Cheat Engine

[LongBeardedLion]

So i found this address that responds to any keypress. So long the EBX is the virtual key code. In my example i used the key "D" as a breakpoint condition to see what was happening.

But i dont know what to do from here. I tried changing EBX to 41, thats the key "A". But nothing happened.

Please let me know how should i proceed to have control over the keys pressed.

Image:

oops, image is not attaching. Seems like a server problem, so i uploaded it on imgur:

https://imgur. com/a/ 9UcxkbD

[LongBeardedLion]

bumpity bump...?

...BUMP

[Csimbi]

GetKeyState is used to retrieve status.
You cannot use it to set status.

Have you tried AutoHotkey?

[LongBeardedLion]

Thanks darkbyte,


Getkeystate is a retrieve only? What does that mean? It means it only reads the keys? What if i inject code in it and call the function wont it read it as if i sent another key?

So perhaps i should go forward in my code and look for the next function? That perhaps will have the actual code that i need to inject or call?

Does this make sense?

[Csimbi]

Here, read it.

[LongBeardedLion]

Thank you.

So from what i understood it can still be possible what i said?

If GetKeyState checks constantly if a key is being pressed. Then i can inject code that will simulate that the key is being presses?

Or this dont make sense ^?

On the other hand even if that does not work. I can make a breakpoint in the GetKeyState function, and just go forward until i find the function triggered by that GetKeyState == 1. Then i can call that function?

Unfortunately i tried this a few times^, and there was so much code, and so much jumping and calling, that it was like finding a needle in a stack...

??? Maybe there is some caveat here that i dont know of. Please help me Csimbi.

[atom0s]

If an application uses GetKeyState to check for a key status to handle 'downed' keys, then you could hook GetKeyState and fake the return, but that is not a common means of handling key data for an entire keyboard.

Your wording is not the intention of these APIs either, they are meant to only check the status of the key like Csimbi has said. They are not meant for setting the state of the key.

If you are trying to inject keypresses then you need to look into the API that is designed for that purpose, such as:
- SendMessage / PostMessage
- SendInput / keybd_event
- SetKeyboardState
- etc.

Keeping in mind, not all applications/games read and process the keyboard the same way. So there is no guaranteed way to work on all applications.

[LongBeardedLion]

Ok i will look into those too.

But what about the other suggestion i made. Where i simply follow through and analyze the functions that are called when the getkeystate is "D"? Then all i have to do is call those functions?

[Csimbi]

That will only work if GetKeyState is used. Apps can also use GetAsyncKeyState, and it is often preferred because it returns much faster.
But yes, in principle, you should be able to set a conditional breakpoint just for the 'D' key and then you can debug from there on.

[LongBeardedLion]

Thanks.

I opened IDA and found these dlls, in a list of other 248 dlls, are imported into the exe:

In my noob intuition they seem to be related to the key being pressed.

Im now studying how to call functions inside these dlls.

Problem is they are so many. Which one do you think is the one i should study in order to be able to hack the keys, besides the GetAsyncKeyState.
Or is the GetAsyncKeyState the only one necessary?

GetAsyncKeyState (user32).

GetMessageA.

SendMessageA.

PostMessageA.

GetKeyboardState

GetKeyNameTextA

MapVirtualKeyA

RegCreateKeyExA

[Csimbi]

You know, I urge you to leave the Windows API alone - changing that code can ruin your day in a hurry.
Instead, hack the app leveraging that API: do your magic before or after these calls are made.

[LongBeardedLion]

Thanks. But why can it ruin my day?

https://www.youtube.com/watch?v=6JV0dmLWMNs&feature=emb_title

This is the tutorial im following. I already looked at it while on the threadmill. I need to now follow it in detail, and then i will do it.