Byte search C++
Byte search C++
Hey guys! I have made some memory edits for C++, but I have a problem:
1: The pointer for this game is NOT static, so it keeps changing on game restart.
2: How do I change opcodes and preform functions such as mov eax, [1000]
3: So, this is basically like question number one, I read somewhere that you can make C++ scan for bytes in a process (I know how to open a process). So basically, my bytes are:
29 83 14 03 00 00
and the opcode is
sub [ebx+00000314],eax
My question is, how do I find this and get the memory address, so that I can edit its value or change the opcode?
What function do I use? for sure it can't be ReadProcessMemory, what would it be?
Tyvm for your time, hopefully somebody can help me ou on this
I want to do this in a C++ trainer, so which function should I use to find the pointer?
1: The pointer for this game is NOT static, so it keeps changing on game restart.
2: How do I change opcodes and preform functions such as mov eax, [1000]
3: So, this is basically like question number one, I read somewhere that you can make C++ scan for bytes in a process (I know how to open a process). So basically, my bytes are:
29 83 14 03 00 00
and the opcode is
sub [ebx+00000314],eax
My question is, how do I find this and get the memory address, so that I can edit its value or change the opcode?
What function do I use? for sure it can't be ReadProcessMemory, what would it be?
Tyvm for your time, hopefully somebody can help me ou on this
I want to do this in a C++ trainer, so which function should I use to find the pointer?
Hi,
you have tu unpack warrock.exe debug it with ollydb and search for the addres.. and you will see the off bytes.
For the on byte try to NOP it, if it doesent work you have to search the correct bytes.
you have tu unpack warrock.exe debug it with ollydb and search for the addres.. and you will see the off bytes.
For the on byte try to NOP it, if it doesent work you have to search the correct bytes.
Wow complicated shit
Wow, post count +1.
I think they are talking about two different things. The first involves scanning for bytes using C++.... making a program to do so, sort of like they do in address loggers. What Zodiak is talking about is using a plugin for Olly to unpack warrock and just reverse it manually.
I saw a function a while back in some old source for an address logger. Maybe I can find it for you.
I saw a function a while back in some old source for an address logger. Maybe I can find it for you.
It's fairly simple, before I explain, let me state that I totally disagree with what Z0d14k has said. If you're going to make a hack, reverse engineer it yourself, and patch it yourself, don't hijack shellcode from other people(whether it only be 1 byte long or not).
A signature scan is pretty simple, all you're going to need is memcmp and an array of bytes holding your signature.(assuming you're injecting executable code into the target, otherwise you'll need to use readprocessmemory api to dump a region of the target into a buffer and scan that.) Simply start at any address(where in virtual memory the game was loaded is a good place) and use memcmp, increasing the index from the base address by one byte every time a match isn't made with the byte array you're looking for(also known as a signature), when a match is made, return the address you last checked. I wrote a signature scanning class a while ago, I'll see if I can dig it up. They wouldn't take long to write though.
A signature scan is pretty simple, all you're going to need is memcmp and an array of bytes holding your signature.(assuming you're injecting executable code into the target, otherwise you'll need to use readprocessmemory api to dump a region of the target into a buffer and scan that.) Simply start at any address(where in virtual memory the game was loaded is a good place) and use memcmp, increasing the index from the base address by one byte every time a match isn't made with the byte array you're looking for(also known as a signature), when a match is made, return the address you last checked. I wrote a signature scanning class a while ago, I'll see if I can dig it up. They wouldn't take long to write though.
sorry double post plz delete, and ty Jetamay. Dont need your source, figured it out with your idea. Tyvm.
Resolved. No, this wasn't asking how to search for memory addresses, I am not retarted. It had to do with DLL injection.
Thanks for the idea dude. It worked. Will give you credit when I use this.
Resolved. No, this wasn't asking how to search for memory addresses, I am not retarted. It had to do with DLL injection.
Thanks for the idea dude. It worked. Will give you credit when I use this.
Do u mean this ??
Code:
BYTE Array1[] = { 0xc7, 0x86, 0x00, 0x01 }
DWORD Address = 0x123456;
WriteProcessMemory(phandle, (LPVOID) Address1,(LPVOID) &Array1, sizeof(Array1), 0);
Originally Posted by Matrix_NEO006
Do u mean this ??
Code:
BYTE Array1[] = { 0xc7, 0x86, 0x00, 0x01 }
DWORD Address = 0x123456;
WriteProcessMemory(phandle, (LPVOID) Address1,(LPVOID) &Array1, sizeof(Array1), 0);
Originally Posted by scriptkiddy
nope, injected memory scan, but I already figured out how to make it using his idea.
Similar Threads
- 3Last post
- 8Last post
- 0Last post
- 0Last post
- 0Last post