[Cilis]

If anyone wants me to remove this info because it compromises their game, I will. I'm providing it for the sake of players having to start over with each revision of a game, and so that beta testers can go through the content easily.

Download cheat engine from cheatengine.org
Install it.
Run the program while the game is on.

1.) While game and cheat engine are running, Click the computer icon at the top left.
2.) Find the name of the game and click okay.
3.) Pick a value you want to freeze (Money, health, mana)
4.) Use RPG maker's encryption, which is the (Value*2)+1=Value to search for.
5.) In this example, I picked money. I had 2000 credits. I do an exact search new scan in 8 byte mode for 4001 (type in the amount and check hex to convert to hex) {Secondary note, sometimes you'll have to click first scan twice to get a result list.}
6.) I spend gold in game, I now have 1500 credits in game, I scan for 3001. (same thing here, convert to hex. Just use next scan instead of first)
7.) I select all the addresses that remain and click the red arrow to put them in the bottom window
8.) I click freeze.
9.) Now my money is unlimited. below that number.
10) I can raise the total I have as well, you just have to know the hex for the amount you want.


You can use this to get frozen health / mana / gold to speed through games. You can also do memory caller lookup, but you can learn how this works on your own through tutorials on google, basically you can find out what functions call to check if you're dead and block them while cheat engine is running, thus your health can change but you wont die.

You can also use this to figure out what flags a level up and raise your level, plus get all your stat increases.

Hope this helps some of you get through games at a better clip. As for games made outside of RPG maker, I'd have to play around to find out if they've got encryption like RPG maker, or if they're naked and you can just search for the raw value.

Just a little something I do, I raise my character's strength to stupid levels... effectively making for 1 hit melee kills. This helps a lot with random battles. If you do this for speed, you'll get the first attack in every case.

[haloronin]

Whisky tango foxtrot is this even for?

[John]

I say it's an attempt to get people to download viruses.

[Giantess_Sarah]

...this....this brakes my BRAIN. @_@

[Cilis]

Actually it is a way to hack any RPG maker game.

Youtube cheat engine to see the details if you don't believe me. It functions by scanning the memory for numbers you import,or looking for an unknown value and telling the program to scan again looking for what changed/ dropped.

Doing this repeatedly narrows down to the value that represents HP, for example. You freeze this value so it won't be changed in the game, you can no longer die. This process can be done for any numeric value in a game.

RPG maker XP tried to protect their values by obscuring them, all values got multiplied by two, then one gets added to it.

Still, once you figure this out, you know to look for 601 credits, health or whatever else, instead of 300.

Understand?

[WHTB]

RPG maker XP tried to protect their values by obscuring them, all values got multiplied by two, then one gets added to it.

I have a feeling this has much more to do with developing a platform-independent way of representing signed integers than protecting anything. Consider the fact that RPG Maker has appeared in various ways across vastly different handheld and console platforms in the past, and the fact that the process of going from a normal unsigned integer to one of these numbers simply involves left-shifting one binary position and adding the bit that I assume represents the sign.

You freeze this value so it won't be changed in the game, you can no longer die. This process can be done for any numeric value in a game.

Which works up until the game deallocates that area and puts something else in there that may not even be gameplay related at all, causing the whole thing to crash or, at best, act erratically. Modifying the memory of a running application without precise knowledge of its internals is pretty risky.

Granted, some values, such as the player's health, are unlikely to be replaced by other things in a single game session, things related to more dynamic objects should probably not be meddled with.

[Cilis]

Somewhat true...

I've been playing many japanese normal and H based RPGmaker games. I've yet to experience a crash from using this method of freezing health. A more solid way to do it is you can scan the game's memory for all the flags which call or hook into the health value once you find it, which do not change.

You can then tell cheat engine to make a patch/trainer that uses these hooks to find out what they memory value is regardless of it shifting about.

I'm just not about to make patches for every game, without permission, that the vore RPG game makers produce here. You do have to find the health, money or stat value fresh with each load of the game, this is true, but I've never "lost" the value, had it shift or had the game crash as a result, and I've monkied with a solid dozen by now.

In fact I can find most any value I want in about 3 scans, usually it only takes 2. Since it is near instant, well, it isn't exactly anything too hard for anyone to do once they know the steps.

As far as risk, it's contained to the game, and having the game crash is no big loss.

Normally what I do is alter stats, make my strength/speed stupidly high, save, then I unfreeze the values and reload. All the risk is gone from then on... just don't do something stupid like make it 999 so leveling up makes the game unstable, if you somehow get close to that, just load the engine back up, lower your stat, save, reload and play as normal.

[oldman40k2003]

... things related to more dynamic objects should probably not be meddled with.

Where's your sense of adventure?

[WHTB]

... things related to more dynamic objects should probably not be meddled with.

Where's your sense of adventure?

Oh, it's overflowing, I assure you.




Much like my stack.

[dokudoku]

For the sake of going through revisions and beta testers, the concept of a cheat engine works quite well. However, my fear is someone will use the cheats even when he/she has not even begun the game and will try to get straight to the vore. This is fine and all, but it sometimes lowers the appreciation for the game and its creator which might lower the game play value. So naturally, I have mixed feelings about it.
In any case the cheat engine looks a little complicated to first grasp anyway, so hopefully that will hinder the people who have no patients from using it.

[Cilis]

For the sake of going through revisions and beta testers, the concept of a cheat engine works quite well. However, my fear is someone will use the cheats even when he/she has not even begun the game and will try to get straight to the vore. This is fine and all, but it sometimes lowers the appreciation for the game and its creator which might lower the game play value. So naturally, I have mixed feelings about it.
In any case the cheat engine looks a little complicated to first grasp anyway, so hopefully that will hinder the people who have no patients from using it.

Thats basically how I see it. The... twitchy? types would not take the time to figure it out completely even with most of the instructions handed to them.

I had said that if someone who makes the games on this board gave me a request to remove this information, that I'd do it.

[ryanshowseason3]

... things related to more dynamic objects should probably not be meddled with.

Where's your sense of adventure?

Oh, it's overflowing, I assure you.




Much like my stack.

I am quite enjoying the level of programming tech talk here. Had no idea we had so many programmers on the portal. And i believe its the buffer you'll want to be overflowing so as to rewrite OS privileges data.

[WHTB]

I am quite enjoying the level of programming tech talk here. Had no idea we had so many programmers on the portal. And i believe its the buffer you'll want to be overflowing so as to rewrite OS privileges data.

It has nothing to do with rewriting OS privilege data. The trick is to get your own code to run as a privileged user.

As far as simply overflowing a stack goes, the last system I used the stack on explicitly had memory arranged like this...

| ... System-related crap (ROM, etc) ... | ... IO ... | RAM -> ... ... ... <- Stack |

So growing the stack too large (which would grow backwards from the end of memory) would overwrite other memory you were using. An out-of-control recursive function can also easily cause the stack to grow too large even on modern PCs (though in the worst case it'll cause the program to abort).

But anyway, overflowing a buffer is just a way to eventually overwrite other parts of the stack and do something nasty like rewrite the return pointer to point instead to your own precompiled code that you've probably inserted elsewhere into the same buffer. If you can cause a program running as a privileged user to do this (like a web server app or something) then you can essentially execute your own code with the same permissions that the running program has. One of the more useful applications of this simply involve starting a shell (with the same permissions) and giving access to it and then doing whatever from there.

My explanation is a vastly oversimplified version of it, but there's a really old article called Smashing the Stack for Fun and Profit that covers this and it's available online here: http://insecure.org/stf/smashstack.html

A lot of modern compilers have stack smashing protection features now (-fstack-protector-all parameter in GCC and /GS parameter in Visual Studio), but I'm not sure how often they're actually used.

[oldman40k2003]

... /GS parameter in Visual Studio), but I'm not sure how often they're actually used.

Five years ago, the last time I tried to write a program that used stack smashing (on itself)(just to see how hard it was), the GS flag was used by default in Visual Studio. I don't know if it's currently the default for more modern Visual Studios, but I would be very surprised if it wasn't.