Memory Hacking Software

Discussions Regarding Memory Hacking Software
http://memoryhacking.com/forums/

Determine diassembler code changes

http://memoryhacking.com/forums/viewtopic.php?f=4&t=8376

Page 1 of 1

Determine diassembler code changes

PostPosted: Tue Nov 02, 2010 4:07 am
by trialusert
How can I determine whether a few code lines have been changed in the asm code of the game? I have downloaded a trainer recently and I would like to know how they made one of its features... I want to be able to see the changes in MHS diassembler each time i active/deactive that feature. Please please tell me there is an option to do so!

Re: Determine diassembler code changes

PostPosted: Wed Nov 03, 2010 7:54 am
by L. Spiro
Search for bytes that have changed within the .text section of the game module.
Or you can search the entire module for changed bytes.


L. Spiro

Re: Determine diassembler code changes

PostPosted: Wed Nov 03, 2010 8:19 am
by trialusert
Thank you.

Re: Determine diassembler code changes

PostPosted: Sun Dec 05, 2010 1:34 am
by trialusert
I managed to do it using a little C# code that I wrote. I wanna share it here, I know it's not even getting close to what MHS has to offer but it might be useful to some people...

Code: Select all
Process p = Process.GetProcessesByName("[FullProcessName]")[0];
ProcessMemoryReaderLib.ProcessMemoryReader preader = new ProcessMemoryReaderLib.ProcessMemoryReader();

preader.ReadProcess = p;
preader.OpenProcess();

int bytesread;
byte[] arr, arr2;

Console.WriteLine("1");
Console.ReadKey();
arr = preader.ReadProcessMemory(new IntPtr(0xAddress), 10000000 (number of bytes to read), out bytesread);

Console.WriteLine("2");
Console.ReadKey();
arr2 = preader.ReadProcessMemory(new IntPtr(0xAddress), 10000000 (number of bytes to read), out bytesread);

for (int i = 0; i < 10000000; i++)
    if (arr[i] != arr2[i])
    {
        Console.WriteLine("wew!");
        Console.WriteLine(arr[i].ToString("x").ToUpper() +
            " " + arr[i + 1].ToString("x").ToUpper() +
            " " + arr[i + 2].ToString("x").ToUpper() +
            " " + arr[i + 3].ToString("x").ToUpper() +
            " " + arr[i + 4].ToString("x").ToUpper() +
            " " + arr[i + 5].ToString("x").ToUpper() +
            " " + arr[i + 6].ToString("x").ToUpper() +
            " " + arr[i + 7].ToString("x").ToUpper() +
            " " + arr[i + 8].ToString("x").ToUpper() +
            " " + arr[i + 9].ToString("x").ToUpper());
        break;
    }


It is basically a simple console application that shows you the bytes that changed within 2 peirods of time. I used it to apply features from another hack into my own hack. When you see "1" on the console window, press any key. When you see "2" enable the hack and again press any key.
Here is "ProcessMemoryReaderLib" section - might help you with all kind of memory-related projects as well...
All times are UTC + 7 hours
Page 1 of 1
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/