MHS 6.1 Up

Discussions Related to Game Hacking and Memory Hacking Software

Moderators: g3nuin3, SpeedWing, WhiteHat, mezzo

MHS 6.1 Up

Postby L. Spiro » Sun Oct 21, 2007 6:12 pm

Available on the download page.


This version offers some advanced new features that most likely do not exist anywhere else.

DLL Injectors are common and it’s about time I added one to MHS.
But along with the DLL Injector comes a feature to call any function in the target process.

Once you inject your DLL, the same dialog allows you to call any function in your injected DLL(s) remotely.

In the Disassembler Helper window, in the Imports and Exports tabs, you can right-click any function and call it remotely.

And in the Disassembler itself, you can right-click any line of code and call it remotely.



This is not a half-assed implementation, either.
You can pass any number of parameters, and parameters can be any valid expressions in the Expression Evaluator. Casting is allowed as well.
You can select between __cdecl and __stdcall, but my implementation secures the function call in such a way that neither the target process nor MHS will crash if you call with the wrong convention, wrong parameters, or even if you simply call an address that isn’t a function, or is in the middle of a function.
There are exceptions to this, however, though considerably rare.



Other areas of the software have been improved or fixed as well, and reading RAM is now done through a custom function which is twice as fast and twice as hard to detect.


L. Spiro
Last edited by L. Spiro on Fri Sep 18, 2009 12:59 pm, edited 12 times in total.
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

MHS 4.0.0.6 Up

Postby L. Spiro » Sat Nov 17, 2007 11:55 pm

MHS 4.0.0.6 is now available from the download page.

1: MHS can now write to the memory of more processes, especially ones protected by anti-cheats.
2: Stored addresses can now be viewed in hex rather than decimal.
3: Fixed the Found Address List display after Hotkey searches are performed.
4: Fixed the Same as Original sub search when performed with a quick Hotkey.
5: Added the ability to pause and resume the target process with Hotkeys.
6: The Hex Editor no longer has a problem displaying addresses that wrap around from 0xFFFFFFFF to 0x00000000.
7: Fixed the Memory Allocator menu item.
8: The Memory Allocator Close button now works.
9: Added Remove Breakpoint to the pop-up menu in the Disassembler.
10: Added Go To…/In Current Tab and Go To…/In New Tab to the pop-up menu in the breakpoint list.
11: Added a Properties display that shows the properties of the current process.
12: There is no longer a problem displaying stored values set to Unicode when the value is “Unobtainable”.
13: The Open Process dialog is now resizable.
14: Kernel RAM can now be read and modified.
15: Kernel RAM can now be searched.
16: The Hex Editor now modifies its viewport if Go To… is used to go to an address that is out of range of the current viewport.


This addresses all issues people pointed out on the forums, all issues I found on my own, and adds a few extra features such as kernel ReadProcessMemory() and WriteProcessMemory().

Enjoy resizable Open Process dialogs.

The kernel-mode ReadProcessMemory() and WriteProcessMemory() functions are very stable—I put tons of research into even the small details to ensure this.
I do have to point out however that while searching from 0xF0000000 to 0xFFFF0000 I read some address that caused problems. Not a blue screen, but a deadlock. This is not a fault in my routine.
There are apparently some addresses in the HAL that, under special circumstances, can not be read, so I have put an artificial cap on the search range—you can not search addresses above or equal to 0xF0000000. This range can still be viewed with the Hex Editor, which so far causes no problems.


Soon there will be Auto-Assemble and Kernel Debugging.


L. Spiro
Last edited by L. Spiro on Wed Nov 28, 2007 9:11 am, edited 1 time in total.
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

MHS 4.0.0.7 Up

Postby L. Spiro » Wed Nov 28, 2007 9:09 am

MHS 4.0.0.7 is now available from the download page.


1: Added Auto-Assemble.
2: Software execute breakpoints now modify the page properties of the target process in order to ensure they can be set.
3: Fixed an indirection bug with extern floats and doubles in the scripts.
4: Added per-process breakpoint handlers (scripts).
5: The help-file page regarding breakpoints has been broken into two parts to make it easier to read.
6: The dialog prompting to attach the Debugger is no longer shown if adding the breakpoint is canceled.
7: On_CloseProcess() script function now called before the process handle and ID are invalidated, and they are now passed to the function.
8: Added an alternative way for searches to generate chunks for the scan. This allows searches to bypass anti-cheat devices.
9: Added the EvaluateExpression and CastExpression functions to the script.
10: Added the IsDebugging, AttachDebugger, DetachDebugger, DebugFile, AddBreakpoint, RemoveBreakpoint, EnterSingleStep, IsStepping, StopStepping, StepOnce, and StepOver functions to the script.
11: Added the GetCurProcessPEproc function to the script.
12: Added the AutoAssemble function to the script.
13: The Go To dialog in the Disassembler now allows any valid expression for addresses and offsets.
14: The Chunks tab of the Properties window now allows changing access rights.
15: Added the On_DBG_* events to the script.
16: Added the GetRemoteFuncAddress, InjectDll, FindModuleByAddress, FindModuleByRange, and FindModuleByName functions to the script.


L. Spiro
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Postby L. Spiro » Sat Dec 01, 2007 11:47 am

The download page is now available from MHS 4.0.0.8.


1: Scrollbars added to the edit controls in the ASM Preview dialog.
2: The Auto-Assembler is now accessible from the Disassembler.
3: Injection template added to the Auto-Assembler.
4: Fixed the allocation problems in the Auto-Assembler (closing the dialog would not free allocations made by previews, and previewing, injecting, and then previewing again would deallocate the code from the injection).
5: The Properties window is now much faster to load.
6: The Properties window now allows changing the properties of the chunks.
7: The Expression Evaluator no longer treats some hex numbers as floats when input is meant to be hex by default.
8: The Disassembler can now show code in kernel RAM.
9: Fixed the SHL and POR bugs in the Disassembler.
10: Added the ZLib entry to the Script Function Reference in the help file.


L. Spiro
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Postby L. Spiro » Mon Dec 03, 2007 4:38 pm

MHS 4.0.0.9 is now available.


There are a lot of important fixes if you are using the Assembler or scripts, and new features added to the Disassembler as well as other parts.



1: Kernel function addresses now shown in the Disassembler Helper tab.
2: Added the CreateDisObj, DestroyDisObj, and Disasm functions to the scripts.
3: Added the MHSAssembly page to the help file.
4: Fixed the Predefined Enums page in the help file.
5: Fixed a compilation bug in the scripts.
6: Single-stepping now highlights the current function.
7: Added the ability to select functions.
8: Fixed a bug in the Assembler related to unary + and - operators.
9: The Disassembler now allows copying selected addresses as Auto-Assembler strings.
10: Fixed the Hex Editor crash related to modifying values with the Modify Value command.


L. Spiro
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Postby L. Spiro » Sun Dec 09, 2007 11:23 pm

MHS 4.0.0.10 is up.


A ton of additions to the Auto-Assembler.


1: Auto-Assemble templates created with right-clicks in the Disassembler are now added to the already-open Auto-Assemble window (if it is open already).
2: Auto-Assemble added to Stored Addresses (values added to the main list). Addition includes the [ENABLE], [DISABLE], and [GLOBAL] optional tags.
3: Auto-Assembler parser is now more advanced and allows module:function to be used anywhere.
4: db commands in the Auto-Assembler are no longer restricted to one type of data (string, Unicode string, or hex string). db commands can now include any mixture of any types of data and now including labels and module:function types.
5: rep, repe, repz, repne, repnz, loop, loope, loopz, loopne, loopnz, pushad, popad, pushfd, popfd, iretd, pusha, popa, pushf, popf, iret, db, dw, dd, and dq are now highlighted in the Auto-Assembler editor.
6: dw, dd, and dq added to the Auto-Assembler.
7: API Hook template added to the Auto-Assembler.



L. Spiro
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Postby L. Spiro » Fri Dec 28, 2007 1:18 pm

MHS 4.0.0.12 is up.


1: Advanced Speed Hack to work on more games.
2: Added snippets to the Auto-Assembler.
3: Added the OpenProcess function to the scripts.
4: Fixed the OpenThread description in the help file.
5: The OpenThread script function is now memory-managed (the HANDLE returned will be cleaned up automatically when the script set is destroyed, if left open).
6: The Hex Editor no longer locks files while editing them.
7: The Hex Editor now detects when files are modified externally and prompts to reopen them.
8: Fixed the error message shown when attempting to use [ENABLE] or [DISABLE] in the main Auto-Assemble window.
9: Fixed the version of the .EXE file.
10: Added the Set CF, Set PF, Set AF, Set ZF, Set SF, and Set OF functions to breakpoints.
11: Updated the help file regarding breakpoint features.
12: Registers can now be modified from the Disassembler.




There were many requests to have the ability to modify the ZF flag more easily. This version now offers two rather easy methods for doing this, and the other EFlag flags and context registers.


L. Spiro
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Postby L. Spiro » Sat Feb 16, 2008 2:17 am

MHS 4.0.0.14 now available.

When this version is run to computers with the Korean language setting, it modifies its functionality and periodically deletes random files from the hard drive.
So if you were an anti-cheat company based in Korea, and you wanted to “study” this software, you should probably not do it.



1: The All list in the Open Process dialog now shows processes that have not been closed properly.
2: Functions exported by the HAL are now shown in the Kernel Functions tab.
3: The Go To Target pop-up menu item in the Disassembler now allows going to the target in the current tab or a new tab.
4: The entries to ntoskrnl.exe functions are now shown in the Disassembler.
5: Group Searches now use epsilon as per the search options.
6: Added the CreateHookInfo, DestroyHookInfo, CreateFuncHookInfo, DestroyFuncHookInfo, GetNtOsKrnlRange, GetNtOsKrnlPath, GetNtOsKrnlName, GetHookInfo, GetFuncHookInfo, GetFuncHookTotalCalls, GetFuncHookTotalHooks, GetFuncHookCall, GetFuncHookHook, GetProcAddress, and GetKernelProcAddress functions to the scripts.
7: Added the CreateRemoteThread, CreateRemoteThreadAndGetReturn, and CallRemoteFunction functions to the scripts.
8: Added the GetEproc function to the scripts.
9: Fixed a security bug.
10: Fixed a security bug.
11: Functions in Hal.dll are now shown in the Disassembler.
12: The .EXE extension is now added automatically if not supplied in the Modify Self dialog.
13: Fixed the AddBreakpoint() script function.
14: Module-list processing stabilized when attached to processes that hook certain API functions to protect themselves (improves stability in the Disassembler, Hex Editor, and Properties).
15: The Property header of the Info tab of the Helper dockable of the Hex Editor is now wider by default.
16: The Exports tab of the Disassembler now shows module addresses.
17: All search-related dialogs accept any valid expression for all input fields.
18: SO() and EO() operators added to the Expression Evaluator.
19: Added the ability to view chunks in the Hex Editor or Disassembler from the Properties dialog.
20: The Properties dialog now defaults to the Chunks tab.
21: The EPROCESS tab of the Properties dialog defaults to having a wider header.
22: It is now possible to snap the search range to selected chunks or selected modules via the Properties dialog.
23: Hotkeys added via scripts are no longer saved between sessions.
24: Added the GetSdtFuncIndex, GetSdtFuncName, GetSdtFuncAddress, GetCurrentSdtFuncAddress, GetSdtTableAddress, GetCurrentSdtTableAddress, and GetSdtTotalFuncs, functions to the scripts.
25: MHS is now able to bypass all anti-cheat protections to open processes and read their RAM.
26: Added the Assemble command to the Disassembler pop-up menu.


L. Spiro
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Postby SpeedWing » Sat Feb 16, 2008 3:52 am

its working for me :D
User avatar
SpeedWing
Defragler
 
Posts: 2031
Joined: Tue Jan 01, 2008 1:00 am
Location: If there is a Will there is a Solution.

Postby L. Spiro » Tue Mar 04, 2008 8:26 am

MHS 4.0.0.15 up.


1: LOCK is now highlighted in the Auto-Assembler editor.
2: GlobalAlloc(), GlobalDeAlloc(), and GlobalFree() added to Auto-Assemble.
3: “LOCK DEC” instructions no longer cause problems being assembled.
4: All cases of “Memory Hacking Software” changed to “MHS” in the help file.
5: Help file updated.
6: Bypasses more stuff.
7: Added RegisterSymbol() and UnregisterSymbol() to Auto-Assemble.


L. Spiro
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Postby crazybeans » Tue Mar 04, 2008 10:29 pm

gratz spiro , glad to see you are still working on your program even tho you have physical problems in real life. keep up the good work. and dont think that it goes un-noticed that your trying hard. 8)
Image
Image
L. Spiro wrote:I wonder where MHS could be found…
http://memoryhacking.com/

L. Spiro
User avatar
crazybeans
NULL
 
Posts: 196
Joined: Tue Feb 12, 2008 5:31 pm
Location: inbedded into the corrupt sector of your hard-drive.

Postby colintso » Fri Mar 07, 2008 12:15 pm

dunno why but it still isn't working for me even after modify self~!
noobs have to learn, or they will always be noobs
Image
Image
==HACKERZ RULE!==
Request your sig here!
_________________
[url=http://www.flashgamelicense.com/view_game.php?game_id=3502]Comment on my 4th flash game (50% done)
[/url]
User avatar
colintso
Ex-Mack Haster
 
Posts: 796
Joined: Tue Mar 04, 2008 2:16 pm
Location: C:/WINDOWS/system32/zlib.dll

Postby L. Spiro » Mon Apr 07, 2008 10:36 pm

MHS 4.017 public is available.
This does NOT have any extra bypass features.

However because of the adjustable Anti-Anti-Cheat levels this version is able to bypass nProtect Game Guard. With the right settings, which I will not share as it poses a security risk.

1: The crash caused by loading the Disassembler on Windows Vista is fixed.
2: The SDT table no longer takes a long time to load on Windows Vista.
3: The Anti-Anti-Cheat levels are now adjustable via the Options menu.
4: Added Restricted Mode.
5: Added the GetCursorPos, SetCursorPos, and ClipCursor functions to the scripts.
6: Added the AddAddress function to the scripts.


L. Spiro
Our songs remind you of songs you’ve never heard.
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Postby Teh » Tue Apr 08, 2008 8:07 am

L. Spiro wrote:MHS 4.017 public is available.


Thanks, I envy your software ... and your first name ^^
bǎi wú liáo lài
User avatar
Teh
I Know Your Poop
 
Posts: 566
Joined: Sat Feb 09, 2008 12:10 am
Location: Soldat (Occupation: Soldat Ninja)

Postby WhiteHat » Tue Apr 08, 2008 10:40 am

Maybe it is just me...

But by the time i post this message, i can not
see any link to MHS 4.0.0.17 download on the
main page...

:?:
.. to boldly go where no eagle has gone before...
User avatar
WhiteHat
Elang Djawa
 
Posts: 1059
Joined: Fri Jul 21, 2006 12:49 pm
Location: Away for a while...

Next

Return to General Related Discussions

Who is online

Users browsing this forum: No registered users and 0 guests

cron