| View previous topic :: View next topic |
| Author |
Message |
DMan132
How do I cheat?
![]() Reputation: 0
Joined: 30 Oct 2007
Posts: 5
|
 Posted: Tue Oct 30, 2007 7:39 pm Post subject: Writing to changed addresses. |
 |
|
I am attempting to make a program to alter the memory in question. It seems to change here and there (when I reboot etc) so I can't just write the process memory and hard code it. I'm new to this however I've got the writing part down just fine but currently I need to modify the code based on the current address of the memory.
| Code: |
Dec:
13780348
13780316
14042124
Hex:
00D2457C
00D2455C
00D6440C |
I've generated the first two rebooting my computer 3-4 times and the last one was generated using my laptop rebooting twice. I've been trying to find out the most efficient and fool proof way of searching the memory for the value and using that address to write to. The value in question is an integer. I know (think) I should start at a certain index, increment x in my address and run to a certain point however all three of these I can not determine. If necessary I can modify the value in game to do a couple of searches to determine exactly which address is being used this time around. I thought about writing to all addresses that I see it use but this causes a crash or two and that can't happen.
Is there an obvious pattern with these 3 address? Any advice on how I should go about doing this? |
|
| Back to top |
|
 |
mapleh4ckz
Master Cheater
 Reputation: 0
Joined: 20 Sep 2006
Posts: 386
Location: Maplestory
|
| Posted: Tue Oct 30, 2007 7:44 pm Post subject: |
|
|
Typically if they change then they are a pointer. Or load it with olly and see what you come up with around those addresses.
_________________
|
|
| Back to top |
|
|
DMan132
How do I cheat?
![]() Reputation: 0
Joined: 30 Oct 2007
Posts: 5
|
| Posted: Tue Oct 30, 2007 8:10 pm Post subject: |
|
|
| Doing a pointer scan it only detects a pointer which points to one of the addresses I have located. What is this olly? |
|
| Back to top |
|
|
jongwee
Moderator
 Reputation: 0
Joined: 28 Jun 2006
Posts: 1388
Location: Singapore
|
| Posted: Tue Oct 30, 2007 8:13 pm Post subject: |
|
|
| DMan132 wrote: | | Doing a pointer scan it only detects a pointer which points to one of the addresses I have located. What is this olly? |
OllyDBG. It is a debugger. Link
_________________
|
|
| Back to top |
|
|
mapleh4ckz
Master Cheater
Reputation: 0
Joined: 20 Sep 2006
Posts: 386
Location: Maplestory
|
| Posted: Tue Oct 30, 2007 8:18 pm Post subject: |
|
|
Could you give us alittle more information about what your trying to hack ie game?
_________________
|
|
| Back to top |
|
|
DMan132
How do I cheat?
![]() Reputation: 0
Joined: 30 Oct 2007
Posts: 5
|
| Posted: Tue Oct 30, 2007 8:23 pm Post subject: |
|
|
| Downloaded it and attached to process. I can not find the address although still locate it fine in cheat engine, is there a search method? |
|
| Back to top |
|
|
mapleh4ckz
Master Cheater
Reputation: 0
Joined: 20 Sep 2006
Posts: 386
Location: Maplestory
|
| Posted: Tue Oct 30, 2007 8:35 pm Post subject: |
|
|
yes. Control G I believe. Mind telling us what your trying to hack...It may make it easier.
_________________
|
|
| Back to top |
|
|
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Tue Oct 30, 2007 8:38 pm Post subject: |
|
|
Check to see what module memory region you are located in. Sounds like you are dealing with code shifting. When you find the module name, locate the base address. (All of which is found via the Memory Viewer in CE.)
Once you find the base do a simple math calculate of:
CurrentAddress - BaseAddress = Offset
Now that you have the offset, next time you load the game, you will need to locate the base address of the module the address was in before and do:
BaseAddress + Offset = NewAddress
And you should land up on the address you want. Also, this could be using pointers with code shifting so see if you can trace what writes to the address back to a pointer and then do the same thing for the pointer.
PointerAddress - BaseAddress = Offset
Then when you load the game:
BaseAddress+Offset = PointerAddress
Then read the pointer address value for the new memory location.
_________________
- Retired. |
|
| Back to top |
|
|
DMan132
How do I cheat?
![]() Reputation: 0
Joined: 30 Oct 2007
Posts: 5
|
| Posted: Tue Oct 30, 2007 9:04 pm Post subject: |
|
|
| Wiccaan wrote: | Check to see what module memory region you are located in. Sounds like you are dealing with code shifting. When you find the module name, locate the base address. (All of which is found via the Memory Viewer in CE.)
Once you find the base do a simple math calculate of:
CurrentAddress - BaseAddress = Offset
Now that you have the offset, next time you load the game, you will need to locate the base address of the module the address was in before and do:
BaseAddress + Offset = NewAddress
And you should land up on the address you want. Also, this could be using pointers with code shifting so see if you can trace what writes to the address back to a pointer and then do the same thing for the pointer.
PointerAddress - BaseAddress = Offset
Then when you load the game:
BaseAddress+Offset = PointerAddress
Then read the pointer address value for the new memory location. |
I think this is it, I have my offset, but how do I go about reading the baseaddress when the program is run? I assume its the base address that changes otherwise it would always be the same address no?
@above: this is for gambling software
Edit:
Alright, the module which the actual address is stored has no name. There is a pointer to this address that is in the main module and has the same offset every run. Should I get the address of the one to write to using the pointer?
Final Edit:
I have it working perfect, thanks for the help, I locate the pointer, retrieve the address it points to, add the offset and write to that location. |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
