OpenProcess Lib "kernel32" Alias "OpenProcess" (ByVal dwDesiredAccess As Integer, ByVal bInheritHandle As Integer, ByVal dwProcessId As Integer) As Integer
     Private Declare Function ReadProcessMemory Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As Integer, ByVal lpBaseAddress As Integer, ByRef lpBuffer As Integer, ByVal nSize As Integer, ByRef lpNumberOfBytesWritten As Integer) As Integer
     Private Declare Function WriteProcessMemory Lib "kernel32" Alias "WriteProcessMemory" (ByVal hProcess As Integer, ByVal lpBaseAddress As Integer, ByRef lpBuffer As Integer, ByVal nSize As Integer, ByRef lpNumberOfBytesWritten As Integer) As Integer
     Private Declare Function CloseHandle Lib "kernel32" Alias "CloseHandle" (ByVal hObject As Integer) As Integer


     Public RBuff1 As Long
     Dim baseaddr As Long = &H400000


     Public Function writebytes(ByVal Address As Integer, value As Long, bytecount As Integer)

          Dim Proc As Process() = Process.GetProcessesByName("Client")
          If Proc.Length = 0 Then
               End
          End If
          baseaddr = Proc(0).MainModule.BaseAddress.ToInt32()
          Dim processHandle As IntPtr = OpenProcess(&H1F0FFF, 0, Proc(0).Id)
          WriteProcessMemory(processHandle, baseaddr + Address, value, bytecount, Nothing)
          CloseHandle(processHandle)

          Return Nothing
     End Function

     Public Function WritePointer(ByVal Value As Long,
                                         ByVal Base As Integer,
                                         ByVal ParamArray Offsets As Short())
          Dim fullAddress As Long
          Dim Proc As Process() = Process.GetProcessesByName("Client")

          If Proc.Length = 0 Then
               Return 0
          End If
          Dim processHandle As IntPtr = OpenProcess(&H1F0FFF, 0, Proc(0).Id)
          baseaddr = Proc(0).MainModule.BaseAddress.ToInt32()
          ReadProcessMemory(processHandle, baseaddr + Base, RBuff1, 4, Nothing)

          For i = 0 To Offsets.Count - 1
               ReadProcessMemory(processHandle, fullAddress, RBuff1, 4, Nothing)
               fullAddress = RBuff1 + Offsets(i)
          Next i

          WriteProcessMemory(processHandle, fullAddress, Value, 4, Nothing)

          CloseHandle(processHandle)
     End Function

End Module

Post Reply

Who is online

Users browsing this forum: Ahrefs [Bot], Bing [Bot] and 21 guests