[Help] Fix not working
[Help] Fix not working
Okay well, you closed my last thread that said solved. You gave me the fix for my address's changing on me, because it was relative to engine.dll. Well I am using the GetModuleHandle("engine.dll")+<address> to get the addies now, but if I change them the game just crashes... Here's some of my code:
That's only a portion of the code, I'm not getting any compile errors so don't worry about syntax errors or things like that.
When I push insert it says "Hack turned on" then a second after I push okay, the game just closes.
~lilneo
Code:
DWORD* Cheats = (DWORD*)(GetModuleHandle("engine.dll")+0x544810);
bool Hack;
//other stuff
void HackFunction()
{
while(1)
{
if(GetAsyncKeyState(VK_INSERT)&1)
{
Hack=!Hack;
if(Hack)
{
MessageBoxA(NULL, "Hack turned on.", "Manipulator", NULL);
*Cheats = 1;
}
if(!Hack)
{
MessageBoxA(NULL, "Hack turned off.", "Manipulator", NULL);
*Cheats = 0;
}
}
// more stuff
BOOL APIENTRY DllMain( HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved){
if( ul_reason_for_call == DLL_PROCESS_ATTACH)
{
CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)&HackFunction, NULL, 0, NULL );
if(GetLastError()==0)
{
MessageBoxA(NULL, "DLL injected and thread created successfully.", "Manipulator", NULL);
}
}
return TRUE;
}
When I push insert it says "Hack turned on" then a second after I push okay, the game just closes.
~lilneo
Check the return on GetModuleHandle. You need to give your target some time to load dynamically linked libraries. If it fails to get the base of the module, you need to go again until it is finally loaded.
GetModuleHandle will return null if it has encountered an error.
GetModuleHandle will return null if it has encountered an error.
If you got the offset using ollydbg, I think olly shows the base of the DLL with the added RVA. Not the actual base.
Someone correct me, I'm not good with the PE crap..
Someone correct me, I'm not good with the PE crap..
Originally Posted by Void
If you got the offset using ollydbg, I think olly shows the base of the DLL with the added RVA. Not the actual base.
Someone correct me, I'm not good with the PE crap..
Someone correct me, I'm not good with the PE crap..
When a game crashes un expectedly its usually due to one of two reasons:
1. Memory Access:
- u tried to write over mem that was read only
- accessing memory out of bonds
2. Hack prevention program
I think this is ur problem here:
*Cheats = 1;
I think when u try to change the value of the addy the memory at that location may be read only. So u might need to us VirtualProtect API to change the access privileges to this memory location.
1. Memory Access:
- u tried to write over mem that was read only
- accessing memory out of bonds
2. Hack prevention program
I think this is ur problem here:
*Cheats = 1;
I think when u try to change the value of the addy the memory at that location may be read only. So u might need to us VirtualProtect API to change the access privileges to this memory location.
He got it with cheat engine, I assume his problem is that engine.dll isn't loaded when he injects.
How does sv_cheats exist if engine.dll isn't loaded...
And Why06, I am injected... I have access to it all, and I can change it if I use the address straight up. Except it changes.
Okay so, I have ensured that GetModuleHandle("engine.dll") is not NULL for when I set the pointers. Now, even when I read from them. I use MessageBox to display *Cheats and it just crashes the game.
~lilneo
And Why06, I am injected... I have access to it all, and I can change it if I use the address straight up. Except it changes.
Okay so, I have ensured that GetModuleHandle("engine.dll") is not NULL for when I set the pointers. Now, even when I read from them. I use MessageBox to display *Cheats and it just crashes the game.
~lilneo
Originally Posted by lilneo
How does sv_cheats exist if engine.dll isn't loaded...
And Why06, I am injected... I have access to it all, and I can change it if I use the address straight up. Except it changes.
~lilneo
~lilneo
Ps: I'm typing this on my Droid phone sry if I can't be more detailed. Speaking og details... what game is this?
Log the address you obtained in a text file or something. Before activating the hack, attach your debugger to the game and get the address manually, compare the one you got and the one you logged.
-Make sure the module is found before you add the offset to the base.
-Make sure the page you're writing to has the proper access rights for writing. If you try writing to it and the pages rights only allow execution or reading, it could cause problems.
-Make sure the module is found before you add the offset to the base.
-Make sure the page you're writing to has the proper access rights for writing. If you try writing to it and the pages rights only allow execution or reading, it could cause problems.
Alright, Well I did some research and I think I have to use GetModuleInformation to get the entry point address of the dll. From that I can add the address. But it's still not working, I am so sick of this here is my entire code:
(edit3) Alright, I've finally fixed it enough so that the game no longer crashes, unfortunately it's not changing Cheats or anything...
~lilneo
Code:
#include <windows.h>
#include <Psapi.h>
#include <string.h>
#include <stdio.h>
DWORD Cheats = NULL;
DWORD Consistency = NULL;
DWORD Timescale = NULL;
DWORD Wallhack = NULL;
bool Hack = false;
void HackFunction()
{
while(1)
{
POINT pos;
GetCursorPos(&pos);
double mouse_x = pos.x;
double mouse_y = pos.y;
if(GetAsyncKeyState(VK_INSERT)&1)
{
Hack=!Hack;
if(Hack)
{
MessageBoxA(NULL,"Hack turned on.", "Manipulator", NULL);
Cheats = 1;
Consistency = 0;
Timescale = 4;
Wallhack = 2;
}
if(!Hack)
{
MessageBoxA(NULL, "Hack turned off.", "Manipulator", NULL);
Cheats = 0;
Consistency = 1;
Timescale = 1;
Wallhack = 1;
}
}
if(GetAsyncKeyState(VK_LBUTTON) && Hack)
{
SetCursorPos((int)mouse_x,(int)mouse_y+3);
Sleep(23);
}
if(GetAsyncKeyState(VK_HOME))
{
break;
}
Sleep(10);
}
}
BOOL APIENTRY DllMain( HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved){
if( ul_reason_for_call == DLL_PROCESS_ATTACH)
{
while(GetModuleHandle("engine.dll")==NULL)
{
Sleep(1);
}
if(GetModuleHandle("engine.dll")!=NULL)
{
HMODULE ModHandle=NULL;
MODULEINFO info = {0};
while(ModHandle==NULL)
{
ModHandle = GetModuleHandle("engine.dll");
}
GetModuleInformation(GetCurrentProcess(),ModHandle,&info,sizeof(info));
DWORD Cheats = (DWORD)((DWORD)(info.EntryPoint)+0x544810);
DWORD Consistency = (DWORD)((DWORD)(info.EntryPoint)+0x544A50);
DWORD Timescale = (DWORD)((DWORD)(info.EntryPoint)+0x393D94);
DWORD Wallhack = (DWORD)((DWORD)(info.EntryPoint)+0x4C89A8);
CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)&HackFunction, NULL, 0, NULL );
if(GetLastError()==0)
{
MessageBoxA(NULL, "DLL injected and thread created successfully.", "Manipulator", MB_OK);
}
else
if(GetLastError!=0)
{
char lasterr[128];
sprintf(lasterr, "%x", GetLastError());
MessageBox(0, lasterr, "ERROR", 0);
}
}
}
return TRUE;
}
~lilneo
The RVA is relative to the base address of a module(where the module was loaded), not it's entry-point.
Originally Posted by Jetamay
The RVA is relative to the base address of a module(where the module was loaded), not it's entry-point.
lilneo how about you learn how to code first?
I facepalmed at that >.> of course it's not changing sv_cheats...
Code:
Cheats = 1; Consistency = 0; Timescale = 4; Wallhack = 2;
Originally Posted by Hell_Demon
lilneo how about you learn how to code first?
I facepalmed at that >.> of course it's not changing sv_cheats...
Code:
Cheats = 1; Consistency = 0; Timescale = 4; Wallhack = 2;
Originally Posted by schim
Note H_D, there are actually hacks that do change sv_cheats localy, wich allows you to use non-serverside commands, for some reason VAC allows the server and the client to have different values for sv_cheats
He sets the value of a local variable to the addy of sv_cheats, then replaces that value with 1 and 0 in his keycheck >.>
Similar Threads
- 2Last post
- 4Last post
- 24Last post
- 10Last post
- 2Last post