Road 96 Cheat Engine

[Celedonio Miranda]

Isthere a way to play sandbox in the form that in the last version, if you bought all facilities you'd have a strong income stream and eventually earn billions? Or just start the game out with a ton of money? (More than 500m)

If you mean Cheat Engine it worked for me mate i got more than 500mill with Cheat Engine also after you have 500 mill you could always float on the stock market you will have a ton of cash after that and after that use cheat engine i ended up with 1200000000

So, I wanted to tell everyone how I hack DR2C. I use a free program called Cheat Engine. How it works is, it looks into a program of your choosing and it shows you all the values going on in the program. You search for a specific value you want and you can edit it. For example, say I want to edit Food. I have to find the value that Food is stored with. But the tricky part is, There are millions and millions of values of nearly every number. So if I have 15 food, if I scan for 15 food, maybe 50 different values will come up. But there is a way around this. So I scan for 15 food as my first scan, then in the game I go scavenging, and for example find 2 food. I pause the game and go back into Cheat Engine. I change the scan type to "Compare to first scan" and type 17 becuase I now have 17 food. This will make it scan for something that was 15 the first time, but changed to 17 this time. More than super likely only one value will can up, and the address should be green. (Green addresses means that the value is static. The black ones change every single time you open the program, usually green ones are the ones your looking for.) I double click said address and it is put into my "table" of addresses. I can then double click the value to the far right, and change it to anything I want! If I type 99999 I will have 99999 Food in-game! There will also be a check mark box next to it, which when selected, will make the program force the value to always be what you set it to. For example if bandits take some food from me, it will emmedialty change my food count back to 99999. This is useful for changing health, because if you check the box, when you take damage it will just be set back to before, effectively making you invincible.

So you can save cheat "tables" that you make and import them into cheat engine. I have made my own table for DR2C. I presume that you can trigger events with this method, by scanning for 0, then when you encounter, say, the Toilet Genie (as you asked me about, Moon), the value would change to 1 so you could scan for "Compared to first scan" for 1, and you would find it. I wanted to give you guys this to help you out trying to expand the wiki and so you can help me make this hack better.

So to install, look up Cheat Engine download and go to their website and download and install the program, (it's only on Windows by the way) then download the .CT file here =597299 and open the file with Cheat engine. It will open cheat engine, (always allow access to computer, this just allows it to read other programs) and press the little glowing button in the top left corner and select prog.exe (assuming you have DR2C open, if not just open it and prog.exe will show up) and then happy hacking!

Can this be used to make custom game modes? Like, I've been hoping for a way to make a longer mode that also only allows custom or rare characters - sort of like mixing the Long Road Mode and Familiar/Rare Characters Modes.

Frida has been on my list of tools to look into for quite a while now but I've never really gottenaround to it. Either because it didn't quite fit the needs of the projects I was working on or because I was workingunder deadlines that didn't really allow for taking the time to learn a new tool.

So a couple of days ago I decided that since that situation probably isn't going to change any time soon, now is as good a time as any to throw inan quick, semi-useful weekend project to get my hands dirty with Frida. After all having another tool under your belt is always agood idea as you never know when it might come in handy.

Frida is a dynamic binary instrumentation framework similar to Intel PINor DynamoRIO.

The basic idea is that it lets you inject code into another binary without having to recompile so that you can e.g.observe memory allocations to check for leaks, observe branching behavior to create coverage statistics or todynamically change program state and variables to fix bugs, develop exploits or, as we are going to see, cheat invideo games ;).While I have used DynamoRIO on a couple of occasions in the past, what got me interested in Frida in particluaris its focus on portability and scriptability with bindings for a decent range of languages (here we will usea Python script to inject JavaScript code into the target binary), as well as its seamlessintegration with radare.

While I could just have read through a couple of tutorials and getting started guides and tried to replicate the instructionsI always find that I retain new information much better when applying it in a way that has some practical use for me.

Therefore I came up with the idea to use Frida as a scriptable cheat engine for SnowRunner.

Currently I am on my second playthrough of SnowRunner and while I do like the game a lot the system of ranks and experiencepoints always seemed kind of arbitrary to me. In particular on the one hand the game allows and even encourages switching between the various regions (Michigan, Alaska, Russia, ...) at any time and playing them in an non-linear order. On the otherhand, though, chained tires (without which Alaska is practically unplayable) only become available once you reach rank 10-15(depending on the vehicle).

So what better way to take Frida for a spin than using it to increase my rank so I can buy some winter tires ^^.

Now that we have a goal, lets see how we can get there.

Even though all we want to do is increase a current rank of e.g. 5 to, say, 16, finding a particular single digit valuein the several gigabytes of memory that the SnowRunner executable maps is probably not going to work without someadditional information.

Some more recognizable values might be the account balance (112500 in this case) or the player name. We'll assume thatsince all those values have something to do with the state of the active player profile they will be stored somewhatclose together in memory. So if we are able to find a not too large area of memory where all of those valuesoccur it will be safe to assume that these are our target variables and we can subsequently change them to ourdesired values.

Next we will take a look at each of these ranges to check if they contain our values.

We will start by searching for our current account balance and then refine our search in only those ranges thatcontain this value.

For this we will use Memory.scanSync(address, size, pattern).

The parameters address and size we can take directly from the data thatenumerateRanges() returned. pattern needs to be a string of hexadecimal valuesrepresenting the data in memory we are looking for.

To scan for our account balance we first convert 112500 to hex which yields 1B774.And because we are running on a little endian machine we will have to reverse the individual bytes which gives usa scan pattern of 74 B7 01 00.

Of course we don't have to do this conversion manually. After all one of the hallmarks of Frida is its scriptability.And we don't even have to do it in the JavaScript code that is going to run in the target process (which would notbe a big deal in this particular case but could become an issue if we needed to make more complicated calculationsbut did not want to introduce too much delay because e.g. timing of our operations might be important). Insteadwe can simply do the conversion in the Python script that is going to inject our JavaScript code into thetarget application.

Most of these results are going to be false positives as 112500 is not a particular unique valueand is bound to occur in memory in several places simply by random chance. Therefore we are nowgoing to look at the areas around those preliminary results and see if we find a place where the valuesof our current account balance, rank and profile name occur in relative proximity.

Ideally we will end up with exactly one set of addresses for our target values thatwe can now write our new values to: if (candidates.length == 1) Memory.writeInt(candidates[0].money, new_balance); Memory.writeInt(candidates[0].rank, new_rank);

What we did not consider until now is that while our goal only was to increase our rank, thisvalue is coupled to the profile's experience points whose absolute value is not displayed on theprofile page but only the number of points relative to those required to reach the current rank.

So by updating the rank but leaving the XP untouched our relative experience level is now negativeand as soon as we trigger any action in the game that awards us additional points our rank willbe reset to the appropriate one for our total XP.

Essentially what that means is that it is not enough to set our desired rank but we will alsohave to locate our experience points in memory and set them to a value appropriate for ourtarget rank.

So we will just add another set of scan and write calls to our Frida script. No big deal. But how dowe obtain the value that we need to scan for ?

While it would not be too hard to figure that out based on the relative XP requirements displayedin the profile, fortunately someone has already done that work for us here.

From that table we can see that at our current rank 5 with 100/1300 XP the absolute value we arelooking for will be 4200 and if our goal is to get promoted to rank 16 setting our XP to 25100 shoulddo the trick.

So lets poke those values into memory and see if that works out!

3a8082e126