Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Audio address ? :o
#1
Hello
People on this forum are able to find this in ~100ms (according to http://www.theaquila.net/showthread.php?tid=2786)
I don't know how he does it D:
I was going to include some "CheatEngine library" and ask the user to press "Enter to find an unkown value" then "+ for an increased value" after some second restart the map and press "- for an deacreased value" ETC ...
then take one of the 4 address but it's sucks no ? D:
Guys can help me a little ? If you don't wanna give me all the solution only some tips ! :3
(Im currently working in C++)
Reply
#2
No cheat engine libraries were used.
xor ecx, ecx
mul ecx
push ecx
push 0x68732f2f
push 0x6e69622f
mov ebx, esp
mov al, 11
int 0x80


Reply
#3
No cheat engine libraries were used, Just use CE to find the value and look for patterns near the timing offset in memory. Also look for patterns with the address itself (does it always end with the same numbers or is it always within a certain range?) Then make your program and have it read blocks of memory between your range and see if you can match the pattern you found earlier. Then perform some forgotten black magic and you're done.

Also, I mean to start osu! search for the timing offset then restart osu! and find it again. Copy a section of memory before and after the address you want each time and compare them to find bytes that stay the same every time. Use these to create a pattern or mask for searching.
xor ecx, ecx
mul ecx
push ecx
push 0x68732f2f
push 0x6e69622f
mov ebx, esp
mov al, 11
int 0x80


Reply
#4
Black magic ? Im not a wizard ! Big Grin
I'll try it after uncompressing my LZMA stream ... Can't use lzam 'sdk' in c++/clr and can't use binary reader in c++ (i think im gonna create 2 projects ... Angry)
Edit: My brain hurt me xD Fckin c++
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Ok! I've finished to adapt all my stuff C++ to C# ... Im abled to uncompresse LZMA :p
I have to found the adresse but idk if i have same address than others players... in found this pattern "6EA4" Is that it ? I have to check this increase every ms ? Range is "6EA4" -> "6EB0" All values are same except one at "6EAC" (+4ms) ...
Ok to write,wait an read at adress but i already had "00786EA4" (my actual adress is "00326EA4") I don't really know how to navigate in address ... have to try "00006EA4" +65536? to have "00016EA4" Im doing it good sir ?
Reply
#5
sounds like you are on the right path. Good work.Just be sure when writing a program to scan memory for something if you dont have a good range or if it is a bigger range, read the memory in large chunks and scan that, reading 1000 bytes into an array and scanning that is much faster than reading 4 bytes or so at a time and having to call ReadProcessMemory 250 times.
xor ecx, ecx
mul ecx
push ecx
push 0x68732f2f
push 0x6e69622f
mov ebx, esp
mov al, 11
int 0x80


Reply
#6
Just tryied on a Friend's PC WE don't have same pattern at all im lost ^^"
But HE always have the same pattern .... Hmm è_é
Reply
#7
(06-15-2015, 07:32 AM)Shudai Wrote: Just tryied on a Friend's PC WE don't have same pattern at all im lost ^^"
But HE always have the same pattern .... Hmm è_é

It shouldnt matter what computer you use as long as you are both running the same client architecture
xor ecx, ecx
mul ecx
push ecx
push 0x68732f2f
push 0x6e69622f
mov ebx, esp
mov al, 11
int 0x80


Reply
#8
I'll try to do something... but if i can't i'll ask i friend to do it for me T-T
Oh, i have a 'quick' issue... "SetCursorPos" work only if i put my mouse outside of the osu! windows ... i got this issue with all my new programs and olders ones (they was working : https://www.youtube.com/watch?v=UzET8WjR7Zs ) (no error in GetLastError) IDK why ... Google said me privilèges stuff but even in admin it doesn't work anymore ... i've done test with "SetCursorPos" only in C++ , i'll do it in C# today but this gonna do the same shit no ? '-'
Reply
#9
Try to turn off raw input yet?
Reply
#10
Oh ? I'll try this when i'll be home but that was working before ... maybe i switched it on since this ... im dumb sometimes Big Grin
Thanks for that fast answer Tongue
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)