Previous programming experience includes development in several areas: numerical methods (C++), physical chemistry (c#), quantitative finance (c#, c++)-developed a MySQL backend to store asset data & then use it to price derivatives, and arduino. I have performed dll injections, elementary function hooks,on my own programs. I also have made several dll templates for function hooks, remote threads, and byte patches. I feel that I have the programming knowledge to get a working hack up and actually understanding every part of it once I get past the memory section. I'll probably have to write some more elementary programs that mimic game mechanics, and work my way up from there. I'm not even sure if I want to use cheat engine-I might be better off writing my own memory scanner so that when the time comes I'm not crippled because I can't use CE. I'll probably attempt the classic Assault Cube once I feel comfortable with memory management. Once I get my AC hack working, I'll probably briefly tinker with D3D for elementary in game screens.The next move would be to try out a real game that people actually play. The methods should basically be the same and the need to learn about ant-cheat may come up.
I'd like to learn more about code caves, specifically writing a full function to the address space. I know it gets hairy when trying to find the size of a function, and the solution of comparing it to a second function (usually right after it in the memory) does not always work and can be compiler dependent. The ultimate goal would be to extend this, and call it from a hooked function.
Currently, the biggest bridge to cross is getting the technique for obtaining remote process address down for hooking. For my own programs they arent hard to find and I've been using detours, but the results of function mangling really makes it hard for me. Ideally, I want to move away from using detours and go through the whole process of preserving the stack, taking care of overwritten statements, etc.
One thing that I saw which was prevalent at almost all game hacking forums was the regurgitation of other people's code. Many of this appears to be out of context, improperly formatted, sometimes missing portions such as data structures and functions, and poorly commented. I think all of this comes from loss in communication (like the telephone game) and is rare in scientific communities due to the negative consequences of plagiarism. I think a great way to improve the quality of code rather .
Another observation that left me disgruntled were the tutorials. Tutorials can be split into two forms:
Many of the text tutorials are hardly tutorials. Prime examples are (I'll name the topics I can't post links yet)
"Stick: How to start into Game Hacking" in the programming section. I could write a thousand page paper on why this isn't a tutorial or any means to get started on game hacking. Referencing the home page of the MSDN library is meaningless to someone looking for an introduction.
"Sticky: Want to learn C++ from a book?" Dave this is probably not the best way to start off by picking on you but. You literally provided a link for an amazon search of "C book". The amazon results (for me) arent relevant. I'm getting like 3 books on C, an then 15 romance/inspiration books. I won't say any more about this.
Also, many of the stickied threads should really be merrged into a single thread with the information joined. Many of them contain overlapping information but its fragmented across threads. Cleaning them up should provide a better learning resource. This brings me to my next point. Al ot of the information is fragmented! This probably has to due with how broad of a field this is but it would be awesome to see some sort of centralized system.
Although video is a great medium to learn from, its only slightly harder for someone to read an copy rather than copy paste. I bet more than 75% of these videos could be considered walkthroughs that promote laziness. Videos titled introduction to game hacking and start out with a dll injection are crazy - properly explaining the windows API used should take at least thirty minutes. I guess what I'm trying to say is they aren't really explaining, they are just showing.
I guess that sums it up for my complaining, they were just some observations and thoughts that I had. Also sorry for this horrible formatting, what kind of format am I supposed to use? memo? Schaffer? Single or double space between paragraphs? Can I double space? Latex?
I guess this introduction has helped me lay out a framework for myself on what I need to do. If you have any suggestions besides the generic "learn assembly, ", please, let me hear them. Also what are some pretty overall good forum sections? I'm sure you'll be seeing me around the programming forums. Oh yeah - I'm looking for a sig. Eddington for the second Eddington number.