Tools used:
- CheatEngine (1 of my favorite old tool to hack a game)
- OllyDbg
- NO$GBA for my nds emulator
Lets keep this puzzle simple. It is mentioned that the boss hp is 9000++ which means there is probably no way to kill him unless we cheat. The following is a screenshot of the impossible boss...
Lets fire up CheatEngine... The following is a screenshot of this tool...
What this tool does is that it allows us to search for values in memory... which eventually narrow down where is the boss hp memory address. Once we know where is the address, we can easily modify it to 0 =).
We used the scan type option in the tool to narrow down addresses. Below are the steps on how we did it.
- Start Game
- find unknown initial value
- Reset Game
- shoot target
- find decreased value
- Reset Game
- find increased value
- repeat from step 3
As you can see from the above screenshot, we have narrowed down the possible hp memory address to this few addresses. Seems like address 03BC2264 is a potential candidate. Wait a minute didn't the question say that the boss hp is more than 9000... seems like it is more than 900,000! We changed the value @ the memory address to 0. Reset the game and shoot 1 round at the boss! We won the game!
But it seems like the key is incomplete/wrong... Lets fire up ollydbg to see what we can find out... since we got the memory address of the boss hp, the key should be somewhere around that memory region... true enough we found it above the boss hp!
The key is ou6UbzM8fgEjZ????cXKVN?
If you recall.... earlier we use cheatengine tool to actively fix the value @ 03BC2264 (DWORD) to be 0 and it happen that the key we wanted is overwriting/overlapping this address as well. To resolve the 0 bytes issue, disable actively fixing the value @ 03BC2264 after the game had initialized (when the boss appears on the screen). You should get the full key once the boss is dead after shooting it once.
The key is ou6UbzM8fgEjZQcRrcXKVN
Always lazing
NoirD3vil
No comments:
Post a Comment