#1
|
|||
|
|||
A simple "poke" in c++ for you trainer.
Ok many ask how to create a trainer. I wont explain here how to search and all. I will just give my main poke function that i find on internet and make simplier. It does write in a certain place in memory in a certain process (a game for example).
It work well with the free Borland Builder but should work with mingw or cygwin also. just copy the code snipet bellow and put it in you program. Should work without any problems in console or in Windows mode. parameter explanation: Wname: name of the process, just look in task manager if you are not sure. addr: adress to be writen in newbyte: byte to be writen in a string. let say you want to write 0x90, 0x90 so you write it this way "\x90\x90" nbyte: number of byte to be writen. Make sure it match with the number of byte you insert in newbyte. here an example: poke_window("Robin Hood: Defender Of The Crown", 0x00425B8A, "\x90\x90",2 ) One last thing. Make sure that there is a delay between writes (or write just once in code segment). or it will slow down you game. Code:
//include those in order to make it work #include <iostream.h> #include <windows.h> int poke_window(char wname[50], DWORD addr, BYTE newbyte[12],int nbyte) { HWND Wnd=0; LPDWORD PID; DWORD Proc=0; HANDLE Hproc; DWORD MWritte; Wnd = FindWindow(NULL, wname); // see if it exist if ( Wnd ) { Proc = GetWindowThreadProcessId(Wnd,(LPDWORD) &PID); //get a PROCESS number if (Proc) { Hproc= OpenProcess(PROCESS_ALL_ACCESS,NULL,(DWORD)PID); if(Hproc) WriteProcessMemory (Hproc, (LPVOID)addr, newbyte, nbyte,&MWritte); } } return(0); } Last edited by pikachu5501; 19-03-2007 at 10:35. |
Sponsored Links |
#2
|
||||
|
||||
god, thats awful code..
NOT closing the process handles, crap buffer sizes, 12 bytes max in 1 write... not exiting with a return value (for processing to see if the stuff actually wrote)...crap crap crap considerably better code can be found on the net, in c or asm or delphi or even visual basic... please, if you're going to put source code for people to use, at least do some work on it, and document the code properly Code:
//========================= #include <iostream.h> #include <windows.h> //========================= static volatile HANDLE ProcessHandle = (HANDLE) INVALID_HANDLE_VALUE; static volatile BOOL EngineInUse = FALSE; //========================= BOOL engine_close_process() { if (EngineInUse) { // are we in use? if (CloseHandle(ProcessHandle)) { // yup, so close the process handle EngineInUse = FALSE; return TRUE; } } return FALSE; } //========================= BOOL engine_open_process(char * processwindowtitle) { HWND TargetWindowHandle = (HWND) -1; DWORD ProcessId = -1; HANDLE WindowProcessId = (HANDLE) INVALID_HANDLE_VALUE; if (EngineInUse) { // we are already in use... return FALSE; } TargetWindowHandle = FindWindow(NULL, processwindowtitle); // see if it exist if (TargetWindowHandle) { // got the window handle... Process_Id = GetWindowThreadProcessId(TargetWindowHandle, &ProcessId); //get a PROCESS number if (Process_Id) { // we have a valid process id, now to open it... ProcessHandle = OpenProcess(PROCESS_ALL_ACCESS,NULL, ProcessId); if (ProcessHandle) { // process succesfully opened EngineInUse = TRUE; return TRUE; } } return FALSE; } //========================= BOOL engine_write_process(LPVOID lpBaseAddress, LPVOID lpBuffer, DWORD nSize) { BOOL SuccessCode = FALSE; if (EngineInUse) { // are we in use if (ProcessHandle) { // do we have a process handle DWORD BytesWritten = 0; BOOL ProcessSuspended = FALSE; if (SuspendThread(ProcessHandle) != (DWORD) -1) { // suspend the thread - its safer ProcessSuspended = TRUE; } if ((WriteProcessMemory(ProcessHandle, lpBaseAddress, lpBuffer, nSize, &BytesWritten) && BytesWritten == nSize) { // write was successful // flush the instruction cache (for safety) FlushInstructionCache(ProcessHandle, lpBaseAddress, nSize); SuccessCode = TRUE; } // resume the process if we suspended it if (ProcessSuspended) { ResumeThread(ProcessHandle); } } } return SuccessCode; } //========================= BOOL engine_read_process(LPVOID lpBaseAddress, LPVOID lpBuffer, DWORD nSize) { BOOL SuccessCode = FALSE; if (EngineInUse) { if (ProcessHandle) { DWORD BytesRead = 0; BOOL ProcessSuspended = FALSE; if (SuspendThread(ProcessHandle) != (DWORD) -1) { ProcessSuspended = TRUE; } if ((ReadProcessMemory(ProcessHandle, lpBaseAddress, lpBuffer, nSize, &BytesWritten) && BytesRead == nSize) { SuccessCode = TRUE; } if (ProcessSuspended) { ResumeThread(ProcessHandle); } } } return SuccessCode; } //========================= BOOL engine_kill_process_and_close() { if (EngineInUse) { if (TerminateProcess(ProcessHandle, (UINT) 0x0D1ED1E)) { CloseHandle(ProcessHandle); EngineInUse = FALSE; return TRUE; } } return FALSE; } //=========================
__________________
bleh DO NOT PM me with questions, leave that in the forums...ESPECIALLY if i dont know you... Last edited by TippeX; 19-03-2007 at 14:51. |
#3
|
|||
|
|||
I agree it was somewhat messy.
And when your NOPing something, it isnt necessary for it to continually write to there. Its already done. |
#4
|
|||
|
|||
Well, i followed a tutorial (in french) that say to look for the process, get a PID and write in it.. din't mention about suspending, flushing cash and closing the process. I might go to that forum and point that to them too. It was working for me so i wanted to share my success with peoples who are learning like me but with WINDOWS, we never know what safe or not to do. I dont want people to get they computer formated or they mouse running around the house for no reason . But i have no excuse for not documenting my code a better way. I am new to forums too
Thanks you TippeX for pointing my mistakes and take the time to show a better way to do it. Sometime we do things that we think it is the right way until someone better show you mistakes. I just printed that code that you wrote and for sure i will learn from it. I promise that if i publish working trainers, i will give credit to you. I hope i am not to much a noob. I have to let go my bad habits from DOS programming if i want to be successfull in WINAPI programming. Now that i am comfortable with message flow, gdi and basic windows craps, i have to move to a new level. Actually, i use "programming for Windows 95" from charles Peztols. Well, thanx again all. Peace Last edited by pikachu5501; 19-03-2007 at 19:45. |
#5
|
||||
|
||||
np, glad i didnt cause offence, the idea was to show how to do things properly and handle all potential problems, theres lots more you could do with the code, but... thats for you to play with
the main 'issue' with the code u pasted was the openprocess stuff, where the handle wasn't closed, this causes resource leakage and is terribly bad programming practice oh and no need for the credit either...
__________________
bleh DO NOT PM me with questions, leave that in the forums...ESPECIALLY if i dont know you... Last edited by TippeX; 20-03-2007 at 00:53. |
#6
|
|||
|
|||
we can't be careless programming for Windows. My first OpenGl program was Undefined then i said wtf it mean (not literaly like that). bah.. just "undefined"... well, it could even format my drive. thank the person how point that to me. I redid all my code without forgetting anything
Sometime, advice like yours is priceless. Thanks again for you feed back. |
#7
|
||||
|
||||
chances of formatting your drive are very very low
you aren't dealing in interrupts like in the old dos days and you also have security and priviledges to deal with formatting a drive is doable of course, but the chances of randomly 'activating' a format by a code bug are incredibly slim
__________________
bleh DO NOT PM me with questions, leave that in the forums...ESPECIALLY if i dont know you... |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Rainbow Six Vegas v1.04 Trainer Doesn't work | mfw41 | Game Trainers | 7 | 30-03-2007 23:13 |
The best (and fun) NFS:Carbon trainer available | intoksicated | General Gaming | 3 | 22-12-2006 05:55 |
Simple questions please answer | jimmyps2dimwit | PS2 Games | 3 | 01-09-2002 12:05 |