Cheat Engine

[Kalookakoo]

My friend knows C++ and I know Delphi. We both know the basics, and can make a normal undetected bot blah blah blah. But how exactly do you get around memory editing and messing with addresses like CE does? My friend finds more tuts because hes cheating, and I can't find much more than a random guide on Gzn which just flings you into things without explaining things which I'd like to understand before attmepting anything. Does anyone know any good informational passages/ tutorials out there that could help understand how to do memory editing with both languages?


Thanks In advance? Seeing as not many people come in this forum, I'll be happy for any helpful answer.


I posted this in two sections to increase likeliness of answers and I didn't really know where it applied. I aplogize if I did something wrong, but I say truthfully I never intended spam.

[lurc]

Well, either in Delphi or C++ your gonna have to use multiple API to modify memory of another process.

The first step would be to get the process id of the process you want.

You can do that via a few API and a bit of looping:

CreateToolhelp32Snapshot
Process32First
Process32Next

Then doing simple string compares to the PROCESSENTRY32.szExeFile.

Once you got the process id, the next step is getting the handle to that process.

You can do this via OpenProcess (Make sure you have the right access rights to read/write memory)

Finally once you have the handle to the process, you can use:

ReadProcessMemory
WriteProcessMemory

Be aware, if a process has some sort of protection (Like MapleStory's GameGuard) they will most likely hook these functions to stop you from modifying the memory.

Another thing is, some processes use memory right protection, which is just a memory protect assigned by VirtualProtect. To get by this, just use the API VirtualProtectEx to change the protect to PAGE_EXECUTE_READWRITE.

[Kalookakoo]

I understand what your saying, but I think I need a bit more understanding of hooks, handles, etc

[Dark Byte]

Memory editing is done exactly the same in both languages. You just use a slightly different syntax

You call OpenProcess to open the target process, that gets you a handle
then you can use that handle on calls like VirtualProtectEx, VirtualAllocEx, ReadProcessMemory and WriteProcessMemory.

And a hook is just calling writeprocessmemory and replace a few bytes with a jump to a block of code you've created with VirtualAllocEx and filled with assembler code with WriteProcessMemory

[Kalookakoo]

Ok. So if im correct, first you get the process ID using

CreateToolhelp32Snapshot
Process32First
Process32Next


Never used it before, gonna research those. But the process ID im guessing isnt just the name I could find in task manager? Also, I understand about GG's "hooking" that blocks mem editing, and sending Virtual keys, because I remember having to use a .dll to get my bot to work. Does the same thing apply here, a .dll needed to mem edit past GG? obviously I'm not going to start mem editing on MMORPGs, and starting at basics like Pinball, just curiousity getting the best of me.

[oib111]

The process id is a 4 byte integer value that identifies the process. Well, I'm sure there is some way to use WPM/RPM on GG protected games but the reason's dynamic-link-libraries work is because when they get injected into a process it gives you direct access to the memory (because you are loaded into the memory of the executable). And here is an example of "attaching" to a process:

[atom0s]

[dnsi0]

If you wanna make a dll. YOu can forget about OP,WPM,RMP... etc

You can use(Delphi)

var
a:pbytearray;
begin
a:=pointer($addruwannaedit);
a[0]:=your byte;
messagebox(0,pansichar(inttohex(dword(a[1]),),'',mb_ok);//this reads the 2nd byte from pointer.

[atom0s]