 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
newb09
Master Cheater
 Reputation: 0
Joined: 02 Feb 2007
Posts: 350
|
|
| Back to top |
|
 |
Symbol
I'm a spammer
![]() Reputation: 0
Joined: 18 Apr 2007
Posts: 5094
Location: Israel.
|
 Posted: Wed Feb 13, 2008 4:58 pm Post subject: |
 |
|
Simply by finding the ID first and attaching to the process that holds that ID and it bypasses Read/WriteProcessMemory. (not sure what bypasses that)
You can get the window handle even if the process is hidden.
|
|
| Back to top |
|
|
newb09
Master Cheater
Reputation: 0
Joined: 02 Feb 2007
Posts: 350
|
| Posted: Wed Feb 13, 2008 5:35 pm Post subject: |
|
|
| Symbol wrote: | Simply by finding the ID first and attaching to the process that holds that ID and it bypasses Read/WriteProcessMemory. (not sure what bypasses that)
You can get the window handle even if the process is hidden. |
yes but how do i attach is what im asking im trying to convert to c#. btw if that matters. um. i can bypass read/writeprocessmemory but um. i just need to know how to attach.
so what i get from ur reply is that if i use the same numbers when maplestory starts lets say PID is 0248 and Phandle is 498736 then those can be used and stored as variables to attach?
_________________
NOOBXOR = Comes from the root words noob and haxor, hence noobxor.
word created by: newb09 & ferenzo
 |
|
| Back to top |
|
|
Symbol
I'm a spammer
![]() Reputation: 0
Joined: 18 Apr 2007
Posts: 5094
Location: Israel.
|
| Posted: Wed Feb 13, 2008 5:56 pm Post subject: |
|
|
Yes, you can get the ID at the play screen and the handle at any time (System.Diagnostics.Process.GetProcessById(), User32.dll - FindWindow())
By "attach" do you mean OpenProcess? you don't even have to call OpenProcess, you can use the ProcessHandle to read memory, I just keep the handle in a static variable and then ReadProcessMemory(variable, params...,..,..);
|
|
| Back to top |
|
|
lurc
Grandmaster Cheater Supreme
 Reputation: 2
Joined: 13 Nov 2006
Posts: 1900
|
| Posted: Wed Feb 13, 2008 6:01 pm Post subject: |
|
|
Cheat Engine's driver "bypasses" Read/WriteProcessMemory
CE 5.4's source is open, you can go and analyse the source for the driver u want. (written in C)
_________________
|
|
| Back to top |
|
|
newb09
Master Cheater
Reputation: 0
Joined: 02 Feb 2007
Posts: 350
|
| Posted: Wed Feb 13, 2008 6:13 pm Post subject: |
|
|
| Symbol wrote: | Yes, you can get the ID at the play screen and the handle at any time (System.Diagnostics.Process.GetProcessById(), User32.dll - FindWindow())
By "attach" do you mean OpenProcess? you don't even have to call OpenProcess, you can use the ProcessHandle to read memory, I just keep the handle in a static variable and then ReadProcessMemory(variable, params...,..,..); |
i want to write to memory thats why i just want to know what i needed to actually write to the memory.
_________________
NOOBXOR = Comes from the root words noob and haxor, hence noobxor.
word created by: newb09 & ferenzo
|
|
| Back to top |
|
|
Symbol
I'm a spammer
![]() Reputation: 0
Joined: 18 Apr 2007
Posts: 5094
Location: Israel.
|
| Posted: Wed Feb 13, 2008 6:16 pm Post subject: |
|
|
I never get C++ sources like this, with all the "__whatever" and the "!@#$%^" and other symbols... 
Thats why I like C#, it makes sence, DllImport and desclps or something like that... 
I don't know much C++...
I didn't understand any of it... I guess I should learn some more C++...
|
|
| Back to top |
|
|
newb09
Master Cheater
Reputation: 0
Joined: 02 Feb 2007
Posts: 350
|
| Posted: Wed Feb 13, 2008 6:27 pm Post subject: |
|
|
| Symbol wrote: | I never get C++ sources like this, with all the "__whatever" and the "!@#$%^" and other symbols...
Thats why I like C#, it makes sence, DllImport and desclps or something like that...
I don't know much C++... |
lol ill pm you if i need any help then lol.
i tried writing to memory but it wont work for some reason ill post code i use in a few min.
EDIT: lol im such a noobxor lol. i had to change my code a bit and now its working thank you so much 
_________________
NOOBXOR = Comes from the root words noob and haxor, hence noobxor.
word created by: newb09 & ferenzo
|
|
| Back to top |
|
|
lurc
Grandmaster Cheater Supreme
Reputation: 2
Joined: 13 Nov 2006
Posts: 1900
|
| Posted: Wed Feb 13, 2008 7:18 pm Post subject: |
|
|
Taken Straight from MSDN
| Quote: | WriteProcessMemory Function
Writes data to an area of memory in a specified process. The entire area to be written to must be accessible or the operation fails.
BOOL WINAPI WriteProcessMemory(
__in HANDLE hProcess,
__in LPVOID lpBaseAddress,
__in LPCVOID lpBuffer,
__in SIZE_T nSize,
__out SIZE_T* lpNumberOfBytesWritten
);
Parameters
hProcess
A handle to the process memory to be modified. The handle must have PROCESS_VM_WRITE and PROCESS_VM_OPERATION access to the process.
lpBaseAddress
A pointer to the base address in the specified process to which data is written. Before data transfer occurs, the system verifies that all data in the base address and memory of the specified size is accessible for write access, and if it is not accessible, the function fails.
lpBuffer
A pointer to the buffer that contains data to be written in the address space of the specified process.
nSize
The number of bytes to be written to the specified process.
lpNumberOfBytesWritten
A pointer to a variable that receives the number of bytes transferred into the specified process. This parameter is optional. If lpNumberOfBytesWritten is NULL, the parameter is ignored.
|
Example:
// Get DWORD pID using ProcessSnapshot or w/e its called, this method kinda sux
HWND hWnd = FindWindow( "MapleStoryClass", NULL );
DWORD pID;
GetWindowTheadProcessId( hWnd, &pID );
HANDLE hProc = OpenProcess( PROCESS_ALL_ACCESS, FALSE, pID );
BYTE bNops[2] = { 0x90, 0x90 };
WriteProcessMemory( hProc, (LPVOID)0x0000151, (LPVOID)bNops, 2, NULL );
Edit:
Found a function made by Wiccaan, just a more efficiant way of finding the pID
| Code: | HANDLE hProcessSnap; // will store a snapshot of all processes
HANDLE hProcess = NULL; // we will use this one for the WarRock process
PROCESSENTRY32 pe32; // stores basic info of a process, using this one to read the ProcessID from
hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 ); // make process snapshot
pe32.dwSize = sizeof( PROCESSENTRY32 ); // correct size
Process32First(hProcessSnap, &pe32); // read info about the first process into pe32
do // loop to find the WarRock process
{
if(strcmp(pe32.szExeFile, "MapleStory.exe") == 0) {
hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID); // open it, assigning to the hProcess handle
break; // break the loop
}
}
while(Process32Next(hProcessSnap, &pe32));
//Always remember to close the handle when your done with it.
CloseHandle( hProcess ); |
_________________
|
|
| Back to top |
|
|
newb09
Master Cheater
Reputation: 0
Joined: 02 Feb 2007
Posts: 350
|
| Posted: Wed Feb 13, 2008 7:47 pm Post subject: |
|
|
i still have a question lol.
ok i got the thing to write to an address but once maple starts it doesnt write to it it only writes to the address when it is at startup screen and not ingame even though its the same PID i used for the startup it wont write any suggestions on how to write after maple has started?
_________________
NOOBXOR = Comes from the root words noob and haxor, hence noobxor.
word created by: newb09 & ferenzo
|
|
| Back to top |
|
|
lurc
Grandmaster Cheater Supreme
Reputation: 2
Joined: 13 Nov 2006
Posts: 1900
|
| Posted: Wed Feb 13, 2008 8:12 pm Post subject: |
|
|
GameGuard's driver hooks API's that would be a "threat" to MapleStory or API's that have been used in the past to create bots and such.
so you have to create a driver that hooks Read and WriteProcessMemory (like CE does)
_________________
|
|
| Back to top |
|
|
newb09
Master Cheater
Reputation: 0
Joined: 02 Feb 2007
Posts: 350
|
| Posted: Wed Feb 13, 2008 8:35 pm Post subject: |
|
|
oh ok thank you. so i have to make a driver ok i see hm.. time to learn how to write a driver that hooks read and writeprocessmemory. lol wish i could find a tut. lol. thank you for all your help guys
_________________
NOOBXOR = Comes from the root words noob and haxor, hence noobxor.
word created by: newb09 & ferenzo
|
|
| Back to top |
|
|
HomerSexual
Grandmaster Cheater Supreme
 Reputation: 5
Joined: 03 Feb 2007
Posts: 1657
|
| Posted: Wed Feb 13, 2008 8:41 pm Post subject: |
|
|
| lurc wrote: | Taken Straight from MSDN
| Quote: | WriteProcessMemory Function
Writes data to an area of memory in a specified process. The entire area to be written to must be accessible or the operation fails.
BOOL WINAPI WriteProcessMemory(
__in HANDLE hProcess,
__in LPVOID lpBaseAddress,
__in LPCVOID lpBuffer,
__in SIZE_T nSize,
__out SIZE_T* lpNumberOfBytesWritten
);
Parameters
hProcess
A handle to the process memory to be modified. The handle must have PROCESS_VM_WRITE and PROCESS_VM_OPERATION access to the process.
lpBaseAddress
A pointer to the base address in the specified process to which data is written. Before data transfer occurs, the system verifies that all data in the base address and memory of the specified size is accessible for write access, and if it is not accessible, the function fails.
lpBuffer
A pointer to the buffer that contains data to be written in the address space of the specified process.
nSize
The number of bytes to be written to the specified process.
lpNumberOfBytesWritten
A pointer to a variable that receives the number of bytes transferred into the specified process. This parameter is optional. If lpNumberOfBytesWritten is NULL, the parameter is ignored.
|
Example:
// Get DWORD pID using ProcessSnapshot or w/e its called, this method kinda sux
HWND hWnd = FindWindow( "MapleStoryClass", NULL );
DWORD pID;
GetWindowTheadProcessId( hWnd, &pID );
HANDLE hProc = OpenProcess( PROCESS_ALL_ACCESS, FALSE, pID );
BYTE bNops[2] = { 0x90, 0x90 };
WriteProcessMemory( hProc, (LPVOID)0x0000151, (LPVOID)bNops, 2, NULL );
Edit:
Found a function made by Wiccaan, just a more efficiant way of finding the pID
| Code: | HANDLE hProcessSnap; // will store a snapshot of all processes
HANDLE hProcess = NULL; // we will use this one for the WarRock process
PROCESSENTRY32 pe32; // stores basic info of a process, using this one to read the ProcessID from
hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 ); // make process snapshot
pe32.dwSize = sizeof( PROCESSENTRY32 ); // correct size
Process32First(hProcessSnap, &pe32); // read info about the first process into pe32
do // loop to find the WarRock process
{
if(strcmp(pe32.szExeFile, "MapleStory.exe") == 0) {
hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID); // open it, assigning to the hProcess handle
break; // break the loop
}
}
while(Process32Next(hProcessSnap, &pe32));
//Always remember to close the handle when your done with it.
CloseHandle( hProcess ); |
|
I just saw the basically same code
| Code: | HANDLE hProcessSnap; // will store a snapshot of all processes
HANDLE hProcess = NULL; // we will use this one for the WarRock process
PROCESSENTRY32 pe32; // stores basic info of a process, using this one to read the ProcessID from
hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 ); // make process snapshot
pe32.dwSize = sizeof( PROCESSENTRY32 ); // correct size
Process32First(hProcessSnap, &pe32); // read info about the first process into pe32
do // loop to find the WarRock process
{
if(strcmp(pe32.szExeFile, "WarRock.exe") == 0) // if WarRock was found
{
hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID); // open it, assigning to the hProcess handle
break; // break the loop
}
}
while(Process32Next(hProcessSnap, &pe32)); // loop continued until Process32Next deliver NULL or its interrupted with the "break" above
CloseHandle( hProcessSnap ); // close the handle (just fuckin do it)
|
on http://www.mpgh.net/forum/17-tutorials/7511-writing_your_own_c_trainer.html
Why would wiccan make a function with WarRock comments. Just thought i would point this out......Anyone get what i'm saying?
_________________
|
|
| Back to top |
|
|
lurc
Grandmaster Cheater Supreme
Reputation: 2
Joined: 13 Nov 2006
Posts: 1900
|
| Posted: Wed Feb 13, 2008 9:29 pm Post subject: |
|
|
iunno if Wiccaan "made" the function, but it was on Extalia, so i just c+p'd ^^
_________________
|
|
| Back to top |
|
|
newb09
Master Cheater
Reputation: 0
Joined: 02 Feb 2007
Posts: 350
|
| Posted: Wed Feb 13, 2008 10:01 pm Post subject: |
|
|
| lurc wrote: | | iunno if Wiccaan "made" the function, but it was on Extalia, so i just c+p'd ^^ |
lol its fine and thanks for the help.
_________________
NOOBXOR = Comes from the root words noob and haxor, hence noobxor.
word created by: newb09 & ferenzo
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
