How I'm Getting Started with CE, RE, asm, and Game "Hacking"

[satandidnowrong]

This is gonna be ugly for a while until I make it pretty but my tables they be callin

if you wanna get into cheat engine- a GREAT way to get started is with diablo 2

Links

dl official blizz installers and install https://eu.battle.net/support/en/article/13867
https://download.battle.net/?platform=w ... ocale=enUS
https://download.battle.net/?platform=w ... ocale=enUS
use version changer to fix 1.14d install and set to 1.13c https://github.com/ChaosMarc/D2VersionChanger
copy d2 vanilla dir to an other dir called d2moo
use version changer to set d2moo to 1.10 and use nocd fix
download or build ghidra https://github.com/NationalSecurityAgency/ghidra
may be download or build x96dbg https://github.com/x64dbg/x64dbg
(pro move, mod d2win.dll and d2gfx.dll to not pause and minimize using):
https://d2mods.info/forum/viewtopic.php?f=8&t=67923
https://d2mods.info/forum/viewtopic.php?t=49411
download pd2 (project diablo 2) launcher and install on top of vanilla d2 dir https://projectdiablo2.com/download
download mxl (median xl sigma) launcher and install on top of vanilla d2 dir https://get.median-xl.com/
(if you need help here is a topic but make sure to be smart and don't bork) https://forum.median-xl.com/viewtopic.php?t=45891
download d2moo with visual studio 2019/2022 and cmake the exe and working directory to your d2moo folder
https://visualstudio.microsoft.com/vs/community/
https://visualstudio.microsoft.com/vs/older-downloads/
download d2se https://web.archive.org/web/2/http://d2 ... V2.2.0.exe
download paradox 0.2.7 https://archive.org/details/paradox-alpha-0.2.7
download or build cheat engine https://github.com/cheat-engine/cheat-engine
check this table out for examples https://opencheattables.com/viewtopic.php?p=2404#p2404
use this google search for code edits (add what you're looking for) https://www.google.com/search?q=site%3Ad2mods.info+code

Process Explorer with gui or ProcDump with cli dump running processes for decompile/analyze

https://www.youtube.com/@GuidedHacking
https://www.youtube.com/@ChrisFayte

https://opencheattables.com/
https://forum.cheatengine.org/
https://www.unknowncheats.me/
there is also https://fearlessrevolution.com/
please first use oct. i hope we are less jaded.

book not needed just for fun if enjoy
https://empyreal96.github.io/nt-info-de ... rt%201.pdf

[satandidnowrong]

Here are some cool troubleshoots and tips

:Importing in Ghidra, "org.jdom.IllegalDataException: The data "�" is not legal for a JDOM attribute: 0x1 is not a legal XML character.":
Import the file into a hex editor and export it. Could fix your issue!

:Ghidra decides to import every dll in the world and their 6 billion addresses and you can't get rid of them:
Right click your desired exe/dll, click "select addresses", and search for your aob or w/e.

:Ghidra does not get expected asm code and bytes, but ce/x96bg does? Static analysis not providing like the open dynamic process?:
Process Explorer with gui or ProcDump with cli, both from microsoft, can attach and dump the current running process as a dump which can be analyzed in ghidra. Be ware that the dll issue above may rear its ugly head. Thank goodness there's a fix!

:Dealing with those huge dumps is an issue for you like it is for me:
Attach a debugger to your running process, select all bytes in the module you want to play with, copy the hex instructions, paste them to a txt, use the txt2hex.py script to convert it, and import it to your favorite static disassembler/decompiler to analyze.
(in xdbg it's right click in main code panel > binary > copy [for some reason hex is called binary idk i already complained]).

:Game making your hardware run hard while you're debugging, searching, writing, and cooking?:
Breakpoint the process to pause the game and calculations to give your ears, vidcard, and cycles a break!

txt2hex.py

Code: [show] | [select all]

import sys

if len(sys.argv) < 2:
    print("Usage: python script.py <input_file>")
    sys.exit(1)

input_file_path = sys.argv[1]

output_file_path = input_file_path.replace('.txt', '.bin')

# Read text from input file
with open(input_file_path, 'r') as f:
    text = f.read()

# Convert text to hexadecimal bytes and write them to a binary file
with open(output_file_path, 'wb') as f:
    hex_chars = [char for char in text if not char.isspace()]
    hex_bytes = bytes.fromhex(''.join(hex_chars))
    f.write(hex_bytes)

print("Conversion complete. Output file saved as:", output_file_path)
input("Press enter to close...")

[satandidnowrong]

Here are some cool functions for use. Make sure to manage your stack. If a function uses a register it will destroy the current data by overwriting it.

Multiply int by float to return int

This is good for multiplying whole int values by increments like percentages.
E.g. if we want to increase exp by 10%, exp * 1.1
Cvttss2si rounds to zero, which means rounds down.
Cvtss2si rounds to nearest int.

Code: [show] | [select all]

  yourSymbol:
    dd (float)1.5

  cvtsi2ss xmm0,eax
  mulss xmm0,dword ptr [yourSymbol]
  cvtss2si eax,xmm0

Mirror dropdown option!

Just found this out by accident!
If you highlight multiple options to "Set/Change dropdown options", you will find that one is set with the options you enter, and the other has the name of the description, in parenthesis, of the drop down menu you just added options to!
So! If you want to mirror the dropdown options of one entry into an other, type its description in parenthesis in the dropdown menu!

Both will look and work like this!: