 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Tpiom
How do I cheat?
![]() Reputation: 0
Joined: 24 Feb 2015
Posts: 3
|
 Posted: Tue Feb 24, 2015 3:43 pm Post subject: C# - pointer offset...? |
 |
|
Hello...
I'm new here, but also to CheatEngine, memory, pointers and C# in general...
Well, I've been going at it for a few months but I'm having some difficulty figuring out how to hack the health in a game.
I've tracked down the pointer and it works great in Cheat Engine. Double clicking on it gives me this:
dc <-- offset?
f8 <-- offset?
1ac <-- offset?
0 <-- offset (useless?)
"swkotor.exe"+003B93B0 <- Base address?
So... Calculating this gives me: 3B9730 (which is my final address?)
So... now to C#:
| Code: |
IntPtr hProc = IntPtr.Zero;
IntPtr bAddr;
IntPtr bytesRW;
const uint dwAllAccess = 0x1F0FFF;
byte[] bBuff = new byte[4];
bool bFound = false;
|
| Code: |
// supposed to freeze the HP. txTime is a textbox which lets you enter a value.
if (checkBoxHPFreeze.Checked)
{
bBuff = BitConverter.GetBytes(int.Parse(txTime.Text));
WriteProcessMemory(hProc, (IntPtr)0x3B9730, bBuff, 4, out bytesRW);
}
else
{
bAddr = (IntPtr)0x3B9730;
ReadProcessMemory(hProc, bAddr, bBuff, 4, out bytesRW);
txTime.Text = BitConverter.ToInt32(bBuff, 0).ToString();
}
|
There is, of course, more to the code but most of it is initially from another trainer, which in turn, works great. Also, I've analyzed it thoroughly and the problem doesn't seem to be from there.
Help? 
|
|
| Back to top |
|
 |
Pingo
Grandmaster Cheater
![]() Reputation: 8
Joined: 12 Jul 2007
Posts: 571
|
| Posted: Tue Feb 24, 2015 4:25 pm Post subject: |
|
|
You don't just add the offsets together.
swkotor.exe is the base address of your game, that has a value too.
The value (in memory) of "swkotor.exe"+003B93B0 is your next address.
0 <-- offset (useless?)
No, this is needed.
Just means you don't need to add anything to the next address.
I'm just gonna make these addresses up just to try clearing things up.
Remember to read the value as hexadecimal so you understand it better.
Lets say
swkotor.exe = 00400000
00400000 + 003B93B0 = 007B93B0
Read the (value) of 007B93B0 in memory.
Lets say the value is 00800000
Your first offset is 0 so your next address is still 00800000
Read the value of 00800000
Lets say the value is 00900000
Your next address is 00900000 + 1AC (your next offset)
Read the value at 009001AC and repeat untill you go through all your offsets.
Heres a little C# pointer function I made for win 32bit.
It will only return the pointer address, not the value of it.
| Code: | public int Pointer(string ProcessName, object Address, int[] Offsets)
{
int BaseAddy = -1;
Process[] P = Process.GetProcessesByName(ProcessName);
if (P.Length == 0) return BaseAddy;
if (Address.GetType() == typeof(Int32))
BaseAddy = Convert.ToInt32(Address);
else if (Address.GetType() == typeof(String))
{
string[] tmp = Convert.ToString(Address).Split('+');
foreach (ProcessModule M in P[0].Modules)
if (M.ModuleName.ToLower() == tmp[0].ToLower())
BaseAddy = M.BaseAddress.ToInt32() + int.Parse(tmp[1], NumberStyles.HexNumber);
}
else return BaseAddy;
byte[] buff = new byte[4];
for (int i = 0; i < Offsets.Length; i++)
{
ReadProcessMemory(P[0].Handle, BaseAddy + Offsets[i], buff, 4, 0);
BaseAddy = BitConverter.ToInt32(buff, 0);
}
return BaseAddy;
} |
Read the pointer address
| Code: | | txTime.Text = Pointer("swkotor", "swkotor.exe+003B93B0", new int[] { 0, 0x1AC, 0xF8, 0xDC }).ToString("X"); |
Once you have the address, you can read the value of it.
Looks like you're trying to read something todo with time. This won't return the time, only the time address. Once you have the address, just read/write the value.
_________________
|
|
| Back to top |
|
|
erfg1
Cheater
 Reputation: 0
Joined: 14 Jul 2013
Posts: 49
|
| Posted: Wed Feb 25, 2015 7:34 am Post subject: |
|
|
Also, if you want to use my dll you can use base+address and as many offsets as you want with a single function.
http : / / forum.cheatengine . org/viewtopic.php?t=579904
(cant post URLs yet, copy and paste and remove the spaces)
First, with visual studios .net open, right click on your project and press "Add Reference" and browse to the dll file. Make sure the dll is placed next to your compiled .exe trainer program so it can use it when executed.
In your C# program, place the following code so you can use the functions within the DLL.
Within the C# namespace class put this to reference the DLL functions.
| Code: | | Mem MemLib = new Mem(); |
In the code.ini file you would just put your variable in and use base.
| Code: | | InfHP=base+0x003B93B0,0xdc,0xf8,0x1ac,0x0 |
In your C# code you would find and open the process.
| Code: |
[DllImport("kernel32.dll")]
private static extern IntPtr OpenProcess(uint dwDesiredAccess, bool bInheritHandle, int dwProcessId);
[DllImport("kernel32.dll", CharSet = CharSet.Ansi, ExactSpelling = true)]
public static extern UIntPtr GetProcAddress(
IntPtr hModule,
string procName
);
Process[] processlist = Process.GetProcesses();
foreach (Process theprocess in processlist) //look through all processes
{
if (theprocess.ProcessName == “swkotor”) //find this process name in task manager
{
if (theprocess.Responding == false)
return;
MemLib.OpenProcess(theprocess.Id); //get process ID to start read/write
}
} |
Example if you wanted to write integer 999 to this. Put this on a timer every 1 second if you want this to constantly write 999 to the memory address.
| Code: |
codeFile = Application.StartupPath + @"\codes.ini";
MemLib.writeMemory("InfHP", codeFile, "int", "999");
|
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
