[mdk]

Quote Originally Posted by DragonHunt

Sure it does not work... Read man READ lol

The goal is to get some source code from the program or atleast try to get the source code and some addresses

Ok, understood.

Values are:

Code:

Infinity Ammo
Address: 0x1012E4C5  
Bytes patched: 90 90 90 (3xNOP)
Bytes original: 89 4A 20 (MOV DWORD PTR DS:[EDX+20],ECX)

Code:

Infinity Health Injections
Address: 0x1014453A 
Bytes patched: 90 90 90 (3xNOP)
Bytes original: 89 71 14 (MOV DWORD PTR DS:[ECX+14],ESI)

Code:

Infinity Grenades / Molotov cocktails 
Address: 0x10148B2B 
Bytes patched: 90 90 90 (3xNOP)
Bytes original: 89 4A 7C (MOV DWORD PTR DS:[EDX+7C],ECX)

Code:

Everything for free
Address: 0x10655CB1 
Bytes patched: 90 90 90 (3xNOP)
Bytes original: 89 43 10 (MOV DWORD PTR DS:[EBX+10],EAX)

Because i don't have a copy of FarCry2 i wrote a little app with the name FarCry2.exe to have something for the trainer as a target. Then I wrote an assembly named MultiHax.dll with following source:

Code:

public class l
{
  public l()
  {
    MessageBox.Show("ctor");
  }

  public void a(string a, int b, byte[] c)
  {
    string s;

    s = a;

    s += Environment.NewLine + b.ToString("X") + Environment.NewLine;

    foreach (Byte byt in c)
    {
      s += byt.ToString("X2") + " ";
    }

    MessageBox.Show(s);
  }
}

Now the addresses were displayed with the corresponding bytes to write. At least I think this is the purpose. Now the trainer "works"

The MultiHax.dll exposes a class named "l" as seen here (Reflected source of Trainer):

Code:

.field private class [MultiHax]l m

Now the only other method I found that is called is:

Code:

L_00ee: callvirt instance void [MultiHax]l::a(string, int32, uint8[])

Source code is not really readable because of obfuscation. But a short description: The trainer checks with a timer if it finds the process "FarCry2". If it does the options will be unlocked. Now whenever you check/uncheck the options the method "a" in the class "l" of the assembly "MultiHax" is called with "FarCry2", <Address to write to> and the <Bytes to write>.

If you want to have a fully working trainer just write the real code needed for writing into the memory of the FarCry2-process into the "a"-method.

The trainer now also runs in WinXP 64 and Windows 7.

	Trainer A trainer is a program written to intercept and alter the memory addresses of a game. Trainers usually have to be running in memory the entire time the game is loaded. Since trainers address specific memory locations, they usually only support a specific version of a game. This file is not supported in multiplayer or online games.