Quantcast

Jump to content


Photo
- - - - -

[Guide] A Complete Guide to Creating Your Own AOB

itsahomer aob aobs aob guide

  • Please log in to reply
8 replies to this topic

#1 Homer

Homer
  • 151 posts

Posted 21 December 2012 - 12:25 PM

*
POPULAR POST!

tutorialbyhomer.png
:warning:


#=========#
Introduction
#=========#

Well it seems... like the time has come where there may be a use for a guide finding Array of Bytes (AOB). The purpose of this guide is to hopefully explain the process as simple as possible so you can start creating your own AOBs for flash games you play. It is not difficult to learn, just tedious. At the end of this guide you will be decompiling games in no time. I only ask that you contribute your findings to our already vast Master List, but it is up to you to decide because you are the one who put in the effort to find them.






 

misctetris.jpg



Games... There are two ways to cheat games we play: using a Score Sender (SS) or using Array of Bytes (AOB). In the Neopian world, Score Senders are superior in every way. SSing is convenient and and fast, plus someone else is doing most of the work for you. But SS is not very forgiving when it comes to human error. Submitting the wrong time or score can lead to a freeze. AOBs on the other hand are forgiving in this aspect. Any mistake you make in the game can be simply fixed by reloading the game. It is also versatile, there are many games besides neopets that you can use AOBs on. Think of AOBs as if you were typing in cheat codes when you play a game.

Weigh your options because the end result is the same regardless of which method you use: 3,000 Neopoints per game, trophy or possibly an avatar. Just remember, it is your account your risking if you decide to SS. If you want a lower risk alternative I would suggest using AOBs. It is a great way to get trophies and avatars especially if your score is going to be reviewed. The downside to using AOBs is it will require more effort on your part.


#=========#
Preparations
#=========#
You require a couple things...


1. Know how to use (AOBs)
I'm writing this guide assuming you know how to use AOBs with cheatengine.
This guide is only to show you how we find AOBs. Not how to use them, that guide is here.

2. Cheat Engine
Download [CheatEngine] from their website if you have not already done so.
Do not use the built-in speed hack on Neopets. It does affect your frames per second (FPS) and that information is sent to TNT.

3. Browser
Any browser is fine, but for the purpose of this guide I'll use the popular browser Google Chrome.

4. Flash Decompiler
Download [SWF_Decompiler] 29.5MB bytes (Updated Links: 29th Dec 2012)

You need a flash decompiler to look inside the flash games to start looking for the AOB codes you want. I uploaded a copy in the provided link here. You'll have to trust me to download this but it is up to you to decide.
There are always torrents if you feel safer doing it that way, just make sure the decomplier is similar to the one I'm using. For this guide I will be using Sothink's flash decompiler.

5. Calculator
You can find this on your computer. We need this to covert between our Decimal system and the game's Hexadecimal system. This is because AOBs are all in hexadecimal format.
Decimal system: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Hexadecimal system: 1 2 3 4 5 6 7 8 9 A B C D E F


#=======#
Setting Up
#=======#
Downloading the flash game from neopets
Possibly the most annoying part of AOBing on neopets, it requires its own guide.

If you follow Coilvect's method to download the flash games, it is much easier but it is dependent on the addon. That method requires an Adblock Addon for your browser but it does make it easy to download the flash file.
However, there is an alternative method where we can download the flash game manually without any need for browser addons.

Manually Downloading Flash Game:
1. Go to the game you want to download and Press Play to load the flash game.
2. Right Click near the game box and you should see an option view frame source. Just like the image shown below:
viewframesource.png

3. Google Chrome should pop open another tab revealing the source code for the frame.

 

Press CTRL + F to use Chrome's search function.

Then type in gameURL and it should reveal this url - "gameURL":"h##p://images.neopets.com/games/gaming_system/np8_loader_v3_32.swf"

The real address is in the numerical mess after the gameURL... "g=g763_v30_96559"


4. This is the real game address - g763_v30_96559

 

Now write the address like this: [h##p://images.neopets.com/games/g763_v30_96559.swf]
This is the actual address where we can download the game file ;).


Note: Remember to change H##P to HTTP. I had to change the tags to H##P to prevent the game from loading in this page. Just remember the real address is after the gameURL and has a g= in front of it.

Tip: You can keep a list of games to download in a text file and save it as an HTML to download the games anytime like below:
<a href="h##p://images.neopets.com/games/g1347_v63_45083.swf"><b>Assignment 53</b></a>
<a href="h##p://images.neopets.com/games/g381_v58_67047.swf"><b>Kash Basher</b></a>
<a href="h##p://images.neopets.com/games/g1266_v27_65640.swf"><b>Shenkuu Warrior 2</b></a>


Assignment 53
Kash Basher
Shenkuu Warrior 2


#============#
The Instructions
#============#
Make sure you are familiar with the game so you know what to look for.
I will use the game Kash Basher as an example since its pretty popular on neopets.
Also because it is the easiest example to teach a beginner. Obtaining the code is straight-forward for Kash Basher as you will see later.

When you decompile other games there is a level of difficulty of finding the value your looking for... but you will get there ;).


Kash Basher. As everyone knows, you need to get the Tree Bat to make the top score.
However, the Tree Bat is only an option on Hard Mode which is randomly given.
So the value or keyword we are looking for should involve a bat and a probability. Now we know what to look for!


Download the flash file for Kash Basher using Coilvect's adblock method or the manual method I have just shown above.
Just to check if you got the right Kash Basher file, it should be g381_v58_67047.swf.


#=================================#
Decompiling and Interpreting the Flash Code
#=================================#
Once you have the flash file on your computer...
Open the file using the Flash Decomplier I provided.


Using SoThink's Flash Decomplier to open up the file you should get this image below:
http://imageshack.us/a/img40/1899/sourcecodet.png

sourcecodet.png

Figure A. Source Code Image


1. Decompiling:
The first thing you want to look at once you open the flash file are the Action Scripts. These are located in the Action folder shown on the right column. Do not check the boxes, just simply select the [+] next to the action folder to expand the folder. There will be several files in the action folder and you will have to investigate all of them as each file could be responsible for a different set of instructions. The general rule of thumb to use is to look for action script files with the most lines of code. Majority of the time the main files are the ones where most of the instructions we are looking for are kept and they are often easy to locate because they often have Main or Game in their titles. In Kash Basher, the main file is called MainMovie. See what I mean by easy?

Select MainMovie. You will see a good amount of code. When reading the action script, make sure the source code button is selected as circled in figure A. This allows us to view the code in source code format.
Now keeping in mind what I said in the section "Instructions" we are looking for a value having to do with the probability of getting the Tree Bat in Kash Basher.


This is where the guessing work comes in and depending on the game, the time you spend looking through the code could vary. In Kash Basher it is actually very simple. If you read any of the Kash Basher game guides they mention a 1 in 10,000 chances of getting the Tree Bat. As you scroll through the lines of code you will eventually find a few lines saying Bat Mode... Bat Mode... and then finally one line that has Odds = 10000. Jackpot. I squared the selection of the code in figure A . Now we just have to change the value 10000 to 1. So the chances of getting the Tree Bat is a 1:1 chance. So how do we change it? We have to look at the code in Array of Bytes (AOB) format.


Once we find the source code it is time to find the AOB code as shown in the image below:

http://imageshack.us/a/img705/6885/rawdata.png
rawdata.png

Figure B. Raw Data Image


2. Reading:
Select the Raw Data button as circled in figure B. You will see an entirely different set of code, this is the Array of Bytes [AOB]!
Now your probably wondering how the heck do you read this?... It is very simple.

Take this random code for example:

//96 02 00 08 01
_push "batMode"
//4e
_getMember
//96 05 00 07 04 00 00 00
_push 4


The numerical values above the text are instructions telling the program how to perform. As such, the values 96 02 00 08 01 gives the command to _push "batMode". 4e gives the command to _getMember and so on. When you open up the flash game using Cheat Engine you never see the texts _push or _getMember. This is because the program sees this instead, 96 02 00 08 01 4e 96 05 00 07 04 00 00 00. This long value here is an example of the array of bytes we copy and paste here on the forums and get brownie points from you guys. ;)


3. Interpretation:
Now we have an understanding of reading array of bytes, lets take a look at the line of code for the Tree Bat. Since we already know the line responsible is Odds = 10000, just use the search box at the top left like I did in figure B and type in odds. It should quickly bring you to these lines of code:


//96 02 00 08 01
_push "batMode"
//4e
_getMember
//96 05 00 07 03 00 00 00
_push 3
//49

_equals2
//12
_not
//9d 02 00 a2 00
_if true goto #69
//96 07 00 08 03 07 10 27 00 00
_push "odds" 10000
//1d
_setVariable
//96 02 00 08 03
_push "odds"

This is the same code you were looking at earlier as a source code, now it is just in Array of Bytes format. As you look at the lines of code you will notice these values: 96 07 00 08 03 07 10 27 00 00 give the command to set the odds at 10000. Looking further down the line you will see another set of values: 96 02 00 08 03. It gives a similar command for it is much shorter. Comparing the two values we can see that the extra bit of code is 07 10 27 00. Now take out your calculator and covert 10000 (decimal) to (hexadecimal). You should get the values 27 10. Looking at the extra bit of code you can see 27 and 10 and these are the two values that we need to modify. The assumption to make regarding the extra 07 is that it must just be a place holder, so we can ignore it. You may be wondering why the values are inverted 10 27 when it should be 27 10. To be honest, I actually have no fucking idea... but it seems to me like the games like to read the instructions like how people read Japanese manga (Right to left). The importance here is that we recognize the values we want to modify. To change 10000 to 1, we simply get the decimal value of 1 and covert it to hexadecimal... which is also 1 or 01.

Now to make an array of bytes we just delete the text and leave only the numerical values.



Which gives us...
96 02 00 08 01 4e 96 05 00 07 03 00 00 00 49 12 9d 02 00 a2 00 96 07 00 08 03 07 10 27 00 00 1d 96 02 00 08 03 --->
96 02 00 08 01 4e 96 05 00 07 03 00 00 00 49 12 9d 02 00 a2 00 96 07 00 08 03 07 01 00 00 00 1d 96 02 00 08 03


The top line is the original code and the bottom line is the new code we will put in.
Now I can copy and paste this on the forums and it should work fine, but people might hate that this code is too long. So lets make it shorter...


Shorter!
12 9d 02 00 a2 00 96 07 00 08 03 07 10 27 00 00 1d --->
12 9d 02 00 a2 00 96 07 00 08 03 07 01 00 00 00 1d


Much better. As you can see I just cut it down by copying the values starting from 12. BUT it really doesn't matter where you start copying the values as long as the important values: 96 07 00 08 03 07 10 27 00 00 are included!

Therefore, you can actually cut down the AOBs even shorter...


Even Shorter!
96 07 00 08 03 07 10 27 00 -->
96 07 00 08 03 07 01 00 00

There is a problem with this... the shorter the AOB code is the more likely the program will think your altering another set of AOB lines. These lines could be in the same action script file or it could be in entirely different folder.
In the worst case scenario when players copy and paste the code into CheatEngine it could give multiple results instead of the one we want to change. For example, take a look at the Raw Data command for _push "batMode" (96 02 00 08 01) and _push "odds" (96 02 00 08 03). Notice any similarities? Both commands have almost identical values with only a digit difference between each other.

If you wanted to change the value of ONLY _push "odds" you will need to include the 03...
96 02 00 08 03 -->

However if I were to take out the 03, this will change the value of both _push "batMode" and _push "odds"
96 02 00 08 -->


Likewise, if I wanted to change the value of ONLY _push "batMode"
96 02 00 08 01 -->


The key thing to remember here is to make sure you have the right length of AOB code. The best way to check is to use CheatEngine and copy and paste the longer line first to see if you get your target value. Then continue cutting down the code... when it gives you multiple lines of code that have nothing to do with the values you want to alter then you will know that you have cut the AOB code too far.


4. Final Result
Since we are sure the code 96 07 00 08 03 07 10 27 00 00 represents ONLY one command (the chance of getting the Tree Bat), we can keep it short in this length.


 

Now you know how we got the Kash Basher AOB:

96 07 00 08 03 07 10 27 00 00 --->

96 07 00 08 03 07 01 00 00 00


or

(add 1D just as precaution)

96 07 00 08 03 07 10 27 00 00 1D --->

96 07 00 08 03 07 01 00 00 00 1D


or

96 02 00 08 01 4e 96 05 00 07 03 00 00 00 49 12 9d 02 00 a2 00 96 07 00 08 03 07 10 27 00 00 1d 96 02 00 08 03 --->
96 02 00 08 01 4e 96 05 00 07 03 00 00 00 49 12 9d 02 00 a2 00 96 07 00 08 03 07 01 00 00 00 1d 96 02 00 08 03


#========#
Helpful Tips
#========#
Hopefully the guide is easy to follow. The process of downloading and decompiling every flash game are the same. The difficult part will be to locate the action script responsible for the values you are looking to modify. Just remember the general rule of thumb, the more lines the code the more likely it will have the values you are looking for. And make sure you view the file as a Source code before switching to Raw Data. The target words in the source code often give helpful clues to what the numerical values do.


Sometimes you will come across the cheat codes in the action script like in Assignment 53...
Press UP UP DOWN DOWN LEFT RIGHT LEFT RIGHT at the menu screen to get an extra life.
this._cheatcode = new CheatCode(stage);
this._cheatcode.registerCheat("f1u", this.fOU, CheatCode.UP, CheatCode.UP, CheatCode.DOWN, CheatCode.DOWN, CheatCode.LEFT, CheatCode.RIGHT, CheatCode.LEFT, CheatCode.RIGHT);
this.GC.stateMachine.init();


Besides cheat codes we can also look for the values responsible for the music in the background of the game.
For example here's the line I found in Assignment 53 where I can control what I want to listen to...

d0 2c 06 46 17 01-->
d0 xx 06 46 17 01

xx is where you would place the value of the music you want to play throughout the game:
06 - Jungle music
07 - Jelly music
08 - Gas music
09 - Rock music
0A - Kreludor music


Start exploring... it doesn't have to be action scripts. Using the decompiler you can also extract images from games such as the image I am using for this tutorial. I extracted the image from the Igloo game. Once you extract the image you can use it for your lookup or background, etc.


#===#
DONE!
#===#


If you made it reading this far, great job! Coilvect might be out of a job providing AOBs ;).
As you work on more games you will know where to look and become better over time. It just takes trial and error and if you make a mistake just restart the game by reloading the page and start over. But hey if you put this much effort into the game cheating, you fucking deserve the neopoints lol.

I'll end the guide here, depending on the responses I'll add more information as needed. We do have a vast list of AOB codes for many games as of now and the lack of response seems like players are either just playing the game legit such as myself or using score senders. Entering and changing the AOBs can be tedious which I totally understand. It is the one reason why I tend not to use them out of laziness. I mean it did take me almost a year to even get the motivation to start this guide.

If something is confusing on this guide, let me know and I'll do my best to clear it up. But hey now there's a guide to creating your own AOBs... yeahhh :nana:


Edited by Homer, 20 February 2013 - 05:46 PM.
Removed Torrent link as per rule 3.2.2


#2 Blueberry

Blueberry
  • 155 posts

Posted 21 December 2012 - 01:51 PM

Great guide! It's really interesting to see the depth and work that it takes to transform a code. :)
How did you figure this stuff out?

#3 Homer

Homer
  • 151 posts

Posted 21 December 2012 - 04:35 PM

I'm glad you enjoyed it :lol:. I learned by getting familiar with Cheat Engine and mostly its just experience with trial and error. There are guides out there since AoBs work for nonflash games too. In fact I still use them on some of my steam games where cheat codes aren't always available. It is okay to practically know nothing, that is why I made this guide. I'm hoping more players will find the information here useful and start making their own AoBs.

Edited by Homer, 21 December 2012 - 07:56 PM.


#4 Mondale

Mondale
  • 10 posts

Posted 23 December 2012 - 03:57 AM

Well bub, you've got me fan-boying all over the place! This guide is exactly what I've been looking for for quite some time now, and this is the first one I've found that explains it so that I understand it well. Now, I've got some code to sift through!

#5 Artleyz

Artleyz

  • 274 posts


Users Awards

Posted 30 December 2012 - 12:30 AM

Thank you for making AoB finding/changing understandable to us. I definitely feel like with some time, we could find some of our own AoBs now. :D

#6 anewvision

anewvision
  • 1,177 posts


Users Awards

Posted 30 December 2012 - 07:20 PM

This is what I will be using in my attempts to make an AoB multi-trainer with CE. I am Quite annoyed with manually finding and modifying addresses every time I play a game T-T which I'm sure many are! Great guide, very helpful, +1, Thanks!

#7 Justpeachy

Justpeachy
  • 44 posts

Posted 10 March 2013 - 09:13 PM

I am bookmarking this. I'd love to help out and find more AoB codes for games. :D There's a few games I really would like codes for so I'll see f I can find the on my own then hopefully share it. :)



#8 cocodrile333

cocodrile333
  • 47 posts

Posted 25 July 2013 - 03:44 PM

great guide!

ill give it a try



#9 iKate

iKate
  • Cat Lady

  • 1,700 posts


Users Awards

Posted 13 August 2013 - 02:51 AM

I tried it with the game let it slide but I didn't find anything :/


Edited by iKate, 13 August 2013 - 03:30 AM.




Also tagged with one or more of these keywords: itsahomer, aob, aobs, aob guide

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users