Setting ammo through memory manipulation in Arma2/DayZ

Another older forum post, this time regarding the memory manipulation of ammunition and consumable counts.  The information regarding the storage is solid, but at the time I didn’t know where to find the max capacity of the consumable to be manipulated.

Continue reading

Advertisements

Spawning items in DayZ/Arma2OA

This is a copy of the article I wrote on UnknownCheats regarding manually spawning items and weapons through memory manipulation in Arma2OA.  I would add that Arma uses its own memory manager, tbb4malloc_bi.dll by default.  Arma also has a garbage collection system, so when an item’s references reaches 0 OR the game loads a new mission, the garbage collector frees the item.  If you use regular malloc to allocate the memory you use to spawn an item, you will crash when Arma tries to garbage collect that item, because the Arma memory manager is trying to free something it didn’t allocate.  To get around this, you can just  call Arma’s memory manager’s Alloc function that way it can free the alloc’d item.  I popped open tbb4malloc_bi.dll and found the address of the function (it’s in the export table) and made a function pointer to it in my version:

_MemAlloc = 0;
HMODULE hMalloc =  GetModuleHandle(“tbb4malloc_bi.dll”);
if(hMalloc)
{
_MemAlloc = (MemAlloc)((char *)hMalloc + 0x7A90);
if(*(DWORD *)_MemAlloc != 0x56ec8b55)
_MemAlloc = 0;
}

I then made a memory allocation function that calls the right version (_MemAlloc or malloc) depending on what’s available

void *allocateMem(SIZE_T size)
{
if(_MemAlloc)
return _MemAlloc(size);
else
return malloc(size);
}

You can’t use a single pointer and set it to either _MemAlloc or malloc because they have different calling conventions, so this was my solution.  Maybe not especially elegant, but it works, and my users that use different memory managers can still use the hack.  I could find all the allocation functions for each possible memory manager (Arma offers quite a few) but…it’s not that big a priorty really.

Anyway, here is the original article:

Continue reading