View previous topic :: View next topic |
Author |
Message |
Hush1 How do I cheat?
Reputation: 0
Joined: 01 Sep 2016 Posts: 2
|
Posted: Thu Sep 01, 2016 9:39 am Post subject: [Help] Trying to make a DLL Trainer |
|
|
Hi guys,
as in title I'm trying to make a .dll trainer for CoD4 using Pointers.
These are the values I found with CE
"iw3sp.exe"+000B9618 + offset 148
I wrote the DLL as follows:
maindll.cpp
Code: | #include <Windows.h>
#include <iostream>
#include "memhack.h"
using namespace std;
extern void hack1();
DWORD WINAPI Main()
{
while (true) {
hack1();
}
return 0;
}
BOOL WINAPI DllMain(HMODULE hDLL, DWORD dwReason, LPVOID lpvReserved)
{
switch (dwReason)
{
case DLL_PROCESS_ATTACH:
DisableThreadLibraryCalls(hDLL);
CreateThread(0, 0, (LPTHREAD_START_ROUTINE)&Main, 0, 0, 0);
break;
}
return TRUE;
} |
memhack.h
Code: | #pragma once
#include <windows.h>
DWORD AMMO_ADDR = 0x000B9618;
DWORD AMMO_OFS1 = 0x148;
DWORD myval = 300;
void hack1() {
if (GetAsyncKeyState(VK_F1) & 1) {
DWORD dllBase = (DWORD)GetModuleHandleA("iw3sp.exe");
DWORD_PTR dwBase = *(DWORD_PTR*)(dllBase + AMMO_ADDR);
DWORD_PTR dwbo = *(DWORD_PTR*)(dwBase + AMMO_OFS1);
*(DWORD_PTR*)dwbo = myval;
Sleep(500);
}
} |
The problem is, as soon as I try to trigger the trainer, the program crashes.
Attaching the debugger, I get "Access violation reading location" error
What should I do to make it work? Where is the problem?
Sorry for my bad english
Thanks in advance
Description: |
|
Filesize: |
35.72 KB |
Viewed: |
7439 Time(s) |

|
Description: |
|
Filesize: |
82.86 KB |
Viewed: |
7439 Time(s) |

|
|
|
Back to top |
|
 |
homer_simpson Grandmaster Cheater
Reputation: 0
Joined: 25 Feb 2007 Posts: 596
|
Posted: Sat Sep 10, 2016 6:09 pm Post subject: |
|
|
Two things:
Firstly you can get the base module address in a simpler way by calling GetModuleHandle with NULL as it's parameter.
Secondly, you should research about dereferencing pointers in C, how multi-level pointers are stored in memory as well as type definitions because you appear to have those things confused.
In short, your code should look something like this:
Code: | if (GetAsyncKeyState(VK_F1) & 1) {
DWORD dllBase = (DWORD)GetModuleHandleA(NULL);
DWORD dwBase = dllBase + AMMO_ADDR;
*(DWORD*)(dwBase + AMMO_OFS1) = myval;
Sleep(500);
} |
|
|
Back to top |
|
 |
kuntz Cheater
Reputation: 0
Joined: 29 Aug 2016 Posts: 44 Location: Canada
|
Posted: Sat Sep 10, 2016 7:11 pm Post subject: |
|
|
Is it crashing when you load the DLL or is it crashing when you press F1?
Code: | void hack(void)
{
if (GetAsyncKeyState(VK_F1) == 0xFFFF8001)
{
DWORD* dllBase = (DWORD*)GetModuleHandle(0);
dllBase[189912] = myval;
}
Sleep(25);
} |
|
|
Back to top |
|
 |
homer_simpson Grandmaster Cheater
Reputation: 0
Joined: 25 Feb 2007 Posts: 596
|
Posted: Sun Sep 11, 2016 1:33 pm Post subject: |
|
|
kuntz wrote: | Is it crashing when you load the DLL or is it crashing when you press F1?
Code: | void hack(void)
{
if (GetAsyncKeyState(VK_F1) == 0xFFFF8001)
{
DWORD* dllBase = (DWORD*)GetModuleHandle(0);
dllBase[189912] = myval;
}
Sleep(25);
} |
|
189912/2E5D8, where did you get this value?
|
|
Back to top |
|
 |
kuntz Cheater
Reputation: 0
Joined: 29 Aug 2016 Posts: 44 Location: Canada
|
Posted: Sun Sep 11, 2016 1:43 pm Post subject: |
|
|
homer_simpson wrote: | kuntz wrote: | Is it crashing when you load the DLL or is it crashing when you press F1?
Code: | void hack(void)
{
if (GetAsyncKeyState(VK_F1) == 0xFFFF8001)
{
DWORD* dllBase = (DWORD*)GetModuleHandle(0);
dllBase[189912] = myval;
}
Sleep(25);
} |
|
189912/2E5D8, where did you get this value? |
My bad, I misread his OP as something else.
|
|
Back to top |
|
 |
|