Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


all about getPixels.

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
blitz02
Cheater
Reputation: 0

Joined: 28 Feb 2007
Posts: 44

PostPosted: Sun May 09, 2010 1:23 am    Post subject: all about getPixels. Reply with quote

Hi again, thank you for visiting my thread.
I was wondering if I could get a clear explanation about getPixels.
I tried messing around with it and gave me some ideas.

first I try to check if pixel colors do really work..
So i tried messing my paint and spill it with different colors.
I check the code if it's working by comparing 2 selected pixel coordinates.
So if i color all black, message show that its equal.
while if it's not the same, it says unequal.
So from here I conclude that the code is working and I can now use getPixels.

But there is a problem, when I try to connect it on a game, (Which is having a gameguard) it only says equal..

So I try messing around.
Put some if conditions
if this pixel == -1 or 0.

The getPIxel dont work.. I am usually getting -1 and equal(even it is in different color).

I kinda search for getPixel with Gameguard, and it tells that this api is blocked by gg.

I know this can be done, bcoz I am purchasing other FPS VIPs and their aimbot functions very well.

Could anyone give me a hint regarding this..
It would be a really really big great help. Wink TIA
Back to top
View user's profile Send private message
hcavolsdsadgadsg
I'm a spammer
Reputation: 26

Joined: 11 Jun 2007
Posts: 5801

PostPosted: Sun May 09, 2010 2:35 am    Post subject: Reply with quote

does gamegaurd block all the gdi functions?

like bitblt(), getdc(), createdibsection()? it's easy to read pixels without getpixel().


create a dib section, select it into a memory dc, then blit your dc into the memory dc.
Back to top
View user's profile Send private message
Slugsnack
Grandmaster Cheater Supreme
Reputation: 71

Joined: 24 Jan 2007
Posts: 1857

PostPosted: Sun May 09, 2010 6:36 am    Post subject: Reply with quote

i believe getpixel is only hooked in usermode so you can easily bypass that
Back to top
View user's profile Send private message
blitz02
Cheater
Reputation: 0

Joined: 28 Feb 2007
Posts: 44

PostPosted: Sun May 09, 2010 10:46 am    Post subject: Reply with quote

slovach wrote:
does gamegaurd block all the gdi functions?

like bitblt(), getdc(), createdibsection()? it's easy to read pixels without getpixel().


create a dib section, select it into a memory dc, then blit your dc into the memory dc.


Thanks for the hint. I'm actually working on it.
Correct me if I'm wrong. This is what I have came up.

createDIBsection - creates a section where in an empty scratchpad will be used to store copied bitmaps?

BitBlt - Uses to copy an entire range of a rectangle into a scratchpad and to that scratchpad we can do our things here.

I'm kinda confused since it's my first day on BitBlt Very Happy
Don't be too hard on me Very Happy

Slugsnack wrote:
i believe getpixel is only hooked in usermode so you can easily bypass that


If that is true, then the 0 and -1 pixels I am getting was really valid?

I have read some related articles on getPixel and the Game.
The Game uses getPixel too. On that post, someone said. If the getPixel is used by the game, we won't be able to use it. o_o

-------

Thanks for the hints. I'm currently working on it Very Happy

/ho Happy~
Back to top
View user's profile Send private message
Slugsnack
Grandmaster Cheater Supreme
Reputation: 71

Joined: 24 Jan 2007
Posts: 1857

PostPosted: Sun May 09, 2010 11:19 am    Post subject: Reply with quote

On second thoughts I'm not so sure it's not got a kernelmode hook either. I remember someone who used to use the game's screenshot function and read the bitmap produced from the file system.
Back to top
View user's profile Send private message
hcavolsdsadgadsg
I'm a spammer
Reputation: 26

Joined: 11 Jun 2007
Posts: 5801

PostPosted: Sun May 09, 2010 4:33 pm    Post subject: Reply with quote

A DIB section provides you with a pointer to the data.
BitBlt is basically a memcpy with some other stuff behind the scenes

when you blit the device context contents into the memory dc with the dib selected into it, you'll end up with a pointer to all the raw pixel data.


here's an abortion for you to play with

Code:
#include <Windows.h>
#include <stdio.h>

#define WIDTH   1440
#define HEIGHT   900

COLORREF readPixel(void* ptr, int x, int y)
{
   DWORD* dst = (DWORD*)ptr + (y * WIDTH + x);
   return *dst;
}

int main(void)
{
   HBITMAP   dib;
   void*   bits   = 0;
   HDC      hdc      = GetDC(0); //entire screen
   HDC      memDc   = CreateCompatibleDC(hdc); //memory dc

   BITMAPINFO bi         = { 0 };
   bi.bmiHeader.biSize     = sizeof(BITMAPINFO);
   bi.bmiHeader.biWidth    = WIDTH;
   bi.bmiHeader.biHeight   = -HEIGHT; //negative, create a top down dib
   bi.bmiHeader.biPlanes   = 1;
   bi.bmiHeader.biBitCount = 32;
   
   dib = CreateDIBSection(hdc, &bi, DIB_RGB_COLORS, &bits, 0, 0);
   SelectObject(memDc, dib); //i don't do any of the cleanup, so be sure to handle it

   while(!GetAsyncKeyState(VK_ESCAPE))
   {      
      DWORD col;
      POINT p;
      GetCursorPos(&p);

      //hdc is the source, memDc is the destination
      BitBlt(memDc, 0, 0, WIDTH, HEIGHT, hdc, 0, 0, SRCCOPY);
      col = readPixel(bits, p.x, p.y);

      printf("RGB: %X\n", col);
      Sleep(1000);
   }

   return 0;
}
Back to top
View user's profile Send private message
blitz02
Cheater
Reputation: 0

Joined: 28 Feb 2007
Posts: 44

PostPosted: Sun May 09, 2010 5:08 pm    Post subject: Reply with quote

Awesome, it's like you already make it for me.
Many thanks, I'll try messing this around so I could learn how'dya do it.
Thanks again Very Happy


----------------------------------------------------------------------------------------
Feedback.

The code works perfectly well.
I have located RGB Colors I want when I am using it.
Afterwards, I included the code on my DLL.

modify the coordinates of the mouse x/y to a static coordinates.

I open the console that I compiled with your code. I looked at the coordinate 406, 486 and returned me a value of E68000.

In my DLL, I was hoping to get the same value. So I change coordinates to 406,486 and compared it. returns to error.
When I check what the code returns, it gave me 0.

-------------------

Every coordinates at the screen returns me a 0 value.

-------------------

I have gettin an idea that the game itself uses the function and I wasn't able to get a chance using it.

Criticize my actions, what do you think is the problem? Is it gameguard? or really the game itself.
Back to top
View user's profile Send private message
hcavolsdsadgadsg
I'm a spammer
Reputation: 26

Joined: 11 Jun 2007
Posts: 5801

PostPosted: Sun May 09, 2010 9:19 pm    Post subject: Reply with quote

I've never played a game with gamegaurd so i don't really know how it works.


Make sure you're getting a valid DC when you're using it in your DLL. 0 for the parameter means it will try to use the screen itself, not a specific window.



If you're using visual studio, you can debug injected dll's easily. Just set a breakpoint, inject it, and attach the debugger. It'll break inside visual studio just like any other program.
Back to top
View user's profile Send private message
blitz02
Cheater
Reputation: 0

Joined: 28 Feb 2007
Posts: 44

PostPosted: Sun May 09, 2010 9:51 pm    Post subject: Reply with quote

Thanks for the reply.

GetDC is not working after I injected it.
After I injected it, ofcourse I expect it becomes 0.
So I tried minimizing the game to get to my desktop.
Then hit the F9(to initiate pixel getting/your code)
Pixel shows that it stays at 0, no changes at all.

It didn't get the window after I minimize it. It is still returns 0.

//edit

Okay. I conduct another test.
I tried it on a D3D9 Test Enviroment.
It still gives me value of 0, even if I am viewing desktop.

is the problem cause on injecting? :3


//

I am searchingfor IDirect3DSurface9::GetDC() now.. maybe it can help.
Back to top
View user's profile Send private message
hcavolsdsadgadsg
I'm a spammer
Reputation: 26

Joined: 11 Jun 2007
Posts: 5801

PostPosted: Mon May 10, 2010 12:14 am    Post subject: This post has 1 review(s) Reply with quote

I'm pretty sure you should be able to get the DC of a directx / opengl window, so i'd imagine blitting its contents should work alright, I'm not entirely sure though.

I don't know why it would break on injecting.


I guess if you had the renderer hooked you could create a surface, copy the front buffer there, lock the surface and do your pixel checks like that...
Back to top
View user's profile Send private message
blitz02
Cheater
Reputation: 0

Joined: 28 Feb 2007
Posts: 44

PostPosted: Mon May 10, 2010 12:19 am    Post subject: Reply with quote

I'm pretty sure it does gettin the DC.
The problem I think is on hooking maybe..

I'll search for more. Thanks for your time. Smile


//add

now I can be sure the problem is on injecting.

I tried to inject it to paint.exe.
it returns 0 value of pixels too. Wink
Back to top
View user's profile Send private message
Slugsnack
Grandmaster Cheater Supreme
Reputation: 71

Joined: 24 Jan 2007
Posts: 1857

PostPosted: Mon May 10, 2010 8:20 am    Post subject: Reply with quote

posting your code could well help us determine your problem
Back to top
View user's profile Send private message
blitz02
Cheater
Reputation: 0

Joined: 28 Feb 2007
Posts: 44

PostPosted: Mon May 10, 2010 10:56 am    Post subject: Reply with quote

I just C/P the code from slovach.
Anyways I spent the whole day working on it. And just now, I got the answers.

Hooking BitBlt into anyprocess makes the data lost.
On my understanding, it's like BitBlt or the copied pixels are the ones who doesn't work. It will only have black background.

Thanks for all the support out here! +rep Very Happy
Back to top
View user's profile Send private message
hcavolsdsadgadsg
I'm a spammer
Reputation: 26

Joined: 11 Jun 2007
Posts: 5801

PostPosted: Mon May 10, 2010 12:39 pm    Post subject: Reply with quote

Can you actually confirm that your DC is valid when you inject it? What are you using, the actual process that you've injected it into window?

GetLastError() will return ERROR_INVALID_HANDLE if BitBlt fails from an invalid DC.


I don't think the DIB pointer is invalid, you'd probably get an access violation otherwise.
Back to top
View user's profile Send private message
blitz02
Cheater
Reputation: 0

Joined: 28 Feb 2007
Posts: 44

PostPosted: Mon May 10, 2010 7:16 pm    Post subject: Reply with quote

I got it all working hurray! Thanks again, it seems that I need to place BltBit everytime I will do a scan.. I places the code so wrong sorry.. Thanks again Very Happy
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites