[Trainer] Red Alert 3 1.06 zoom unlocker.

[sabba2u]

no longer a valid thing, please delete this post.

[[Psych]]

Wb ^chaos^, if it is indeed you (I have no way of telling you see )... Good work.

~Psy

	Psych Psych, is the main SuperVisor, one of the most talented dude from GH and entire web. Currently holding the Ban Machine title.

[DYCUS]

rarely i see a so clean exe , nice job

Virus Analyze

[Rado7]

fix maphack for online then you are good. hehe

[Hyperz]

Thanks for the tool bro .

[Orat]

It isn't working for me (Vista 32). I get an array out of bounds error as soon as I check the box.

Also, does this zoom unlocker fix the far clipping plane issue that prevents you from zooming out very far without culling parts of the map?

[Foen]

Hi is it possble that you explain abit more about this hax how did you find the right value ?

[Kiruku]

Quote Originally Posted by Foen

Hi is it possble that you explain abit more about this hax how did you find the right value ?

unknown initial search, zoom out -> increased, zoom in -> decreased, do like 1000 searches, get one of the 7648912342 values, debugger on it, check what writes to it, zoom to the limit, nop the 2nd debugging line u found, tadaaa done

[sabba2u]

Quote Originally Posted by Kiruku

unknown initial search, zoom out -> increased, zoom in -> decreased, do like 1000 searches, get one of the 7648912342 values, debugger on it, check what writes to it, zoom to the limit, nop the 2nd debugging line u found, tadaaa done

Well, the value of the camera is a float between 350.00 (zoomed in all the way) and 550.00 (max out) so zoom in and zoom out ... and search for those or between those. That should let you set the camera to any value you want if you edit this address. But since you do not want to find this shit every time the game restarts.... we'd probably need to write a trainer which finds the pointer that points to this area in memory and read it. Then add the proper offsets so that our value really points to the memory address we want to edit... and set a new value in there like 1000.0 float.


There is also a 1 byte flag that I found just by chance checked really near that value in the code... it is 0 or 1. 0 means unlocked.

These are my working notes from my desktop file. I am not exactly too sure which version of the game this is for... 1.05 or 1.06, but it is all the same. I've added some notes.

###################

zoom hack
-------------

zoom in (decreases size all the way to 350.00 float)
zoom out (increases size to 550.0 flat)


addresses which controlled the zoom level:
56FC8D4
56FC8D5
56FC8D6
57dc896

(these change each time .. due to dma - will not be same for you)

5974AF is the address that was written to by the game (meaning that the value of the camera is in this address at the moment)

- put a debugger on it, now zoom it or out:

(which holds the zoom value)
some kind of code here and then [esi+0x44], eax ... so eax is our current camera value, placing it into whatever value esi+0x44 is


if we go backwards like 15 lines of code from the code above, we come across a
cmp [esi+0x48], bl

This is comparing the value in esi+0x48 and bl which is a register...

It was suspicious because it was in the routine that moves the camera.

This is only 4 bytes away from the address of the camera value...

it is currently 1. Lets change it to 0.

Zoom unlocked. This wasn't magic, just chance.

..........

5974e9 fstp dword ptr [esi+0x44]

if we watch the register for this ESI and add 0x44 to it, we get the current camera address.

of type FLOAT: varies between 350.00 (zoomed in) and 550 (zoomed out)

######################

So the easiest way to make a zoom unlocker is find the address which holds the 350 - 550 float. Then in spiro's memory hacking software do a pointer search, select static pointers only, and type in your address. So lets say our address was 5974AF

target from: just take your current camera value address and subtract like 1000 hex... (5904AF)
target to: paste in the address which holds your current value value. (5974AF)


this will give you an address which contains a value which points to near where the value of the camera is.

so read the pointer, get the address, add whatever offset spiro's thing tells you. The code in my trainer has this in it:

//1.06
int zoomPTR = 0x00df9e34; //static pointer, read it, then just add 0x48



No fixing of culling or anything like that. I honestly do not care to fix or even debug it to that kind of extent.

	Dynamic memory allocation In computer science, dynamic memory allocation is the allocation of memory storage for use in a computer program during the runtime of that program. It can be seen also as a way of distributing ownership of limited memory resources among many pieces of data and code. Dynamically allocated memory exists until it is released either explicitly by the programmer, exiting a block, or by the garbage collector. This is in contrast to static memory allocation, which has a fixed duration. It is said that an object so allocated has a dynamic lifetime.

	Trainer A trainer is a program written to intercept and alter the memory addresses of a game. Trainers usually have to be running in memory the entire time the game is loaded. Since trainers address specific memory locations, they usually only support a specific version of a game. This file is not supported in multiplayer or online games.

[Foen]

O thx for all that info get it to work now really thx