Notes: v3.1

[charlie]

CODE 

speed trap
----------
00462188  |. 8B8D 98980600            mov    ecx, dword ptr [ebp+69898]

00462188    E9 D6280000              jmp    HelFart.00464A63
0046218D    90                      nop


no cast delay
-------------
00464921  . 8D5424 3C                lea    edx, dword ptr [esp+3C]
00464925  . 8D8D E0D30600            lea    ecx, dword ptr [ebp+6D3E0]
0046492B  . 52                      push    edx
0046492C  . C74424 40 00000000      mov    dword ptr [esp+40], 0
00464934  . E8 B7B90300              call    HelFart.004A02F0
00464939  . FF15 64124B00            call    dword ptr [<&WINMM.timeGetTime>]              ;  WINMM.timeGetTime
0046493F  . 8985 74D30600            mov    dword ptr [ebp+6D374], eax

00464921    EB 22                    jmp    short HelFart.00464945
00464923    90                      nop
00464924    90                      nop


magic pause
-----------
.text:00462765                push    eax
.text:00462766                mov    [esp+0F4h+var_D8], esi
.text:0046276A                call    sub_4A02F0
.text:0046276F                call    timeGetTime    ; Get system time, in milliseconds

00462765  . 50                      push    eax
00462766  . 897424 1C                mov    dword ptr [esp+1C], esi

00462765    -E9 36EB1900              jmp    HelFart.006012A0

006012A0  50                        push    eax
006012A1  C74424 1C 01000000        mov    dword ptr [esp+1C], 1
006012A9  -E9 BC14E6FF                jmp    HelFart.0046276A


P2P
---
004552D4  |> 56                      push    esi                                            ;  Case B75 of switch 00451C87
004552D4    EB 06                    jmp    short HelFart.004552DC                        ;  Case B75 of switch 00451C87
004552D6    90                      nop

0040608B  |. 8B95 A4DC0600            mov    edx, dword ptr [ebp+6DCA4]
0040608B    -E9 10B11F00              jmp    HelFart.006011A0
00406090    90                      nop

006011A0  83BD C4D80600 01          cmp    dword ptr [ebp+6D8C4], 1
006011A7  75 10                      jnz    short HelFart.006011B9
006011A9  83BD BCD80600 00          cmp    dword ptr [ebp+6D8BC], 0
006011B0  75 07                      jnz    short HelFart.006011B9
006011B2  BA 00000000                mov    edx, 0
006011B7  EB 06                      jmp    short HelFart.006011BF
006011B9  8B95 A4DC0600              mov    edx, dword ptr [ebp+6DCA4]
006011BF  -E9 CD4EE0FF                jmp    HelFart.00406091




This is the notes for the hack I done for v3.1. I'm using unpacked exe with a new section injected at offset 0x600000 (I need the extra section for the extra features etc). You don't need to inject additional section if you don't want to. You can modify the code at 601xxx/602xxx into 400xxx. Use ollydbg to reassemble the code. In my notes the first part of code is usually the original code & below it is the modified code.

My p2p hack is activated only when you press/hold shift (control key must be released) when login in. It is so that I can choose to login with or without p2p.

[binarydata]

ok i have given up on trying to add that stuff, its confusing

[shandriz]

ok i have given up on trying to add that stuff, its confusing

agreed

[ghostspider]

theres the tutorial you needed. umm, he did the same things that I did for the p2p hack (except that shift thing, too lazy to do such )
And if not lazy, I cant do anything with my server running. all those a-hole players complained to me about the server being down the day before yesterday, when I tried some hacking.
Anyways, I'm bored in endless hbhacking. it kind of does not give any new challanges anymore, its just repeating itself all the time, making the old hacks to new version... (exspecially cuz I cant play).
I'll be trying to learn some bot making and packet editing off some simple onlinegame - If I get the change of moving my hbserver to my friends machine for a week or something. lately I've been tired and pissed off methinks its because I havent had beer for a long time! and I think I'm getting flue
but but, HB is good game to start, the advanced gamehacking stuff, because many people have hacked it and its an easy game to take examples from and make tutorials.
I still think the best tutorials for starting gamehacking are found at:

<a href='http://www.s-i-n.com/chaos' target='_blank'>http://www.s-i-n.com/chaos</a>
^chaos^ has collected all the old tutorials to one site so you dont have to surf all around the net (helped him and same time the hbbuddy came out I released my first public helbreath hack, while I was practicing hackmaking in asm)

also, my friend, ddh's site <a href='http://digigaldh.net' target='_blank'>http://digigaldh.net</a>
has many good links to cracking / hacking / coding sites

I'm writing this because, as you've noticed from my faq at the helbreath hacks section, I'm poor at english and I'm not a good teacher, and those tutorials are really good, exspecially sheep's

--all you need is a bit common sense and trying look at me, I'm not the smartest person and I can do alot of stuff if I put my head on it.

--that sounded gay

[charlie]

how do you add offsets in ollydbg?

[huhuhaha]

If you mean goto offset the its CTRL-G.