Hi FSB,
I may be able to help in a sort of round about way, which is what I've had luck with in the past. It may or may not be correct, and is definitely not the most efficient, but I'll let you decide; it does work.
I was always curious how people would create hacks for games, and knew very little (just the basic logic involved with coding) so I sought answers and came across MHS.
I had a similar problem you did, which is due to DMA, and I had posted for help, at which L. Spiro was kind enough to help me with.
I was wanting to make a vector aimbot, and had limited coding knowledge, and I didnt know a thing about injecting code into memory (I still don't know much, as I've only punched in values).
Long story short(er), I knew that if I could get the XYZ location of a player and myself I could use that to create a vector aimbot, the problem I had was that the XYZ location of myself and other players would move around, due to DMA. But L. Spiro made me aware that these values are part of a player structure and will always maintain a fixed relation within that structure.
So what I did was look for the start of the structure addressed by a static pointer. The structure moves around, but obviously the static pointer does not.
I used AHK to gain read and write access privies to the games memory through the windows kernel, and I looked at the contents of that static pointer, which was the start of the structure which contained the XYZ values within.
After having done that I was able to solicite to the kernel what address I wanted to play with.
Here's an example of an AHK dllcall,
- Code: Select all
ProcessHandle := DllCall("OpenProcess", "Int", 0x0038, "Char", 0, "UInt", PID, "UInt")
AHK has some unconventional syntax that a lot of people find irritating, but I've never really used much else, so it makes enough sense to me.
0x0038 is the read and write privies requested of the kernel.
- Code: Select all
DllCall("ReadProcessMemory","UInt",ProcessHandle,"UInt", base_pointer, "Int *", player[%A_Index%]_pointer, "UInt", 4, "UInt *", 0)
The
"UInt", 4, portion of the above code is where you define the type of data, and the size of it. In this case, its an 'Unsigned Integer' of 4 bytes.
The little 'hack' I made doesn't inject code, it only reads values, and plugs values, which doesnt change the games memory; except for falsely gained- yet legimate values where they should be.
If you still need help I can try to make you something in AHK that does this for you. I know I'm pretty noob, and don't know near as much as others on this forum, but I am willing to spend the time to talk with you and help you as much as I know how.