Basic DLL

[Jabberwock]

Code:

/*

Basic DLL

*/

#include <windows.h>
#include <stdio.h>

// Pointers

#define pointer 0x00000000
#define offset1 0x00000000

// Global variables


bool activated = false;
unsigned long ClientOffset;
//unsigned long ingame = 0x1B8B054;
bool* ingame;
HANDLE setting;

void set()
{
	unsigned long address;
	//unsigned long old_p;

	while (true)
	{
		if (*ingame)
		{
			address = ClientOffset + pointer;

			if (IsBadReadPtr((void*)address, 4) != NULL) continue;
			address = *(unsigned long*)address + offset1;
			
			// Set the address

			if (IsBadWritePtr((void*)address, 4) == NULL)
				*(int*)address = 0;

			//VirtualProtect((void*)address, 4, PAGE_READONLY, &old_p);
		}

		Sleep(1000);// every death it resets, so it is OK
	}
}

void reset()
{
	unsigned long address = ClientOffset + pointer;
	if (IsBadReadPtr((void*)address, 4) != NULL) return;// It is already disabled
	address = *(unsigned long*)address + offset1;
	if (IsBadWritePtr((void*)address, 4) != NULL) return;

	// Here you reset the address

	*(int*)address = 0;// int = 4 bytes
}

void is_activated()
{
	while (true)
	{
		if (GetAsyncKeyState(VK_END) &0x8000)
		{
			if (*ingame)
			{
				if (!activated)
				{
					ResumeThread(setting);

					activated = true;

					Beep(1000, 100);
				}
				else
				{
					SuspendThread(setting);
					reset();
					activated = false;

					Beep(750, 300);
				}
			}
			
			Sleep(900);// If he pressed the key longer than 30ms then this will stop him from toggling it again, hopefully
		}
		else Sleep(30);//Not to overload the CPU. He can't press the key shorter than 15ms. 30ms on average
	}
}

void main()
{
	Beep(1000, 100);

	// Could be injected earlier than expected

	while (!(ClientOffset = (unsigned long)GetModuleHandle(NULL)))
		Sleep(100);
	
	ingame = (bool*)(ClientOffset + 0x1B8B054);

	HANDLE checking;

	try
	{
		if ((checking = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)is_activated, NULL, CREATE_SUSPENDED, NULL)) == NULL)
			throw "Couldn't create a thread to execute within the virtual address space of the calling process.(2)";

		if ((setting = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)set, NULL, CREATE_SUSPENDED, NULL)) == NULL)
			throw "Couldn't create a thread to execute within the virtual address space of the calling process.(3)";
	}
	catch ( LPCSTR error )
	{
		MessageBox(NULL, error, "Error", MB_OK | MB_ICONERROR);
		return;
	}
	
	//if (SetThreadPriority(setting, THREAD_PRIORITY_BELOW_NORMAL) == NULL) // It can take resources so we need to protect the user from lags
	//	MessageBox(NULL, "Couldn't set thread priority.\nBut the program can still continue.", "Error", MB_OK | MB_ICONERROR);

	bool in_progress = false;

	while (true)
	{
		// Checks if he is in game
		
		if (*ingame)
		{
			// Want the hack or not want the hack?
			
			if (!in_progress)
			{
				ResumeThread(checking);
				in_progress = true;
			}
		}
		else if (in_progress)
		{
			SuspendThread(checking);// No need to check out of game
			in_progress = false;//Checking ain't in progress

			if (activated)
				if (SuspendThread(setting) != -1)
					activated = false;
		}
		
		Sleep(2000);//Not to overload the CPU
	}

	//char buf[255];
	//sprintf_s(buf, "%d", address);
	//MessageBox(NULL, buf, "ERROR", MB_OK | MB_ICONERROR);
}

bool WINAPI DllMain(HINSTANCE hDLLInst, DWORD fdwReason, LPVOID lpvReserved)
{
	DisableThreadLibraryCalls(hDLLInst);

	if (fdwReason == DLL_PROCESS_ATTACH)
	{
		if (CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)main, NULL, 0, NULL) == NULL) // Creating a new thread in the process "AVA"
		{
			MessageBox(NULL, "Couldn't create a thread to execute within the virtual address space of the calling process.", "Error", MB_OK | MB_ICONERROR);
			return false;
		}
	}
	else if (fdwReason == DLL_PROCESS_DETACH)
	{
		// No need for anything here
		
	}
	
	return true;
}

First, to use this code you must know C++.
But I'll explain here about some functions.

Code:

CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)main, NULL, 0, NULL);

What "CreateThread" does is create a new thread in the process itself. The benefit of this is that the function you delivered to this function will be multitasked. Here some info from Wiki: Computer multitasking - Wikipedia, the free encyclopedia

Code:

SetThreadPriority(setting, THREAD_PRIORITY_BELOW_NORMAL);

Well this set the thread priority 1 below normal. If you have a loop who is refreshing in 1ms each time then maybe you will find this useful to not make the user experience lag in game.

Code:

char buf[255];
sprintf_s(buf, "%d", address);
MessageBox(NULL, buf, "ERROR", MB_OK | MB_ICONERROR);

This piece of code will let you print a number on the screen, as you can't do it by default with the function MessageBox.

Code:

IsBadReadPtr((void*)address, 4);
IsBadWritePtr((void*)address, 4);

This function "IsBadReadPtr" checks if the address is accesable and can be read, it is useful if your pointer in CE isn't always showing. Also if you use them correctly they can avoid crashes.
The other one does the same except it also checks if we can write to the address.
These functions return zero on success or nonzero on failure.

Code:

if (GetAsyncKeyState(VK_END) &0x8000)

This code checks if at the time that code run the user pressed the END key. You can change it to other keys.
See here for the list: Virtual-Key Codes

Code:

while (!(ClientOffset = (unsigned long)GetModuleHandle(NULL)))
	Sleep(100);

This one will set ClientOffset to always 0x400000(In AVA case of course, don't know about different games). To use the address(or pointer) you found in CE you need to add this number to it. It is like an additional offset(The offset of the module).
You can change NULL in this code to "AVA.exe" it will be the same.

Code:

ResumeThread();
SuspendThread();
Beep();

I think that they are pretty self explained.

For anything else you use MSDN, or google. Don't PM me with questions. You can ask questions you didn't find on the web here in MPGH C++ forum.

Additional notes:

Now about the ingame pointer that I already put in this code: It is a native address(Meaninig it shows in a green color in CE) who shows 1 if the user is in game, otherwise 0.

Every time the game gets patched, the pointers will change. So you will have to update them.

To compile this you need Microsoft Visual Studio 2010, sure you can with others but I recommend this one only!

Troubleshooting:
Q: My game crash when I inject the DLL! How can I fix it?
A: Well either you didn't put the right pointer or you was reading it when it isn't currently readable or writeable.

Q: How can we read from an address or write to it that we found in CE?
A: I'll explain. For example, we found this native address(See photo):



We read it like this:

Code:

unsigned long address = 0x1B8B054 + ClientOffset;
int content = *(int*)address;

Write to it:

Code:

unsigned long address = 0x1B8B054 + ClientOffset;
*(int*)address = 12345;

Clientoffset I exlained already above what it is.

What if we have an offset to the address? Meaning a pointer?
If the offset is like this: A2B.

We do it like this:

Read -

Code:

unsigned long address = 0x1B8B054 + ClientOffset;
address = *(unsigned long*)address + 0xA2B;
int content = *(int*)address;

Write -

Code:

unsigned long address = 0x1B8B054 + ClientOffset;
address = *(unsigned long*)address + 0xA2B;
*(int*)address = 12345;

And I forgot to say, we put the 0x prefix to let the compiler know it is a hex number, it will convert it to int type.

[thesinerd]

Uhhho this guy just released aim bot and god mode!

Noobs! put it in your note pad and just change the .txt to .dll and put it in yoru ava root folder and when your in a match press alt+f4.


Nice write up, it's pretty clean so far.

You planing on starting up tutor sessions?

[Jabberwock]

I don't see your point. As I said you must learn C++ first. If you don't like it, then why bother posting here?

[speedy006]

What is this?

[Jabberwock]

Did you bother to read?

[Lehsyrus]

@Jabberwo0ck EXCELLENT my man you explained everything just as well as a few of my books for my C++ class, absolutely excellent, you should write up a few beginner C++ tutorials for the section to be stickied

[Jabberwock]

Thank you. You are the first to post a reply with positive feedback on this thread.

[AznNicholas1314]

xD guess you got tired of all the dll converting requests hahaha nj.

[Swag]

Nice work bro!

[zZzeta/S]

Nice jabber

[krykiller]

Good Job!

[DarkSt0rmX]

When I save all I can't fins the dll. And if the pointer change each time you start the game and the match what I am gonna do?

[Jabberwock]

The location of the DLL is inside the project files. Also you need to change a few thing in the project setting.
First change from Debug to Release. After this go to project properties -> Configuration Properties -> Character Set - "Not Set".

Additionally, it is better to make a blank project and add the files yourself. That way junk code will not be added to your project.
If you ask how to do it:

Create blank C++ Project -> right click on Source Files -> Add - New Item > Then add a cpp extension file with the name main.
project properties -> Configuration Properties -> Configuration Type - .dll
right click on Source Files -> Add - New Item > Then add a DEF extension file with the name main.
He should have the content "LIBRARY" inside him.


With exe file you dont have to add DEF file.

About your second question, what you said happenes only to addresses or to bad pointers.
A good pointer will have few offsets(2 or 3, but 5 can also be) and only change after there is an update to the game.

To advanced users, there is a thing called "Signature Scanner"(Or "Memory Scanner") that after the game gets an update their hack will still work.

[DarkSt0rmX]

The location of the DLL is inside the project files. Also you need to change a few thing in the project setting.
First change from Debug to Release. After this go to project properties -> Configuration Properties -> Character Set - "Not Set".

Additionally, it is better to make a blank project and add the files yourself. That way junk code will not be added to your project.
If you ask how to do it:

Create blank C++ Project -> right click on Source Files -> Add - New Item > Then add a cpp extension file with the name main.
project properties -> Configuration Properties -> Configuration Type - .dll
right click on Source Files -> Add - New Item > Then add a DEF extension file with the name main.
He should have the content "LIBRARY" inside him.


With exe file you dont have to add DEF file.

About your second question, what you said happenes only to addresses or to bad pointers.
A good pointer will have few offsets(2 or 3, but 5 can also be) and only change after there is an update to the game.

To advanced users, there is a thing called "Signature Scanner"(Or "Memory Scanner") that after the game gets an update their hack will still work.

I want to make a dll for my own room hack idk if it changes each time i start the game. The one that was changin the pointer each time we start the game/match was the @meawww ghost hack.

[Jabberwock]

What do you mean you don't know? Didn't really understand.