Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


[HELP REQUEST] C++ Trainer

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
berkay2578
How do I cheat?
Reputation: 0

Joined: 24 Dec 2012
Posts: 3
Location: Turkey
PostPosted: Mon Dec 24, 2012 1:48 pm    Post subject: [HELP REQUEST] C++ Trainer Reply with quote
Hi guys, So I have this problem with my project. I wanted to do a trainer in C++.

I'm the moderator of a crew called "HDW". We are doing trainers for NFS: World in Cheat Engine. It was fine until people started to make their own trainers with our script. And they said it was made by them. So we decided to use C++ on our next releases. The problem I have is, I can't "reach" to "static 'base' address". I'll give you an example. You'll understand it better.


Code:
[ENABLE]
nfsw.exe+443B44:
db 0F 5C 7B 0C F3

[DISABLE]
nfsw.exe+443B44:
db 0F 5C 43 0C F3


This is a "hack/cheat" made for NFS: World with using Cheat Engine. I can't give the same effect as CE does on C++. Because there is no offset. Only "nfsw.exe+443B44" and values to activate/disable the hack. Also I'm using AOB Scans to update addresses.

I need to use "nfsw.exe+443B44". Because 0x443B44 & nfsw.exe+443B44 are different things. Can someone help me here? Please Smile
Back to top
View user's profile Send private message
TsTg
Master Cheater
Reputation: 5

Joined: 12 Dec 2012
Posts: 340
Location: Somewhere....
PostPosted: Mon Dec 24, 2012 2:18 pm    Post subject: Reply with quote
In cheat engine's memory viewer window, press CTRL+G, then go to your address "nfsw.exe+443B44".

once there, open the 'View' menu, and uncheck 'Show Module Addresses', now you should be seeing the exact address without module relatives.
Back to top
View user's profile Send private message
atom0s
Moderator
Reputation: 205

Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
PostPosted: Tue Dec 25, 2012 4:15 am    Post subject: Reply with quote
nfsw.exe resolves to the symbol address. In this case its the main executables base address.

You can use the following API to get this information:
- CreateToolhelp32Snapshot
- Process32First / Process32Next
- Module32First / Module32Next

You can also use the PSAPI alternatives if you wish as well:
http://msdn.microsoft.com/en-us/library/windows/desktop/ms684894(v=vs.85).aspx

There are a lot of examples of doing this around the web and on these forums.
_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
berkay2578
How do I cheat?
Reputation: 0

Joined: 24 Dec 2012
Posts: 3
Location: Turkey
PostPosted: Tue Dec 25, 2012 11:12 am    Post subject: Reply with quote
tHeGeNiUs wrote:
In cheat engine's memory viewer window, press CTRL+G, then go to your address "nfsw.exe+443B44".

once there, open the 'View' menu, and uncheck 'Show Module Addresses', now you should be seeing the exact address without module relatives.


The result is a dynamic address. "nfsw.exe+443B44" leads to that dynamic address. Not the same thing..


Thanks Wiccaan for help. I found what I need but I can't use it Sad

Last edited by berkay2578 on Tue Dec 25, 2012 2:20 pm; edited 1 time in total
Back to top
View user's profile Send private message
TsTg
Master Cheater
Reputation: 5

Joined: 12 Dec 2012
Posts: 340
Location: Somewhere....
PostPosted: Tue Dec 25, 2012 2:07 pm    Post subject: Reply with quote
From what i understand, you are using a DLL of yours, as the trainer for a certain game with a variable base address?.

Anyway if this is, do the following:

1- Inject your DLL into the target by using CreateRemoteThread from your EXE, the thread function is the code of your dll to be executed.

2- In your injected DLL function,now:
-If your patching in the exe file(Target process itself), use GetModuleHandle to get the base address(use lpModuleName = NULL)

-If your patching a DLL inside the process, use LoadLibrary with the DLL name to get it's base address

3- Now your are ready to patch, just add your offset to the base address to get the correct target address, let's say here your 0x00C605D is in a dll that based at 0x00C0000 (For current session), so you know that offset is 0xC605D - 0xC0000 = 0x605D far from the base, so next time get the new base, add 0x605D to it, and patch your data, DONE Smile .
Back to top
View user's profile Send private message
berkay2578
How do I cheat?
Reputation: 0

Joined: 24 Dec 2012
Posts: 3
Location: Turkey
PostPosted: Tue Dec 25, 2012 2:19 pm    Post subject: Reply with quote
I got it all working. Thanks for your help. [to both]
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites