Thanks for this. Just a quick question though, how do I use scalpel? I can't seem to get it to work (broken image removed)

this software works with the command-line.
once you got your cmd-line shell, type (for instance):
C:toolsscalpel.exe -o C:flashextract C:flashiexplore.img -vwhere extract is the directory scalpel will create to store the extracted SWF files, and iexplore.img the file you created using pmdump.exe

Don't forget to edit the file scalpel.conf; because scalpel does nothing by default: line 131, remove the # character, and replace with:
fws y 10000000 FWSx0a
then in C:flashextract you will have like 5 files, one for the preloader, one for the sounds, the music, the game core, etc... Open them all with Sothink Decompiler, and find which one is the game logic code.

In our case, look at: ActioncomgabobclockwordsCWDictionary and ActioncomgabobclockwordsPlayerProfile to find the lines I changed (broken image removed)

Once again, thanks (broken image removed). Worked like a charm (broken image removed). Just one more quick question though. How do I find out what to edit to get the AoB's? For example, if I have you code, which is here:

Code: [Select]

//66 8c 05
_as3_getproperty _so
//66 85 03
_as3_getproperty data
//27
_as3_pushfalse
//61 81 24
I understand how to get the AoB. But how do I know how much to take? For example, if I have this code:

Code: [Select]

//d0
_as3_getlocal <0>
//30
_as3_pushscope
//24 00
_as3_pushbyte 0
//d7
_as3_setlocal <3>
//d0
_as3_getlocal <0>
//49 00
_as3_constructsuper (param count:0)
This is just something random I found, but how would I find the AoB for it? Say I want to change the 0 to a 5. Would the AoB needed be 30 24 00 d7? How do I know when to stop as well, I could continue and get 30 24 00 d7 d0 49 00 :?

This is only a matter of redundancy. In my example code, pushfalse was the line I wanted to change to a pushtrue (27 -> 26), but the byte 27 is encountered many many times in the memory: other pushfalse instructions that I don't want to change, random data, etc... So I need to take more context in my AoB until the cheat engine scan shows only one instance.
So there's no "ideal" amount to take. If 30 24 00 d7 occurs only once, then you have your AoB. If you find much more than one address, try 30 24 00 d7 d0 49 00, and so on.

Ah, I see. So I get my AoB, of say the above. So it's D0 30 24 00 D7 D0 49 00. Say I want to change the 0 to a 5. Would I therefore have to change the AoB to D0 30 24 05 D7 D0 49 00? Because I tried that with another AoB and it didn't work (broken image removed)

That's it. Keep the context bytes, and change only the byte(s) corresponding to the instruction you want to change.

I tried that and it didn't work though (broken image removed). I'll give it another try though and let you know (broken image removed).

Edit: Also, say the AoB is D0 30 24 00 D7 D0 49 00. How would I change the 0 to something like 2000? Because if I need to keep the amount of bytes the same, I can't just put in 2000, as that is 7D0, which won't fit. Would I have to change the AoB to D0 30 24 00 7D D7 D0 49?

Within your AoB, the instruction you are modifying is:
//24 00
_as3_pushbyte 0A byte is 8 bits, which allows values from 0 to 255. So maximum you can do is 24 FF which stands for pushbyte 255.
If you want more, I think you will need to modify the code more in-depth, and use another instruction than pushbyte, probably meaning changing the swf size. I don't know if this is possible, maybe a more experienced cheater can tell.

Hello,
this maybe comes after the battle, but here are my findings :

use the "get more" stuff as many times as you want, so you have a shitload of powerful bonus letters :
66 8c 05 66 85 03 26 61 81 24 -> 66 8c 05 66 85 03 27 61 81 24
it works only if you haven't used it already, and I think this hack could be achieved editing the sol "gotSampler" value. I suggest you use this disposable mail service to enter a different mail each time: http://www.yopmail.com/en/

Following AoB is better:
Type in any shit you want and still get your word validated
15 e9 ff ff 27 48 -> 15 e9 ff ff 26 48

I don't know if you can get caught with the "recent words from other players" sliding banner.

Ok, thanks for your help mr. white (broken image removed). Got 3 more AoB's now for it (broken image removed)

Make chance of normal dropping inverted (means if normally there was a 10% chance for a normal to drop, it's now a 90% chance (broken image removed))

46 B3 21 00 D1 0D 99 00 00->46 B3 21 00 D1 0F 99 00 00

Ideally you should do this on level 1 (broken image removed)

Make chance of special dropping inverted (means if normally there was a 10% chance for a special to drop, it's now a 90% chance (broken image removed))

46 B3 21 00 D3 0D 24 00 00->46 B3 21 00 D3 0F 24 00 00

Ideally you should do this on level 1 (broken image removed)

Note: The above 2 hacks will not work at the same time because if both are activated, it makes a normal drop, then makes it a special. So if they are both activated, you will only get specials

Also, special credits to mr. white for helping me find these and teaching me how to do it (broken image removed). The rest from here on are from me though:

Words don't get added to the repeat list (means you can keep on adding the same word over and over (broken image removed). Just watch your WPM count, you can get a very high score with this)

46 98 02 00 60 cf 04 66 d7 1b 0e 08 00 00->46 98 02 00 60 cf 04 66 d7 1b 0c 08 00 00

Spider health (updated)!
d1 66 c3 28 60 cf 04 66 cd 1b a2 a0 73->02 02 02 02 02 02 02 02 02 02 02 02 02

d1 66 c3 28 60 cf 04 66 a5 1b a2 a0 73->02 02 02 02 02 02 02 02 02 02 02 02 02

Changes spider health to about 10 (broken image removed)

Get 10 of each special letter when you buy more letters instead of 2 (broken image removed)

60 DC 08 66 BD 1C 24 02 46 C4 05 02->60 DC 08 66 BD 1C 24 0A 46 C4 05 02

The above gives you 10 Brass instead of 2 Brass

60 DC 08 66 BC 1C 24 02 46 C4 05 02->60 DC 08 66 BC 1C 24 0A 46 C4 05 02

The above gives you 10 Jade instead of 2 Jade

60 DC 08 66 BC 1C 24 02 46 C4 05 02->60 DC 08 66 BB 1C 24 0A 46 C4 05 02

The above gives you 10 normal instead of 2 Jade

60 DC 08 66 BD 1C 24 02 46 C4 05 02->60 DC 08 66 BB 1C 24 0A 46 C4 05 02

The above gives you 10 normal instead of 2 Brass

Now you can get any letters you want (broken image removed)

Unlimited secrets (Makes you have 50 secrets when you have less than 100 secrets (broken image removed)) [Have to wait for a spider to take one secret before it starts working]

66 a1 0d 24 00 0c 06 00 00 d0 24 00 68 a1 0d->66 A1 0D 24 64 0C 06 00 00 D0 24 32 68 A1 0D

More to come soon hopefully (broken image removed)