360haven works best with JavaScript enabled
[HELP]Problem with Code Caving
Loading
Register
Results 1 to 2 of 2
  1. #1
    One Hit Wonder
    niko740 is offline
    Join Date : Dec 2015
    Location : 360haven
    Posts : 1
    Array

    Have a nice day [HELP]Problem with Code Caving

    Hi Guys i have problem with code caving I hope someone can help me

    Every time when I enable Ammo Cheat and I shot ammo go to Zero

    and when i enable Money Cheat money added but i cant buy weapons etc in Game



    Here the Picture
    http://www.mediafire.com/view/3qpc0k...er-image8.bmp#


    and here the code



    #include "common.h"

    bool infammo = false;
    bool HooksSet = false;
    bool maxmoney = false;


    VOID __declspec(naked) CheckAmmo(VOID) { //XPG User Engnine

    //82204810 556A0FFE srwi r10,r11,31
    //82204814 7D4A01D4 addme r10,r10
    //82204818 7D4B5838 and r11,r10,r11
    //8220481C 91630000 stw r11,0(r3)
    //82204820 5563003E rlwinm r3,r11,0,0,31

    DWORD Ptr;


    __asm {
    srwi r10,r11,31
    addme r10,r10
    and r11,r10,r11
    stw r11,0(r3)
    }


    __asm
    {
    stw r5,Ptr
    }


    if (Ptr == 0x8323E248 && infammo == TRUE) {

    INT moreammo = 100;
    __asm {
    stw moreammo,0(r3)
    }
    }

    __asm {
    lis r11,0x8220
    ori r11,r11,0x4820
    mtctr r11
    bctr
    }

    }
    VOID __declspec(naked) CheckMoney(VOID) {

    //823A9B40 1D2961B8 mulli r9,r9,25016
    //823A9B44 7D495214 add r10,r9,r10
    //823A9B48 910A5E8C stw r8,5E8Ch(r10)
    //823A9B4C 917F5E8C stw r11,5E8Ch(r31)
    //823A9B50 4800B441 bl 823B4F90

    DWORD Ptr2;


    __asm {
    mulli r9,r9,25016
    add r10,r9,r10
    stw r8,5E8Ch(r10)
    stw r11,5E8Ch(r31)
    }


    __asm
    {
    stw r3,Ptr2
    }


    if (Ptr2 == 0x000001FE && maxmoney == TRUE) {

    INT moremoney = 999999;
    __asm {
    stw moremoney,5E8Ch(r31)
    }
    }

    __asm {
    lis r11,0x823A
    ori r11,r11,0x9B50
    mtctr r11
    bctr
    }

    }

    VOID SetHooks() {

    DWORD Infammo[4];
    patchInJump( (PDWORD)Infammo, (DWORD)CheckAmmo, FALSE );
    DoCave(0x82204810, &Infammo[0], 4);
    DoCave(0x82204814, &Infammo[1], 4);
    DoCave(0x82204818, &Infammo[2], 4);
    DoCave(0x8220481C, &Infammo[3], 4);

    DWORD Maxmoney[4];
    patchInJump( (PDWORD)Maxmoney, (DWORD)CheckMoney, FALSE );
    DoCave(0x823A9B40, &Maxmoney[0], 4);
    DoCave(0x823A9B44, &Maxmoney[1], 4);
    DoCave(0x823A9B48, &Maxmoney[2], 4);
    DoCave(0x823A9B4C, &Maxmoney[3], 4);

    HooksSet = TRUE;
    }


    VOID TrainerLoaded()
    {
    PulseController();
    Notify(L"Your Trainer Has Loaded");
    bool GameReady = false;
    }


    VOID ShowTrainerMain()

    {
    Prompt = XShowMessageBoxUI(0, L"Created By YourName", L"YourGame +2 Trainer\r\n~~~~~~~~~~~~~~~~~~~~~~~~~\r\nView Available Codes: DPAD-DOWN(x4)\r\n", ARRAYSIZE(g_strButtons), g_strButtons, 0, XMB_PASSCODEMODE, &g_mb_result, &g_xol);
    if( HooksSet == false )//When you press the activate buttons (Start + dpad up) it will automatically set your cave by setting hooksSet to true which will activate the sethooks function above
    {
    SetHooks();
    }


    }


    VOID ButtonPressResult( MESSAGEBOX_RESULT g_mb_result )
    {

    if( g_mb_result.rgwPasscode[0] == DPAD_DOWN && g_mb_result.rgwPasscode[1] == DPAD_DOWN && g_mb_result.rgwPasscode[2] == DPAD_DOWN && g_mb_result.rgwPasscode[3] == DPAD_DOWN )
    {
    Sleep(500);
    //this is the page that shows all available cheats \r\n indicates create new line
    XShowMessageBoxUI(0, L"Viewing All Available Codes", L"All Cheats Dpad Up(x4)\r\nInf Health RT(x4)\r\nInf Ammo LT(x4)Hope You Enjoy\r\n~~~~~~~~~~~~~~~~~~~~~~~~~\r\nXPGamesaves. com\r\nHome To TeamXPG and 360 Revolution", ARRAYSIZE(g_strButtons), g_strButtons, 0, XMB_NOICON, &g_mb_result, &g_xol);

    memset( &g_mb_result.rgwPasscode[0], 0x00, 0x02 );
    memset( &g_mb_result.rgwPasscode[1], 0x00, 0x02 );
    memset( &g_mb_result.rgwPasscode[2], 0x00, 0x02 );
    memset( &g_mb_result.rgwPasscode[3], 0x00, 0x02 );
    Prompt = 0x9999;

    }
    if( g_mb_result.rgwPasscode[0] == LEFT_TRIGGER && g_mb_result.rgwPasscode[1] == LEFT_TRIGGER && g_mb_result.rgwPasscode[2] == LEFT_TRIGGER && g_mb_result.rgwPasscode[3] == LEFT_TRIGGER )
    {
    Sleep(500);

    if( maxmoney == TRUE )
    {
    Notify(L"maxmoney Deactivated");
    maxmoney = FALSE;
    PulseController();

    }else{

    Notify(L"maxmoney Activated");
    maxmoney = TRUE;
    PulseController();

    }

    memset( &g_mb_result.rgwPasscode[0], 0x00, 0x02 );
    memset( &g_mb_result.rgwPasscode[1], 0x00, 0x02 );
    memset( &g_mb_result.rgwPasscode[2], 0x00, 0x02 );
    memset( &g_mb_result.rgwPasscode[3], 0x00, 0x02 );
    Prompt = 0x9999;
    }
    if( g_mb_result.rgwPasscode[0] == RIGHT_TRIGGER && g_mb_result.rgwPasscode[1] == RIGHT_TRIGGER && g_mb_result.rgwPasscode[2] == RIGHT_TRIGGER && g_mb_result.rgwPasscode[3] == RIGHT_TRIGGER )
    {
    Sleep(500);

    if( infammo == TRUE )
    {
    Notify(L"Inf Health Deactivated");
    infammo = FALSE;
    PulseController();

    }else{

    Notify(L"Inf Health Activated");
    infammo = TRUE;
    PulseController();

    }

    memset( &g_mb_result.rgwPasscode[0], 0x00, 0x02 );
    memset( &g_mb_result.rgwPasscode[1], 0x00, 0x02 );
    memset( &g_mb_result.rgwPasscode[2], 0x00, 0x02 );
    memset( &g_mb_result.rgwPasscode[3], 0x00, 0x02 );
    Prompt = 0x9999;
    }

    }



    i dont really what i making Wrong


    with XYZ Trainer Engine my Code Caving Codes working great i have tested with some Games.

    but the probmlem in the XYZ Engine I dont know how added more Code Caving Codes.

    void __declspec(naked)Max_Money(){//XYZ Trainer Engine
    //823A9B40 1D2961B8 mulli r9,r9,25016
    //823A9B44 7D495214 add r10,r9,r10
    //823A9B48 910A5E8C stw r8,5E8Ch(r10)
    //823A9B4C 917F5E8C stw r11,5E8Ch(r31)
    //823A9B50 4800B441 bl 823B4F90
    DWORD IDENT,CASH;
    __asm mulli r9,r9,25016
    __asm add r10,r9,r10
    __asm stw r8,5E8Ch(r10)
    __asm stw r11,CASH
    __asm stw r3,IDENT
    if(cheat[1] && IDENT == 0x1FE )CASH=999999;//CASH
    __asm lwz r11,CASH
    __asm stw r11,5E8Ch(r31)
    __asm lis r2,0x823A
    __asm ori r2,r2,0x9B50
    __asm mtctr r2
    __asm bctr
    }

    void __declspec(naked)Inf_Ammo(){
    //82204810 556A0FFE srwi r10,r11,31
    //82204814 7D4A01D4 addme r10,r10
    //82204818 7D4B5838 and r11,r10,r11
    //8220481C 91630000 stw r11,0(r3)
    //82204820 5563003E rlwinm r3,r11,0,0,31
    DWORD IDENT,AMMO;
    __asm srwi r10,r11,31
    __asm addme r10,r10
    __asm and r11,r10,r11
    __asm stw r11,AMMO
    __asm stw r5,IDENT
    if(cheat[2] && IDENT == 0x8323E248 )AMMO=100;
    __asm lwz r11,AMMO
    __asm stw r11,0(r3)
    __asm lis r2,0x8220
    __asm ori r2,r2,0x4820
    __asm mtctr r2
    __asm bctr
    }

    static void INFloop1(){ while(true) { if (_game == ID) {

    if( cheat[1] )//Max_Money_Zombies
    if( chkmem(0x823A9B40, 0x1D2961B8))asmpatch( 2, 0x823A9B40, Max_Money );

    if( cheat[2] )//Inf_Ammo
    if( chkmem(0x82204810, 0x556A0FFE))asmpatch( 2, 0x82204810, Inf_Ammo );

    } Sleep(20); } }


    And with the XPG User Engine my code caving Codes Does not work
    properly that makes me Crasy

    can you tell me whats the problem in xpg Engine or how I can add more code in XYZ Trainer Engine Please please please :)

  2. #2
    Haven's Warrior lv10
    rghjtagpro

    boogieman is offline
    Join Date : Nov 2011
    Location : usa
    Posts : 529
    Array

    Re: [HELP]Problem with Code Caving

    here moss im not stupid i know who you are as xpg as them where and how << good luck with that lol
    dont ask any question use the xyz engine or go back to xpg because i dont like engine you have to type shit you dont need so big and confusing stupid why not just give the guy credit and simply use it as it is try to camouflage the engine like the rest of us cant tell lol

    #include "stdafx.h"
    #include "main.h"

    #ifdef D_COD_Advanced_Warfare

    CTrainer MyTrainer;
    IXYZMemory* Memory;
    IXYZMessage* Message;
    IXYZTitleInfo* TitleInfo;
    DWORD TU;

    void __cdecl main( HANDLE hInstDLL ){

    Memory = MyTrainer.GetXYZMemory();
    Message = MyTrainer.GetXYZMessage();
    TitleInfo = MyTrainer.GetTitleInfo();

    MyTrainer.Init( &MyTrainer, hInstDLL );
    MyTrainer.SetStartupMessageInfo( "AxR, PARACRYPT, MrCarpeta", "COD Advanced Warfare", "<RETROBYTE> Release Enjoy!" );
    MyTrainer.Configure( 1.6, 0x41560914 );//MediaID = 0x4FA17C64
    MyTrainer.AddCompatibleTU( 5, 5,6,7,8,9 );
    MyTrainer.SetTrainerMenu( 2, 10,10 );
    //SP CHEATS
    MyTrainer.AddCheat( L"No Reload", TOGGLE);
    MyTrainer.AddCheat( L"Inf Grenades", TOGGLE );
    MyTrainer.AddCheat( L"Inf Ammo", TOGGLE);
    MyTrainer.AddCheat( L"Inf Fuel", TOGGLE);
    MyTrainer.AddCheat( L"Upgrade Pts", TOGGLE );
    MyTrainer.AddCheat( L"God Mode", TOGGLE );
    MyTrainer.AddCheat( L"Instant Kill", TOGGLE );
    MyTrainer.AddCheat( L"Inf Exo Ability + Inf Battery", TOGGLE );
    MyTrainer.AddCheat( L"Inf Cloak", TOGGLE );
    MyTrainer.AddCheat( L"No Overheat", TOGGLE );
    //MP CHEATS
    MyTrainer.AddCheat( L"No Reload MP", TOGGLE);
    MyTrainer.AddCheat( L"Inf Grenades MP + Exo Ability", TOGGLE );
    MyTrainer.AddCheat( L"Inf Ammo MP", TOGGLE);
    MyTrainer.AddCheat( L"Super Jump MP" );
    MyTrainer.AddCheat( L"Red Boxes MP", TOGGLE );
    MyTrainer.AddCheat( L"Sprint Speed MP" );
    MyTrainer.AddCheat( L"God P1 MP", TOGGLE );
    MyTrainer.AddCheat( L"God P2 CO,OP MP", TOGGLE );
    MyTrainer.AddCheat( L"Inf Upgrade Pts MP", TOGGLE );
    MyTrainer.AddCheat( L"Max Pts Zombie MP", TOGGLE );

    }

    bool CTrainer::TrainerSearch() {

    TU = TitleInfo->GetTitleInfo().TU;

    #pragma region SP SEARCH

    if( TitleInfo->GetTitleInfo().szXexPEName == "default.pe" ){

    Sleep(5000);

    if(MyTrainer._ret[0] > 0x10000000)return true;

    // NO RELOAD
    // 82516C98 7C6B1B78 mr r11,r3 //li r11,0
    // 82516C9C 7F03E800 cmpw cr6,r3,r29
    // 82516CA0 41980008 blt cr6,82516CA8
    DWORD find[] = { 0x7C6B1B78, 0x7F03E800, 0x41980008 };
    MyTrainer._ret[0] = ( Memory->Search32( 0x82500000, 0x83DAFFFF, find, 3, 1 )) ;
    String().print( "Offset Returned 0: 0x%08X", MyTrainer._ret[0] );
    if( MyTrainer._ret[0] < 0x10000000 )return false;
    // GRENADES
    // 82517B48 809F04BC lwz r4,4BCh(r31)
    // 82517B4C 38C00001 li r6,1 mod //li r6,0
    // 82517B50 38A00000 li r5,0
    // 82517B54 7FE3FB78 mr r3,r31
    DWORD find1[] = { 0x809F04BC, 0x38C00001, 0x38A00000, 0x7FE3FB78 };
    MyTrainer._ret[1] = ( Memory->Search32( 0x82500000, 0x83DAFFFF, find1, 4, 1 )+4) ;
    String().print( "Offset Returned 1: 0x%08X", MyTrainer._ret[1] );
    if( MyTrainer._ret[1] < 0x10000000 )return false;
    // AMMO
    // 82526DB8 81630008 lwz r11,8(r3)
    // 82526DBC 7D6BEA14 add r11,r11,r29
    // 82526DC0 91630008 stw r11,8(r3)
    // 82526DC4 38210070 addi r1,r1,112
    DWORD find2[] = { 0x81630008, 0x7D6BEA14, 0x91630008, 0x38210070 };
    MyTrainer._ret[2] = ( Memory->Search32( 0x82500000, 0x83DAFFFF, find2, 4, 1 )+4) ;
    String().print( "Offset Returned 2: 0x%08X", MyTrainer._ret[2] );
    if( MyTrainer._ret[2] < 0x10000000 )return false;
    // FUEL
    // 8244AA14 E9410078 ld r10,78h(r1)
    // 8244AA18 913B000C stw r9,0Ch(r27)
    // 8244AA1C 409A000C bne cr6,8244AA28
    // 8244AA20 F94B0008 std r10,8(r11)
    DWORD find3[] = { 0xE9410078, 0x913B000C, 0x409A000C, 0xF94B0008 };
    MyTrainer._ret[3] = ( Memory->Search32( 0x82400000, 0x83DAFFFF, find3, 4, 1 )) ;
    String().print( "Offset Returned 3: 0x%08X", MyTrainer._ret[3] );
    if( MyTrainer._ret[3] < 0x10000000 )return false;
    // CAW UPGRADE PTS
    // 822576A0 81010094 lwz r8,94h(r1)
    // 822576A4 7CEA582E lwzx r7,r10,r11
    // 822576A8 7D07492E stwx r8,r7,r9
    // 822576AC 38210070 addi r1,r1,112
    DWORD find4[] = { 0x81010094, 0x7CEA582E, 0x7D07492E, 0x38210070 };
    MyTrainer._ret[4] = ( Memory->Search32( 0x82200000, 0x83DAFFFF, find4, 4, 1 )) ;
    String().print( "Offset Returned 4: 0x%08X", MyTrainer._ret[4] );
    if( MyTrainer._ret[4] < 0x10000000 )return false;
    // CAW_GOD_IKILL
    // 8235F4BC 815F0118 lwz r10,118h(r31)
    // 8235F4C0 817F015C lwz r11,15Ch(r31)
    // 8235F4C4 2B0A0000 cmplwi cr6,r10,0
    // 8235F4C8 7D7E5B78 mr r30,r11
    // 8235F4CC 419A0010 beq cr6,8235F4DC
    // 8235F4D0 894A1A40 lbz r10,1A40h(r10)
    // 8235F4D4 2B0A0000 cmplwi cr6,r10,0
    // 8235F4D8 409A000C bne cr6,8235F4E4
    // 8235F4DC 7D7D5850 subf r11,r29,r11
    // 8235F4E0 917F015C stw r11,15Ch(r31)
    DWORD find5[] = { 0x815F0118, 0x817F015C, 0x2B0A0000, 0x7D7E5B78 };
    MyTrainer._ret[5] = ( Memory->Search32( 0x82300000, 0x83DAFFFF, find5, 4, 1 )) ;
    String().print( "Offset Returned 5: 0x%08X", MyTrainer._ret[5] );
    if( MyTrainer._ret[5] < 0x10000000 )return false;
    // CAW_EXO_SHIELD
    // 82444ED8 817F0000 lwz r11,0(r31)
    // 82444EDC 815E0000 lwz r10,0(r30)
    // 82444EE0 7D2A5850 subf r9,r10,r11
    // 82444EE4 913F0000 stw r9,0(r31)
    DWORD find6[] = { 0x817F0000, 0x815E0000, 0x7D2A5850, 0x913F0000 };
    MyTrainer._ret[6] = ( Memory->Search32( 0x82400000, 0x83DAFFFF, find6, 4, 1 )) ;
    String().print( "Offset Returned 6: 0x%08X", MyTrainer._ret[6] );
    if( MyTrainer._ret[6] < 0x10000000 )return false;
    // CAW_EXO_OVERDRIVE
    // 82442058 811E0004 lwz r8,4(r30)
    // 8244205C 991F0006 stb r8,6(r31)
    // 82442060 80DE0000 lwz r6,0(r30)
    // 82442064 90DF0000 stw r6,0(r31)
    DWORD find7[] = { 0x811E0004, 0x991F0006, 0x80DE0000, 0x90DF0000 };
    MyTrainer._ret[7] = ( Memory->Search32( 0x82400000, 0x83DAFFFF, find7, 4, 1 )) ;
    String().print( "Offset Returned 7: 0x%08X", MyTrainer._ret[7] );
    if( MyTrainer._ret[7] < 0x10000000 )return false;
    // CAW_NO_OVERHEAT
    // 82518F98 ED096FFA fmadds fr8,fr9,fr31,fr13
    // 82518F9C ECFD4028 fsubs fr7,fr29,fr8
    // 82518FA0 FCC7EA2E fsel fr6,fr7,fr8,fr29
    // 82518FA4 D0DF0010 stfs fr6,10h(r31)
    DWORD find8[] = { 0xED096FFA, 0xECFD4028, 0xFCC7EA2E, 0xD0DF0010 };
    MyTrainer._ret[8] = ( Memory->Search32( 0x82400000, 0x83DAFFFF, find8, 4, 1 )) ;
    String().print( "Offset Returned 8: 0x%08X", MyTrainer._ret[8] );
    if( MyTrainer._ret[8] < 0x10000000 )return false;

    Message->BubbleMessage("SP Search complete Trainer menu is now active!");

    }

    #pragma endregion

    #pragma region MP SEARCH

    if( TitleInfo->GetTitleInfo().szXexPEName == "default_mp.pe" ){

    Sleep(5000);

    if(MyTrainer._ret[9] > 0x10000000)return true;
    // NO RELOAD MP
    // 826E408C 81630A54 lwz r11,0A54h(r3)
    // 826E4090 7F0BF000 cmpw cr6,r11,r30
    // 826E4094 41980008 blt cr6,826E409C
    DWORD find9[] = { 0x81630A54, 0x7F0BF000, 0x41980008 };
    MyTrainer._ret[9] = ( Memory->Search32( 0x82600000, 0x83DAFFFF, find9, 3, 1 )) ;
    String().print( "Offset Returned 9: 0x%08X", MyTrainer._ret[9] );
    if( MyTrainer._ret[9] < 0x10000000 )return false;
    // GRENADES MP
    // 826DB2DC 809F0570 lwz r4,570h(r31)
    // 826DB2E0 38C00001 li r6,1
    // 826DB2E4 38A00000 li r5,0
    // 826DB2E8 7FE3FB78 mr r3,r31
    ///TU7
    // 826E6534 809F0574 lwz r4,574h(r31)
    // 826E6538 38C00001 li r6,1
    // 826E653C 38A00000 li r5,0
    // 826E6540 7FE3FB78 mr r3,r31
    if(TU < 7){
    DWORD find10[] = { 0x809F0570, 0x38C00001, 0x38A00000, 0x7FE3FB78 };
    MyTrainer._ret[10] = ( Memory->Search32( 0x82600000, 0x83DAFFFF, find10, 4, 1 )+4) ;
    }
    if(TU >= 7){
    DWORD find10[] = { 0x809F0574, 0x38C00001, 0x38A00000, 0x7FE3FB78 };
    MyTrainer._ret[10] = ( Memory->Search32( 0x82600000, 0x83DAFFFF, find10, 4, 1 )+4) ;
    }
    String().print( "Offset Returned 10: 0x%08X", MyTrainer._ret[10] );
    if( MyTrainer._ret[10] < 0x10000000 )return false;
    // AMMO MP
    // 828312AC 81630008 lwz r11,8(r3)
    // 828312B0 7D5C5850 subf r10,r28,r11
    // 828312B4 91430008 stw r10,8(r3)
    // 828312B8 38210080 addi r1,r1,128
    DWORD find11[] = { 0x81630008, 0x7D5C5850, 0x91430008, 0x38210080 };
    MyTrainer._ret[11] = ( Memory->Search32( 0x82800000, 0x83DAFFFF, find11, 4, 1 )+4) ;
    String().print( "Offset Returned 11: 0x%08X", MyTrainer._ret[11] );
    if( MyTrainer._ret[11] < 0x10000000 )return false;
    // SUPER JUMP MP
    DWORD find12[] = { 0x80000000, 0xC2C80000, 0x443B8000, 0x3F266666 };
    MyTrainer._ret[12] = ( Memory->Search32( 0x82000000, 0x83DAFFFF, find12, 4, 1 )) ;
    String().print( "Offset Returned 12: 0x%08X", MyTrainer._ret[12] );
    if( MyTrainer._ret[12] < 0x10000000 )return false;
    // CAW REDBOXES MP
    // 826A4220 817D005C lwz r11,5Ch(r29)
    // 826A4224 556A06F6 rlwinm r10,r11,0,27,27
    // 826A4228 2F0A0000 cmpwi cr6,r10,0
    // 826A422C 419A001C beq cr6,826A4248 419A0004
    DWORD find13[] = { 0x817D005C, 0x556A06F6, 0x2F0A0000 };
    MyTrainer._ret[13] = ( Memory->Search32( 0x82600000, 0x83DAFFFF, find13, 3, 1 )) ;
    String().print( "Offset Returned 13: 0x%08X", MyTrainer._ret[13] );
    if( MyTrainer._ret[13] < 0x10000000 )return false;
    // SRPINT SPEED MP
    // 82062A24 C2340000 lfs fr17,0(r20)
    // 82062A28 C28C0000 lfs fr20,0(r12)
    // 82062A2C 3FB33333 addis r29,r19,13107 ; 3333h <<<
    DWORD find14[] = { 0xC2340000, 0xC28C0000 };
    MyTrainer._ret[14] = ( Memory->Search32( 0x82000000, 0x83DAFFFF, find14, 2, 1 )) ;
    String().print( "Offset Returned 14: 0x%08X", MyTrainer._ret[14] );
    if( MyTrainer._ret[14] < 0x10000000 )return false;
    // GOD IKILL PTS MP
    // 8254722C 9AE1006F stb r23,6Fh(r1)
    // 82547230 7FC8F378 mr r8,r30
    // 82547234 93410064 stw r26,64h(r1)
    // 82547238 909F01AC stw r4,1ACh(r31)
    DWORD find15[] = { 0x9AE1006F, 0x7FC8F378, 0x93410064, 0x909F01AC };
    MyTrainer._ret[15] = ( Memory->Search32( 0x82500000, 0x83DAFFFF, find15, 4, 1 )) ;
    String().print( "Offset Returned 15: 0x%08X", MyTrainer._ret[15] );
    if( MyTrainer._ret[15] < 0x10000000 )return false;
    // UPGRADES MP
    // 8247391C 5528063E clrlwi r8,r9,24
    // 82473920 991E0006 stb r8,6(r30)
    // 82473924 80FB0000 lwz r7,0(r27)
    // 82473928 90FE0000 stw r7,0(r30)
    DWORD find16[] = { 0x5528063E, 0x991E0006, 0x80FB0000, 0x90FE0000 };
    MyTrainer._ret[16] = ( Memory->Search32( 0x82400000, 0x83DAFFFF, find16, 4, 1 )) ;
    String().print( "Offset Returned 16: 0x%08X", MyTrainer._ret[16] );
    if( MyTrainer._ret[16] < 0x10000000 )return false;

    Message->BubbleMessage("MP Search complete Trainer menu is now active!");

    }

    #pragma endregion

    return true;
    }

    #pragma region SP CAVES

    ASM void CAW_FUEL_SP(){
    // 8244AA14 E9410078 ld r10,78h(r1) <<load
    // 8244AA18 913B000C stw r9,0Ch(r27)
    // 8244AA1C 409A000C bne cr6,8244AA28
    // 8244AA20 F94B0008 std r10,8(r11)
    DWORD p1,p2,p4,ret; QWORD FUEL;
    __asm ld r10,78h(r1)
    __asm stw r9,0Ch(r27)
    __asm stw r11,p1
    __asm std r10,FUEL
    __asm lwz p2,78h(r1)
    __asm stw r29,p4
    __asm bne cr6,CAW
    __asm std r10,8(r11)
    ret = MyTrainer._ret[3]+0x10;//0x8244AA24;
    __asm mtctr ret
    __asm ld r10,FUEL
    __asm lwz r11,p1
    __asm bctr
    __asm CAW:;
    if( MyTrainer.Cheat[4] && p2 > 500 && p2 < 1000 && p4 == 0xBFC2AB92 ){
    FUEL = 0x000003E800000006;
    __asm ld r10,FUEL
    __asm lwz r11,p1
    __asm std r10,0(r11)
    }
    else
    {
    __asm ld r10,FUEL
    }
    ret = MyTrainer._ret[3]+0x14;//0x8244AA28;
    __asm mtctr ret
    __asm lwz r11,p1
    __asm bctr
    p1=0;
    }

    ASM void CAW_UPGRADE_PTS_SP(){
    // 822576A0 81010094 lwz r8,94h(r1)
    // 822576A4 7CEA582E lwzx r7,r10,r11
    // 822576A8 7D07492E stwx r8,r7,r9
    // 822576AC 38210070 addi r1,r1,112
    DWORD p1,p2,ret;
    __asm lwz r8,94h(r1)
    __asm lwzx r7,r10,r11
    __asm stw r11,p1
    __asm stw r10,p2
    if( MyTrainer.Cheat[5] && p2 == 0x1C0 )
    __asm li r8,20 //UPGRADE PTS
    ret = MyTrainer._ret[4]+0x10;//0x822576B0;
    __asm mtctr ret
    __asm lwz r10,p2
    __asm lwz r11,p1
    __asm stwx r8,r7,r9
    __asm addi r1,r1,112
    __asm bctr
    p1=0;p2=0;
    }

    ASM void CAW_GOD_IKILL_SP(){
    // 8235F4BC 815F0118 lwz r10,118h(r31)
    // 8235F4C0 817F015C lwz r11,15Ch(r31)
    // 8235F4C4 2B0A0000 cmplwi cr6,r10,0
    // 8235F4C8 7D7E5B78 mr r30,r11
    // 8235F4CC 419A0010 beq cr6,8235F4DC
    // 8235F4D0 894A1A40 lbz r10,1A40h(r10)
    // 8235F4D4 2B0A0000 cmplwi cr6,r10,0
    // 8235F4D8 409A000C bne cr6,8235F4E4
    // 8235F4DC 7D7D5850 subf r11,r29,r11
    // 8235F4E0 917F015C stw r11,15Ch(r31)
    DWORD p1,p2,p3,ret;
    ret = MyTrainer._ret[5]+0x28;//0x8235F4E4;
    __asm mtctr ret
    __asm lwz r10,118h(r31)
    __asm lwz r11,15Ch(r31)
    __asm cmplwi cr6,r10,0
    __asm mr r30,r11
    __asm beq cr6,CAWGB1
    __asm lbz r10,1A40h(r10)
    __asm cmplwi cr6,r10,0
    __asm bne cr6,CAWGB2
    __asm CAWGB1:;
    __asm subf r11,r29,r11
    __asm stw r11,p1
    __asm lwz p2,13Ch(r31)
    __asm mflr p3
    if( MyTrainer.Cheat[6] ){//GOD
    if( p3 == 0x8235F3A0 || p3 == 0x8235EC88)//TU5//TU6//TU7
    __asm lwz p1,15Ch(r31)
    }
    if( MyTrainer.Cheat[7] ){//IKILL
    if( p3 == 0x8235F3E4 || p3 == 0x8235ECCC)//TU5//TU6//TU7
    __asm li p1,0
    }
    __asm lwz r11,p1
    __asm stw r11,15Ch(r31)
    __asm CAWGB2:;
    __asm bctr
    p1=0;p2=0;
    }

    ASM void CAW_EXO_SHIELD_SP(){
    // 82444ED8 817F0000 lwz r11,0(r31)
    // 82444EDC 815E0000 lwz r10,0(r30)
    // 82444EE0 7D2A5850 subf r9,r10,r11
    // 82444EE4 913F0000 stw r9,0(r31)
    DWORD p1,p2,ret;
    __asm lwz r11,0(r31)
    __asm lwz r10,0(r30)
    __asm subf r9,r10,r11
    __asm stw r31,p1
    __asm stw r9,p2
    if( MyTrainer.Cheat[8] && p1 == 0x84373604 && p2 <= 1 )
    __asm li r9,3 //BATTERY

    __asm stw r9,0(r31)
    ret = MyTrainer._ret[6]+0x10;
    __asm mtctr ret
    __asm lwz r11,0(r31)
    __asm lwz r10,0(r30)
    __asm bctr
    p1=0;p2=0;
    }

    ASM void CAW_EXO_OVERDRIVE_SP(){
    // 82442058 811E0004 lwz r8,4(r30)
    // 8244205C 991F0006 stb r8,6(r31)
    // 82442060 80DE0000 lwz r6,0(r30)
    // 82442064 90DF0000 stw r6,0(r31)
    DWORD p1,p2,p3,p4,p5,p6,ret;
    __asm lwz r8,4(r30)
    __asm stb r8,6(r31)
    __asm lwz r6,0(r30)
    __asm stw r6,0(r31)

    __asm stw r10,p1
    __asm stw r11,p2
    __asm stw r3,p3
    __asm stw r8,p4
    __asm stw r6,p5
    __asm stw r29,p6

    if( p6 == 0xBFB10EEB ){
    if( MyTrainer.Cheat[8] && p3 == 6 && p4 == 6 && p5 > 0 && p5 < 5 ){
    p5 = 5;
    __asm stw p5,0(r31)
    }}

    if( p6 == 0xBFC20096 || p6 == 0xBFC1FF68 || p6 == 0xBFC2018F ){
    if( MyTrainer.Cheat[9] && p5 > 0x20000000 && p5 < 0x3f800000 ){
    p5 = 0x3f800000;
    __asm stw p5,0(r31)
    }}

    ret = MyTrainer._ret[7]+0x10;
    __asm mtlr ret
    __asm lwz r10,p1
    __asm lwz r11,p2
    __asm blr
    p1=0;p2=0;p3=0;p4=0;
    }

    ASM void CAW_NO_OVERHEAT_SP(){
    // Cool-down breakpoint
    // 82519010 ED2A0032 fmuls fr9,fr10,fr0
    // 82519014 ED096FFC fnmsubs fr8,fr9,fr31,fr13
    // 82519018 FCE8F22E fsel fr7,fr8,fr8,fr30
    // 8251901C D0FF0010 stfs fr7,10h(r31)
    // Overheat breakpoint
    // 82518F98 ED096FFA fmadds fr8,fr9,fr31,fr13
    // 82518F9C ECFD4028 fsubs fr7,fr29,fr8
    // 82518FA0 FCC7EA2E fsel fr6,fr7,fr8,fr29
    // 82518FA4 D0DF0010 stfs fr6,10h(r31)
    float f1; DWORD ret;
    __asm fmuls fr9,fr10,fr0
    __asm fnmsubs fr8,fr9,fr31,fr13
    __asm fsel f1,fr8,fr8,fr30
    if( MyTrainer.Cheat[10] )
    f1 = NULL;
    __asm stfs f1,10h(r31)
    ret = MyTrainer._ret[8]+0x10;
    __asm mtctr ret
    __asm bctr
    }

    #pragma endregion

    #pragma region MP CAVES

    ASM void CAW_GOD_IKILL_MP(){
    // 8254722C 9AE1006F stb r23,6Fh(r1)
    // 82547230 7FC8F378 mr r8,r30
    // 82547234 93410064 stw r26,64h(r1)
    // 82547238 909F01AC stw r4,1ACh(r31)
    DWORD p1,p2,p3,p4,ret;
    __asm stb r23,6Fh(r1)
    __asm mr r8,r30
    __asm stw r26,64h(r1)
    __asm stw r11,p1

    __asm stw r1,p4
    __asm lwz p3,158h(r31)
    p4 = (p4 >> 0x18);

    if( MyTrainer.Cheat[17] && p4 == 0x30){
    if(p3 == 0x8381EF00||p3 == 0x837CB180)
    __asm li r4,64//GOD P1
    }
    if( MyTrainer.Cheat[18] && p4 == 0x30){
    if(p3 == 0x83823080||p3 == 0x837CF300)
    __asm li r4,64//GOD P2 CO,OP
    }
    ret = MyTrainer._ret[15]+0x10;
    __asm mtctr ret
    __asm lwz r11,p1
    __asm stw r4,1ACh(r31)
    __asm bctr
    p1=0;p2=0;
    }

    ASM void CAW_UPGRADE_MP(){
    // 8247391C 5528063E clrlwi r8,r9,24
    // 82473920 991E0006 stb r8,6(r30)
    // 82473924 80FB0000 lwz r7,0(r27)
    // 82473928 90FE0000 stw r7,0(r30)
    DWORD p1,p2,ret;
    __asm clrlwi r8,r9,24
    __asm stb r8,6(r30)
    __asm lwz r7,0(r27)


    __asm stw r0,p1
    __asm stw r29,p2

    if( MyTrainer.Cheat[19] && p1 == 0x824738B8 && p2 == 0xBFC3F9CA )
    __asm li r7,90//UPGRADE PTS

    if( MyTrainer.Cheat[20] && p1 == 0x82478354 && p2 == 0xBFC29866 ){// PTS ZOMBIE
    p2 = 8388607;
    __asm lwz r7,p2
    }
    ret = MyTrainer._ret[16]+0x10;//0x82526DC8;
    __asm mtctr ret
    __asm stw r7,0(r30)
    __asm bctr
    p1=0;p2=0;
    }

    #pragma endregion


    void CTrainer::Trainer() {

    #pragma region SP PATCHS

    if( TitleInfo->GetTitleInfo().szXexPEName == "default.pe" ){

    for( int x = 9; x <= 16; x++ )
    _ret[x] = NULL;

    if( _ret[0] < 0x10000000 )TrainerSearch();

    if(Cheat[1]){
    Memory->PokeC32( _ret[0], 0x7C6B1B78, 0x39600000 );
    } else {
    Memory->PokeC32( _ret[0], 0x39600000, 0x7C6B1B78 );
    }

    if(Cheat[2]){
    Memory->PokeC32( _ret[1], 0x38C00001, 0x38C00000 );
    } else {
    Memory->PokeC32( _ret[1], 0x38C00000, 0x38C00001 );
    }

    if(Cheat[3]){
    Memory->PokeC32( _ret[2], 0x7D6BEA14, 0x396003E7 );
    } else {
    Memory->PokeC32( _ret[2], 0x396003E7, 0x7D6BEA14 );
    }

    if( Cheat[4] )
    Memory->ChkAsmPatch( 2, _ret[3], 0xE9410078, CAW_FUEL_SP );

    if( Cheat[5] )
    Memory->ChkAsmPatch( 2, _ret[4], 0x81010094, CAW_UPGRADE_PTS_SP );

    if( Cheat[6] || Cheat[7] )
    Memory->ChkAsmPatch( 2, _ret[5], 0x815F0118, CAW_GOD_IKILL_SP );

    if( Cheat[8] || Cheat[9] ){
    Memory->ChkAsmPatch( 2, _ret[6], 0x817F0000, CAW_EXO_SHIELD_SP );
    Memory->ChkAsmPatchlr( 2, _ret[7], 0x811E0004, CAW_EXO_OVERDRIVE_SP );
    }

    if( Cheat[10] )
    Memory->ChkAsmPatch( 2, _ret[8], 0xED096FFA, CAW_NO_OVERHEAT_SP );

    }

    #pragma endregion

    #pragma region MP PATCHS

    if( TitleInfo->GetTitleInfo().szXexPEName == "default_mp.pe" ){

    for( int x = 0; x <= 8; x++ )
    _ret[x] = NULL;

    if( _ret[9] < 0x10000000 )TrainerSearch();

    if(Cheat[11]){
    Memory->PokeC32( _ret[9], 0x81630A54, 0x39600000 );
    } else {
    Memory->PokeC32( _ret[9], 0x39600000, 0x81630A54 );
    }

    if(Cheat[12]){
    Memory->PokeC32( _ret[10], 0x38C00001, 0x38C00000 );
    } else {
    Memory->PokeC32( _ret[10], 0x38C00000, 0x38C00001 );
    }

    if(Cheat[13]){
    Memory->PokeC32( _ret[11], 0x7D5C5850, 0x394003E7 );
    } else {
    Memory->PokeC32( _ret[11], 0x394003E7, 0x7D5C5850 );
    }

    if( Cheat[14] )
    Memory->PokeFloat( _ret[12]+0x10, fval[0] );
    else
    Memory->PokeFloat( _ret[12]+0x10, 39.0 );

    if( Cheat[15] )
    Memory->PokeC32( _ret[13]+0x0C, 0x419A001C, 0x419A0004 );
    else
    Memory->PokeC32( _ret[13]+0x0C, 0x419A0004, 0x419A001C );

    if( Cheat[16] )
    Memory->PokeFloat( _ret[14]+8, fval[1] );
    else
    Memory->PokeFloat( _ret[14]+8, 1.4 );

    if( Cheat[17] || Cheat[18] )
    Memory->ChkAsmPatch(2, _ret[15], 0x9AE1006F, CAW_GOD_IKILL_MP );

    if( Cheat[19] || Cheat[20] )
    Memory->ChkAsmPatch(2, _ret[16], 0x5528063E, CAW_UPGRADE_MP );

    }

    #pragma endregion

    }

    void CTrainer::TrainerMenuUpdate( DWORD ChosenOption ) {BCFix


    #pragma region UCC Cheat 14:( SUPER JUMP MP ) variables used:( fval_0 )

    UCCINFO UCCSjump;
    if( ChosenOption == 14 && Cheat[14] && SUCCEEDED( Message->StartUCC( &UCCSjump, L"\n.::Enter a value for Super Jump Cheat between (39) & (1500), Default jump = (39)::." ) ) )
    if( UCCSjump.fValue >= 39.0 && UCCSjump.fValue <= 1500.0 )
    fval[0] = UCCSjump.fValue;
    else
    fval[0] = 500.0;

    #pragma endregion


    #pragma region UCC Cheat 16:( SPRINT SPEED MP ) variables used:( fval_1 )

    UCCINFO UCCSprint;
    if( ChosenOption == 16 && Cheat[16] && SUCCEEDED( Message->StartUCC( &UCCSprint, L"\n.::Enter a value for Sprint Speed Cheat between (2) & (10)::." ) ) )
    if( UCCSprint.fValue >= 2.0 && UCCSprint.fValue <= 10.0 )
    fval[1] = UCCSprint.fValue;
    else
    fval[1] = 5.0;

    #pragma endregion

    if( ChosenOption == 555 ){
    fval[0] = 500.0;
    fval[1] = 5.0;
    }


    }

    BOOL APIENTRY DllMain( HANDLE hInstDLL, DWORD Creason, LPVOID lpReserved ) { if( Creason == DLL_PROCESS_ATTACH )main( hInstDLL ); return TRUE; }
    #endif
    Downloads : 41 || Uploads : 2 || Rep Power : 5630 || Posts : 529 || Thanks : 252 || Thanked 691 Times in 148 Posts



  3. The Following User Says Thank You to boogieman For This Useful Post:


 

 

Similar Threads

  1. i have a problem that maybe someone can help me with
    By matthewjohn in forum Xbox 360 Modding Discussion
    Replies: 8
    Last Post: 01-01-2014, 09:23 PM
  2. [YouTube] I Said Do We Have A Problem?
    By Sephiroth in forum Youtube Famous
    Replies: 4
    Last Post: 12-29-2013, 10:01 PM
  3. d3 problem
    By Maytag in forum Help & Support
    Replies: 2
    Last Post: 10-27-2013, 05:44 PM
  4. Replies: 5
    Last Post: 10-05-2012, 06:16 PM

Visitors found this page by searching for:

Nobody landed on this page from a search engine, yet!

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

About 360haven

    360haven is an Forum Devoted To Game modding Fans from all over the world.

    An Awesome Community of Xbox 360 Gamers, Modders and Developers who Create & Share Tutorials, Applications, Gfx, Trainers and Gamesaves.

    A haven for the l33t.
    A scarce paradise for modders.

★★★★★¯\_(ツ)_/¯