How to make a Simple Hack

[saskuHOT]

Neeeah i rreallyy wana learn coding XD Thank you for showing this (:

[BobDaBuilderFoo]

Well This was really Helpful Seeing as I only learn from Sources with notes, So thank you.

I have a problem though. Maybe I forgot something thats probably it. Here is my current Code Could you tell me whats wrong with it because I make solution inject and try to load CA but it fails.

Plz Help And thanks

Code:

//includes all nessecary files to this source
#include <windows.h>
//End of includes
//This is what you call globals.
int HackOn = 0;
//Define HackOn as a number, and that numebr is zero.
int HackMax = 2;
//Define HackMax as a number, and that number is ten.
bool test = false;
//Define test as a true/false. "Boolean"
#define ADDR_SBULLLETS			0x37413976
#define ADDR_RAPIDFIRE          0x37419A0E
//The definition of ADDR_SBULLETS
//End of Globals
void WINAPIV PTC( const char* cmd )
{
	_asm
	{
	PUSH cmd ;This will push the command onto the stack, and thus becomes the parameter for the function called in the third instruction, due to its cdecl calling convention
	MOV EAX, 0x00485FA0 ; Stores the address of the RCC function into the 32-bit Extended Accumulator Register
	CALL EAX ; Calls the RCC function with the parameter of cmd (because it was PUSHed onto the stack above)
	ADD ESP, 0x4 ; Clears 4 bytes from the stack, (1 param at 4 bytes on stack) which was not cleared automatically due to the cdecl calling convention
	}
}
void Main (void)
{
	while(1)
		//Makes an infinite loop. One that doesn't end.
	{
		if(GetAsyncKeyState(VK_NUMPAD1)&1)
			//When Numpad1 Gets Pressed
		{
			HackOn ++;
			//Adds +1 to the variable, "HackOn"
			if(HackOn == HackMax) HackOn = 0;
			//When Hackon Reaches the number HackMax, it resets HackOn to 0
		}
		if(test)
			//if test is true
		{
			memcpy( (PBYTE)ADDR_RAPIDFIRE, (PBYTE)"\x33\xC0\x90", 3 );
		}else{
			//if test is not true
			memcpy(  (PBYTE)ADDR_RAPIDFIRE, (PBYTE)"\x80\xBE\xE0\x00\x00\x00", 6 );
			test = (!test);
			//if test = false, turn to true and vice versa
		}
		if(GetAsyncKeyState(VK_NUMPAD2)&1)
			//When Numpad2 Gets Pressed.
		{
			HackOn ++;
			//Adds +1 to the variable, "HackOn"
			if(HackOn == HackMax) HackOn = 0;
			//When Hackon Reaches the number HackMax, it resets HackOn to 0
		}
		if(test)
			//if test is true
		{
			memcpy( (PBYTE)ADDR_SBULLLETS, (PBYTE)"\x33\xC0\x90", 3 );
			//look in globals for the definition of ADDR_SBULLETS
			//Basically, it edits the bytes of the memory to "\x33\xC0\x90".
			//The number at the end, tells you how many bytes you are editing.
			//The first part, ADDR_SBULLETS Shows the code which part of the memory we are editing.
		}else{
			//if test is not true
			memcpy(  (PBYTE)ADDR_SBULLLETS, (PBYTE)"\x0F\x94\xC0", 3 );
			//look in globals for the definition of ADDR_SBULLETS
			//Basically, it edits the bytes of the memory to "\x0F\x94\xC0".
			//The number at the end, tells you how many bytes you are editing.
			//The first part, ADDR_SBULLETS Shows the code which part of the memory we are editing.
		}
		if(GetAsyncKeyState(VK_NUMPAD3)&1)
		{
				HackOn ++;
				if(HackOn == HackMax) HackOn = 0;
		}
		if(test)
		{
			PTC( "SkelModelStencil 1" );
		}else{
			PTC("SkelModelStencil 0" );
		}
		if(GetAsyncKeyState(VK_NUMPAD4)&1)
		{
				HackOn ++;
				if(HackOn == HackMax) HackOn = 0;
		}
		if(test)
		{
			PTC( "FogEnable 0" );
		}else{
			PTC("FogEnable 1" );
		}
		if(GetAsyncKeyState(VK_NUMPAD5)&1)
		{
				HackOn ++;
				if(HackOn == HackMax) HackOn = 0;
		}
		if(test)
		{
			PTC( "ModelDebug_DrawSkeleton 1" );
		}else{
			PTC("ModelDebug_DrawSkeleton 0" );
		}
		if(GetAsyncKeyState(VK_NUMPAD6)&1)
		{
				HackOn ++;
				if(HackOn == HackMax) HackOn = 0;
		}
		if(test)
		{
			PTC( "PlayerGravity -800" );
		}else{
			PTC("PlayerGravity 0" ); //Need to find default 
		}
		if(GetAsyncKeyState(VK_NUMPAD7)&1)
		{
				HackOn ++;
				if(HackOn == HackMax) HackOn = 0;
		}
		if(test)
		{
			PTC( "WeaponSway 0.000000" );
		}else{
			PTC("WeaponSway 50.000000" ); //Need to find default 
		}
		if(GetAsyncKeyState(VK_NUMPAD8)&1)
		{
				HackOn ++;
				if(HackOn == HackMax) HackOn = 0;
		}
		if(test)
		{
			PTC( "ShowFps 1" );
		}else{
			PTC("ShowFps 0" );
		}
	}
}
DWORD WINAPI Lesson (LPVOID)
// This is just a dummy function that will be the code activate the main thread
{	
	Main();
	//Call the thread called Main
	return 1;
	//Finish of the thread.
}

BOOL WINAPI DllMain ( HMODULE hDll, DWORD dwReason, LPVOID lpReserved )
// DllMain is an optional function for you to declare.
// It serves as the entry point for any DLL
{
	DisableThreadLibraryCalls(hDll);
	// Make a call to DisableThreadLibraryCalls with the hModule variable
	// as its argument; Doing this is an optimization trick to prevent
	// needless thread attach/detach messages from triggering further calls
	// to our DllMain function.
	if ( dwReason == DLL_PROCESS_ATTACH )
	{
		//When this dll is injected into the process. this is what the dll is supposed to do.
		// Null, in C Plus Plus, nothing. It is defined as 0
		CreateThread(NULL, NULL, Lesson, NULL, NULL, NULL);
		//It creates the thread called "Lesson" which is defined a few lines up. DWORD WINAPI Lesson (LPVOID)
	}
return TRUE;
// Although the return value doesn't actually matter. You return the value TRUE or FALSE indicatinng success or failure.

}

[megatoasterman]

Still confused on what to put. I'm such a nub :O

[MillitaryDragon]

This might be an obvious answer I do not know however, I am still learning!
How do people find addresses?

[EasyHackerV1.2]

ok after buil soulution what else do u do?

[Trollaux]

EDIT: I put it in the header section in a header file I am such a dumbie. Now I put it in a (*.cpp) file and in the source section and it worked. Thanks for the epic tut!

[OBrozz]

This will not work. It's leeched proof you need to add soemthing. I will post a working Flameswor10 not noob proof later!

[NSixx]

Well This was really Helpful Seeing as I only learn from Sources with notes, So thank you.

I have a problem though. Maybe I forgot something thats probably it. Here is my current Code Could you tell me whats wrong with it because I make solution inject and try to load CA but it fails.

Plz Help And thanks

Code:

//includes all nessecary files to this source
#include <windows.h>
//End of includes
//This is what you call globals.
int HackOn = 0;
//Define HackOn as a number, and that numebr is zero.
int HackMax = 2;
//Define HackMax as a number, and that number is ten.
bool test = false;
//Define test as a true/false. "Boolean"
#define ADDR_SBULLLETS			0x37413976
#define ADDR_RAPIDFIRE          0x37419A0E
//The definition of ADDR_SBULLETS
//End of Globals
void WINAPIV PTC( const char* cmd )
{
	_asm
	{
	PUSH cmd ;This will push the command onto the stack, and thus becomes the parameter for the function called in the third instruction, due to its cdecl calling convention
	MOV EAX, 0x00485FA0 ; Stores the address of the RCC function into the 32-bit Extended Accumulator Register
	CALL EAX ; Calls the RCC function with the parameter of cmd (because it was PUSHed onto the stack above)
	ADD ESP, 0x4 ; Clears 4 bytes from the stack, (1 param at 4 bytes on stack) which was not cleared automatically due to the cdecl calling convention
	}
}
void Main (void)
{
	while(1)
		//Makes an infinite loop. One that doesn't end.
	{
		if(GetAsyncKeyState(VK_NUMPAD1)&1)
			//When Numpad1 Gets Pressed
		{
			HackOn ++;
			//Adds +1 to the variable, "HackOn"
			if(HackOn == HackMax) HackOn = 0;
			//When Hackon Reaches the number HackMax, it resets HackOn to 0
		}
		if(test)
			//if test is true
		{
			memcpy( (PBYTE)ADDR_RAPIDFIRE, (PBYTE)"\x33\xC0\x90", 3 );
		}else{
			//if test is not true
			memcpy(  (PBYTE)ADDR_RAPIDFIRE, (PBYTE)"\x80\xBE\xE0\x00\x00\x00", 6 );
			test = (!test);
			//if test = false, turn to true and vice versa
		}
		if(GetAsyncKeyState(VK_NUMPAD2)&1)
			//When Numpad2 Gets Pressed.
		{
			HackOn ++;
			//Adds +1 to the variable, "HackOn"
			if(HackOn == HackMax) HackOn = 0;
			//When Hackon Reaches the number HackMax, it resets HackOn to 0
		}
		if(test)
			//if test is true
		{
			memcpy( (PBYTE)ADDR_SBULLLETS, (PBYTE)"\x33\xC0\x90", 3 );
			//look in globals for the definition of ADDR_SBULLETS
			//Basically, it edits the bytes of the memory to "\x33\xC0\x90".
			//The number at the end, tells you how many bytes you are editing.
			//The first part, ADDR_SBULLETS Shows the code which part of the memory we are editing.
		}else{
			//if test is not true
			memcpy(  (PBYTE)ADDR_SBULLLETS, (PBYTE)"\x0F\x94\xC0", 3 );
			//look in globals for the definition of ADDR_SBULLETS
			//Basically, it edits the bytes of the memory to "\x0F\x94\xC0".
			//The number at the end, tells you how many bytes you are editing.
			//The first part, ADDR_SBULLETS Shows the code which part of the memory we are editing.
		}
		if(GetAsyncKeyState(VK_NUMPAD3)&1)
		{
				HackOn ++;
				if(HackOn == HackMax) HackOn = 0;
		}
		if(test)
		{
			PTC( "SkelModelStencil 1" );
		}else{
			PTC("SkelModelStencil 0" );
		}
		if(GetAsyncKeyState(VK_NUMPAD4)&1)
		{
				HackOn ++;
				if(HackOn == HackMax) HackOn = 0;
		}
		if(test)
		{
			PTC( "FogEnable 0" );
		}else{
			PTC("FogEnable 1" );
		}
		if(GetAsyncKeyState(VK_NUMPAD5)&1)
		{
				HackOn ++;
				if(HackOn == HackMax) HackOn = 0;
		}
		if(test)
		{
			PTC( "ModelDebug_DrawSkeleton 1" );
		}else{
			PTC("ModelDebug_DrawSkeleton 0" );
		}
		if(GetAsyncKeyState(VK_NUMPAD6)&1)
		{
				HackOn ++;
				if(HackOn == HackMax) HackOn = 0;
		}
		if(test)
		{
			PTC( "PlayerGravity -800" );
		}else{
			PTC("PlayerGravity 0" ); //Need to find default 
		}
		if(GetAsyncKeyState(VK_NUMPAD7)&1)
		{
				HackOn ++;
				if(HackOn == HackMax) HackOn = 0;
		}
		if(test)
		{
			PTC( "WeaponSway 0.000000" );
		}else{
			PTC("WeaponSway 50.000000" ); //Need to find default 
		}
		if(GetAsyncKeyState(VK_NUMPAD8)&1)
		{
				HackOn ++;
				if(HackOn == HackMax) HackOn = 0;
		}
		if(test)
		{
			PTC( "ShowFps 1" );
		}else{
			PTC("ShowFps 0" );
		}
	}
}
DWORD WINAPI Lesson (LPVOID)
// This is just a dummy function that will be the code activate the main thread
{	
	Main();
	//Call the thread called Main
	return 1;
	//Finish of the thread.
}

BOOL WINAPI DllMain ( HMODULE hDll, DWORD dwReason, LPVOID lpReserved )
// DllMain is an optional function for you to declare.
// It serves as the entry point for any DLL
{
	DisableThreadLibraryCalls(hDll);
	// Make a call to DisableThreadLibraryCalls with the hModule variable
	// as its argument; Doing this is an optimization trick to prevent
	// needless thread attach/detach messages from triggering further calls
	// to our DllMain function.
	if ( dwReason == DLL_PROCESS_ATTACH )
	{
		//When this dll is injected into the process. this is what the dll is supposed to do.
		// Null, in C Plus Plus, nothing. It is defined as 0
		CreateThread(NULL, NULL, Lesson, NULL, NULL, NULL);
		//It creates the thread called "Lesson" which is defined a few lines up. DWORD WINAPI Lesson (LPVOID)
	}
return TRUE;
// Although the return value doesn't actually matter. You return the value TRUE or FALSE indicatinng success or failure.

}

code is wrong, you cant get any ptc in there

[UnderAmour]

Its leeched >.>

[[SMA] Paradise`]

Its leeched >.>

You make me laugh..

[UnderAmour]

Why thank you...

[flameswor10]

Its leeched >.>

You're an idiot .
I coded, commented and explained all this.

Check all timestamps on EVERY forum.
I posted it first

[UnderAmour]

I know you made it first, he leeched it off of you.. or someone did onto another site..

[flameswor10]

I know you made it first, he leeched it off of you.. or someone did onto another site..

Well the words 'It's Leeched' gives it a whole different meaning

[Saltine]

I know you made it first, he leeched it off of you.. or someone did onto another site..

In the original post, you were CLEARLY accusing him of leeching it LOL