| View previous topic :: View next topic |
| Author |
Message |
h4c0r-BG
Master Cheater
 Reputation: 0
Joined: 29 Nov 2006
Posts: 449
Location: The yogurt country
|
 Posted: Thu Jul 12, 2007 9:00 am Post subject: Delphi Simple Trainer [HELP] |
 |
|
Ok ... so here we have a trainer wich changes the value of address 400000 to $90
| Quote: | unit trainer;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls;
type
TForm1 = class(TForm)
Button1: TButton;
procedure Button1Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
procedure TForm1.Button1Click(Sender: TObject);
var
WindowName : integer;
ProcessId : integer;
ThreadId : integer;
buf : pchar;
HandleWindow : Integer;
write : cardinal;
const
WindowTitle = 'Minesweeper'; // The window title of the game.
begin
WindowName := FindWindow(nil,WindowTitle); //Looks for the WindowTitle.
If WindowName = 0 then
begin
MessageDlg('Your game is not running!', mterror,[mbOK],0); //Notifys user that the game is not detected or running.
end;
ThreadId := GetWindowThreadProcessId(WindowName,@ProcessId); //Gets the thread process ID of the window's caption.
HandleWindow := OpenProcess(PROCESS_ALL_ACCESS,False,ProcessId); //Opens the game process and stores the handle in HandleWindow.
GetMem(buf,1);
buf^ := Chr($90); // Sets the value of buf to 90(Hex).
WriteProcessMemory(HandleWindow,ptr($400000),buf,1,write);// Writes the value of buf to address 400000.
FreeMem(buf); // Resets buf.
CloseHandle(HandleWindow); // Closes the game handle.
end;
end. |
So the question is how can i patch address 400000 which allready has JNZ and i want to replace it with JMP... ?
_________________
|
|
| Back to top |
|
 |
appalsap
Moderator
 Reputation: 0
Joined: 27 Apr 2006
Posts: 6753
Location: Pakistan
|
| Posted: Thu Jul 12, 2007 9:13 am Post subject: |
|
|
JNZ = 75
JMP = EB
(assuming they're short jumps)
|
|
| Back to top |
|
|
h4c0r-BG
Master Cheater
Reputation: 0
Joined: 29 Nov 2006
Posts: 449
Location: The yogurt country
|
| Posted: Thu Jul 12, 2007 9:43 am Post subject: |
|
|
So it will be:
buf^ := Chr(EB);
 (i'm 99.99% sure that is not correct but ... i still don't get it  )
_________________
|
|
| Back to top |
|
|
appalsap
Moderator
Reputation: 0
Joined: 27 Apr 2006
Posts: 6753
Location: Pakistan
|
| Posted: Thu Jul 12, 2007 9:45 am Post subject: |
|
|
| h4c0r-BG wrote: | So it will be:
buf^ := Chr(EB); |
yes
| h4c0r-BG wrote: | | |
don't be sarcastic with the people trying to help you
| h4c0r-BG wrote: | | (i'm 99.99% sure that is not correct |
why
| h4c0r-BG wrote: | | but ... i still don't get it ) |
why not
|
|
| Back to top |
|
|
h4c0r-BG
Master Cheater
Reputation: 0
Joined: 29 Nov 2006
Posts: 449
Location: The yogurt country
|
| Posted: Thu Jul 12, 2007 9:59 am Post subject: |
|
|
| appalsap wrote: |
| h4c0r-BG wrote: | | (i'm 99.99% sure that is not correct |
why
|
because was logical thinking but thanks for your help!
Can i ask how we deal with pointers  how we deal with the offset?
_________________
|
|
| Back to top |
|
|
appalsap
Moderator
Reputation: 0
Joined: 27 Apr 2006
Posts: 6753
Location: Pakistan
|
| Posted: Thu Jul 12, 2007 10:01 am Post subject: |
|
|
| h4c0r-BG wrote: | | Can i ask how we deal with pointers how we deal with the offset? |
say we have a pointer, 00400000 with the offset 200
we read 00400000 and get 01000000
01000000 + 200 = 01000200
|
|
| Back to top |
|
|
h4c0r-BG
Master Cheater
Reputation: 0
Joined: 29 Nov 2006
Posts: 449
Location: The yogurt country
|
| Posted: Thu Jul 12, 2007 10:13 am Post subject: |
|
|
Please write down how will look this with offseot of 200:
WriteProcessMemory(HandleWindow,ptr($400000),buf,1,write);
(just for example so i`ll be able to understand)
I hope i don't make you much trouble. 
_________________
|
|
| Back to top |
|
|
appalsap
Moderator
Reputation: 0
Joined: 27 Apr 2006
Posts: 6753
Location: Pakistan
|
| Posted: Thu Jul 12, 2007 10:24 am Post subject: |
|
|
| WriteProcessMemory(HandleWindow,(ptr($400000)+200),buf,1,write);
|
|
| Back to top |
|
|
h4c0r-BG
Master Cheater
Reputation: 0
Joined: 29 Nov 2006
Posts: 449
Location: The yogurt country
|
| Posted: Fri Jul 13, 2007 10:59 am Post subject: |
|
|
How it will look like when i want to change the value which the address stores:
Like in Cheat engine tutorial at 2st step we have value 100 in address $D62770
And i want to change the value to 1000.
So how to do that? I am tired of searching and .. no working results or i've just found it but i don't know that since of errors in compiling.
Can somebody show me an example, please.
WriteProcessMemory(HandleWindow,?????($D62770))???????????????);
_________________
|
|
| Back to top |
|
|
DeletedUser14087
I post too much
![]() Reputation: 2
Joined: 21 Jun 2006
Posts: 3069
|
| Posted: Fri Jul 13, 2007 11:09 am Post subject: |
|
|
This code looks familiar to me.... 
|
|
| Back to top |
|
|
h4c0r-BG
Master Cheater
Reputation: 0
Joined: 29 Nov 2006
Posts: 449
Location: The yogurt country
|
| Posted: Fri Jul 13, 2007 1:10 pm Post subject: |
|
|
Ok i got this to work.
var value,write: cardinal;
begin
value := $FFFFFFFF;
writeprocessmemory(HandleWindow,ptr($4609F0),@value,4,write);
But now i'm asking how to edit text in certain address?
_________________
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
