Memory Hacking Software

Hi, first can I just say that registering an account on this forum was ridiculous, the capcha was so hard to understand that because of the limited number of registration attempts I went through four CGI proxies to register this account, to say the least it was infuriating.

Anyway, I have a peculiar problem using MHS, this is a problem that also occurs the CheatEngine so I don't think it's a fault in the software.

Right so I wanted to make Duke move faster in duke nukem forever, so I hunted down the memory location the coordinates where stored at and the found which piece of code was writing to them. I created a code cave and in the cave I put the piece of code which increments dukes position twice.

The game crashed. (duke kept dying, the game reloads, he instantly dies, then game crashes)

So I figured I'd get a bit simpler and just NOP the increment so that he doesn't move.

The game crashed. (same thing again)

So now I'm thinking... WTF, so I create a simple application that shows an integer and when you press a button it increments it. I go into MHS and change the ADD to a SUB, press the increment button and ... the program increments (not de-increments) then crashes.

So now I try to NOP the ADD, and again it crashes.

So, i'm using Windows 7, I run MHS with admin privilages, and I have malware bytes installed. Game trainers I download work fine. So I have no idea why this is happening? Am I really modifying the game code incorrectly? The impression I got is that simple modifications like ADD to SUB and ADD to NOP should work?

If any one could help that would be awesome, I really REALLY want duke to move faster. (just duke)

Seriously MHS crash more often on window 7! Me Crash also when finding pointer or somthing.
why you want the duke move fast and not the game? just use speedhack instead dude!

I am sure L.Spiro himself come to explain more! I am no pro at hacking!

Speed hack makes everything move faster

I just wanted to start somewhere, it's not so much about making duke move faster, it's feeling like I've accomplished something of reasonable complexity for my current level of understanding, and this involve a code cave.

Stop modifying the game code and start modifying the values.
Modifying game code is not only overkill, it is prone to cause crashes or other negative side-effects.
Trainers work because they modify the value, not the code. The code that writes a value may also be writing tons of other values, and it also may not be the only thing writing the value you want to change.
Changing code means taking care of tons of loopholes, so just modify the value instead.


L. Spiro

Oh right? I was reading sheeps two part tutorial on DMA and he suggested that you write over the game code and no the memory to create trainers? For example infinite ammo would be to find the ammo variable in memory, find what writes to it and NOP it?

I mean I could write over memory but; I would have to find the base pointer for the allocator from looking in the game code? then write to the offset for dukes speed increment or whatever?

In what instances could I make safe modifications to game code?

NOPping it might, for example, cause others to have infinite ammo, too (if there are others who have limited ammo). For example, when I was making hacks for UT 2004, I tried to make a HP hack using that technique. It kinda worked, but it made everyone else immortal, too, so it really wasn't a solution.

The point is that modifying the code might change many other things as well, and that makes it unreliable (unless you are completely sure that it only modifies what you want it to modify). I'm pretty sure that the downsides of that approach were discussed in the tutorial. If you wanted to make an infinite ammo hack, I would advice you to write directly into the memory. Finding the pointer trail might not be easy but once you've found it, you can most likely use it for other hacks, too.

right, thank you, I'm going to look into that pointer train then, you'll know when I've done it because there will be a "duke speed trainer" I shall not be defeated easily!! ill get you duke.

You need to know what part of the game code you're changing. Sometimes you might be changing something that affects more values than the one you want. In most games you have base classes, such as an entity class, that holds all the data and functions needed for a basic entity. Then you have other specific classes, such as a player or enemy, that inherits everything from the base entity class. If the base class has a function to set the entity health, when the game modifies the health of the player or an enemy; they will both be modified from the same location in the base class. This is the main reason why sometimes if you change game code it affects others too, you have to try to find that one location in the player class that modifies only the player's health instead of the location in the base class that modifies every entity in the game.

I had a similar problem with duke nukem forever at first. But with some know-how you can find the correct code locations for inf ammo, inf health, 1hit kill, no weapon overheat, and no boost fill. At least those are what I found so far, I haven't tried looking for speed.

MHS is great for this, because with dlls that have exported functions; MHS lists the entry to those functions under the Extras column in the disassembler. This way you can tell if the location you want to modify is one that should be modified, or if it will be likely to modify other values, just by knowing the function name. For example, the function CopyCompleteValue or execFloatToInt will modify other unexpected values as well. You want to find functions like DrawEgoHud, DrawWeaponHUD, getMaxClip, or execGetMaxClip just to name a few.

Here's a tip, you know how to find what access the health or ammo to find the game code that modifies it? For this game, you have to search one pointer deep; then find what access that pointer. I found that, in this game, it will usually take you to a location that modifies that specific value only. Now only if I could find the location to always have the holoduke and other powerups.