用文件编辑器修改作弊器OFFSETS

用文件编辑器修改作弊器OFFSETS


当手中作弊器与CS版本不符无法使用时可通过修改OFFSETS来使用

First things first, You will need 3 tools to update your hacks offsets:

1) A copy of Hex Workshop v4.2x available here ( Get your own serial number ;x )
- a) Install it by using installer...
2) A copy of UPX available here
3) A list of the old and the new offsets. ( Available at the bottom of this post )

首先准备三个工具
1  一个文件编辑器，如HEX WORKSHOP或Ultra Edit均可，安装完
2 UPX脱壳机[汉化新世纪有汉化版的]
3 新旧OFFSETS的列表

So you guys know: I will be using the term's Old Offsets, and New Offsets. By old offsets I mean the ones from the June 7th, 2005 update, and for the New ones I will be using obviously the latest offsets.
此文是以3147[2005年6月7日更新]的旧版OFFSETS与发表该文时的最新OFFSETS举例

THE ACTUAL UPDATING OF OFFSET偶像EGINS FROM HERE DOWN
更改过程由此开始

1) Start by opening the upx125w.zip archive.
- a) Extract the upx.exe file into your "C:\" drive ( Without the quotes ).
- b) Goto step 2
此为UPX解压缩过程，不翻译


2) Get the .dll that you want to update and move it into your "C:\" drive ( Without the quotes ).
- a) Rename your .dll to 123.dll. ( This makes it easier later, trust me! )
- b) Goto step 3
把你想要修改的作弊器的dll放到UPX目录下即可
重命名DLL以简单的名字，主要是方便查看


3) Got Start>All Programs>Accessories>Command Prompt
- c) Type in the following: cd C:\. You'll see your CMD window now says: C:\>
- d) Type in the following: upx -d 123.dll ( In case your wondering: upx will run the .exe you placed in the C:\ drive, -d tells upx to -decompress the file called 123.dll. Simple no? )
- e) Most .dll's aren't "Compressed", so you might not need too "De-compress" them.
- f) Goto Step 4
在命令提示符下完成脱壳[我们无需如此麻烦，现在可以直接采用鼠标拖拽或右键脱壳功能了]，所以这段不翻译也罢

4) Now right click on your .dll and select Hex Edit with Hex Workshop.
- a) Once Hex Workshop opens up hit CTRL+H, you should see a "Replace" window pop up.
-b) Goto Type, and from the "drop down table" select Hex Values.
- c) Goto Step 5.
用文件编辑器打开脱壳后的dll
搜索所需数值[中文版的很简单，无需多解释]

5) Open your old offset list.
- a) Lets start with the "pEngfuncs" offset. The old offset from June 7th is: 0x1eb52b8. The latest one from August 8th is: 0x01eb72d8
- c) Now for the tricky part. When your looking for an offset inside a .dll, the Byte's are reversed. So 0x1eb52b8 would look like b8 52 eb 01 inside the .dll ( By splitting it into groups of 2 it becomes easier to distinguish between the bytes )
- d) So now, go back to your Replace window inside Hex Workshop and in the Find box put in your reversed offset WITHOUT SPACES: b852eb01
- e) Then take the newest offset, Reverse the bytes, and put it into the Replace box AGAIN without spaces: d872eb01
- f) Click Ok. You should see a long thin box that has different buttons: Find Next, Find Previous, Replace, Replace all, and Cancel. Click on replace. The edited part should turn red, which means that it has been edited!.
- g) Congratulation's. You've updated you thin box that has different buttons: Find Next, Find Previous, Replace, Replace all, and Cancel. Click on replace. The edited part should turn red, which means that it has been edited!.
- g) Congratulation's. You've updated your first offset!. Good job. Now just repeat r first offset!. Good job. Now just repeat the procedure for any other offsets your hack needs
打开旧的offset 列表
以修改pEngfuncs举例
在文件编辑器中0x1eb52b8是以b8 52 eb 01形式来显示的，所以要搜索b852eb01
将所有搜索到的结果替换为新的数值，也要将反过来，所以应改为d872eb01
一个完成，同理继续修改其他的

Note's and other things:
Most VAC Proof hacks use the pEngfuncs, pPlayermove, pEngstudio, slots, and the Retart / Slot Ptr. ( THE SLOTS OFFSET AND THE SLOT POINTER ARE TWO COMPLETELY DIFFERENT OFFSETS. DO NOT GET THEM CONFUSED OR YOUR HACK WILL NOT WORK. ) For you ECC or CN Hack users they both use the globaltime offset. ( Used for speedhack. Also known as the LTFX offset )
注意事项大部分过VAC的作弊器使用pEngfuncs, pPlayermove, pEngstudio, slots, and the Retart / Slot Ptr.这几组offset
slots offset和slot pointer是两组完全不同的offset，别将他们搞混，否则作弊器会无法运行
ECC或CN Hack 同时还使用了globaltime offset[用于加速，也就是LTFX offset]


Most Cheat server cheats use the pEngfuncs, pPlayermove, pEngstudio, slots, and the Sound_byte offset ( Used for the ownage sound ESP ;x )
一般的作弊器使用pEngfuncs, pPlayermove, pEngstudio, slots, and the Sound_byte offset 这几组
sound_byte offset用于sound ESP

I hope this helps the people out there that have to wait everytime Valve decides to update ( Mean bastards! )
这段没什么好翻的，写文章的用途

Old Offsets:
以下是文中提到的3147的offset
code:

December 7th, 2005
pEngFuncs: 0x01e89298
pEngStudi 0x01ea50b8
pPlayermove: 0x2dc740
pEventApi: 0x1e937e8
Slots: 0x01e894a8
Slots FX Ptr: 0x01a179f0
Sound ESP: 0x1D96A60
Globaltime: 0x027da8c0
Soundbase: 0x0204c228





New Offsets:
code:
以下是文中提到的也是目前所能找到的最新的2006年3月13日的OFFSET[具体版本号忘了]

March 13th, 2006
pEngFuncs: 0x1E882A8
pEngStudi 0x1EA41C8
pPlayerMove: 0x2D2B8E0
LTFX Slots: 0x1E884B8
Slot FX Pointer: 0x1A179F0
Sound ESP: 0x1D96B60
Sound Base: 0x204B3C0
Globaltime: 0x27D9A60


This may NOT appear anywhere else with out explicit WRITTEN permission from [-RxP-]Illusi0nZ A.K.A. FX-Illusi0nZ.
(C)2005 FX-Illusi0nZ