 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Dodish
Cheater
![]() Reputation: 0
Joined: 16 Nov 2016
Posts: 27
|
 Posted: Wed Apr 12, 2017 5:00 am Post subject: AOB scanning using C++ |
 |
|
Hello,
I've recently created a trainer for me in C++ but it's acting weird.
DLLMain:
| Code: | #include "stdafx.h"
#include <Windows.h>
#include <iostream>
#include "Memory.h"
using namespace std;
void ChangeMemory(DWORD baseadress, int value, DWORD offset1, DWORD offset2, bool msg)
{
DWORD d, ds;
DWORD* adress = (DWORD*)((*(DWORD*)(baseadress + offset1)) + offset2);
if (msg)
{
char szTest[10] ;
sprintf_s(szTest, "The final adress is : %X", adress);
MessageBoxA(NULL,szTest , NULL, NULL);
}
*(int*)adress = value;
}
void PatchAOB(char* pattern, char* mask, char* processname, bool msg, char* valuetowrite, int size, int position)
{
DWORD pVariable = FindPattern(processname, pattern, mask);
pVariable += position;
if (pVariable != 0)
{
WriteToMemory(pVariable, valuetowrite, size);
}
else
{
[color=red] MessageBoxA(NULL,"Something has gone wrong. :/" , NULL, NULL);[/color]
}
}
DWORD Patch()
{
[color=red] PatchAOB("\xEB\x03\x8B\x45\x08\xC9\xC3", "xxxxxxx", "TouchClient.exe", true, "\x90\x90", 2, 0);[/color]
return NULL;
}
BOOL APIENTRY DllMain( HMODULE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
CreateThread(0,0,(LPTHREAD_START_ROUTINE)Patch,0,0,0);
break;
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
} |
Memory.H
| Code: | #include <iostream>
#include <Windows.h>
#include <tlhelp32.h>
#include <Psapi.h>
void WriteToMemory(uintptr_t addressToWrite, char* valueToWrite, int byteNum)
{
unsigned long OldProtection;
VirtualProtect((LPVOID)(addressToWrite), byteNum, PAGE_EXECUTE_READWRITE, &OldProtection);
memcpy( (LPVOID)addressToWrite, valueToWrite, byteNum);
VirtualProtect((LPVOID)(addressToWrite), byteNum, OldProtection, NULL);
}
MODULEINFO GetModuleInfo( char *szModule )
{
MODULEINFO modinfo = {0};
HMODULE hModule = GetModuleHandle(szModule);
if(hModule == 0)
return modinfo;
GetModuleInformation(GetCurrentProcess(), hModule, &modinfo, sizeof(MODULEINFO));
return modinfo;
}
DWORD FindPattern(char *module, char *pattern, char *mask)
{
MODULEINFO mInfo = GetModuleInfo(module);
DWORD base = (DWORD)mInfo.lpBaseOfDll;
DWORD size = (DWORD)mInfo.SizeOfImage;
DWORD patternLength = (DWORD)strlen(mask);
for(DWORD i = 0; i < size - patternLength; i++)
{
bool found = true;
for(DWORD j = 0; j < patternLength; j++)
{
found &= mask[j] == '?' || pattern[j] == *(char*)(base + i + j);
}
if(found)
{
return base + i;
}
}
return NULL;
} |
I'm only using the AOB patching function for now, ignore the others in dllmain.
It doesn't detect the pattern and shows that message box, but I'm sure it does exist. Checked the pattern and mask multiple times with OllyDbg.
Note: The game is a Unity3D one.
Any help is appreciated, Hitler. Thanks!
|
|
| Back to top |
|
 |
Dodish
Cheater
![]() Reputation: 0
Joined: 16 Nov 2016
Posts: 27
|
| Posted: Tue Apr 18, 2017 12:38 am Post subject: |
|
|
| Bump
|
|
| Back to top |
|
|
atom0s
Moderator
 Reputation: 198
Joined: 25 Jan 2006
Posts: 8517
Location: 127.0.0.1
|
| Posted: Tue Apr 18, 2017 1:49 pm Post subject: |
|
|
Check the return values of everything and see if something is failing. You have a lot of copy pasted code here with no error checking at all. Debug and see if things are failing rather than just posting 'it dun work'.
_________________
- Retired. |
|
| Back to top |
|
|
Viloresi
Expert Cheater
![]() Reputation: 0
Joined: 02 Feb 2017
Posts: 149
|
| Posted: Wed Apr 19, 2017 3:34 am Post subject: |
|
|
| If it's a 64 bit process for the game, this will not work and you could try to change the DWORD to DWORD64
|
|
| Back to top |
|
|
Dodish
Cheater
![]() Reputation: 0
Joined: 16 Nov 2016
Posts: 27
|
| Posted: Wed Apr 19, 2017 8:02 am Post subject: |
|
|
| It's a *32 process.
|
|
| Back to top |
|
|
Viloresi
Expert Cheater
![]() Reputation: 0
Joined: 02 Feb 2017
Posts: 149
|
| Posted: Wed Apr 19, 2017 1:14 pm Post subject: |
|
|
In your code seems like there are missing some parts, for example why do you give that parameter to the PatchAob function, named "msg" if you don't use it?
Aniway try instead of calling PatchAob function, type this:
| Code: |
if ( (FindPattern("TouchClient.exe","\xEB\x03\x8B\x45\x08\xC9\xC3", "xxxxxxx")) == 0)
MessageBoxA(NULL,"FindPattern fails" , NULL, NULL);
else
MessageBoxA(NULL,"FindPattern success" , NULL, NULL);
|
If this fails then it's not a code fault or bug, but something else
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
