Thank you. Everything work fine on my Windows 7 x32 and x64 bit, but when i tested it on Windows XP x32, well application runs but when i'm changing my speed value nothing happens. I tested this pointer and it works in MHS on both Windows (XP and 7).
I'm using Visual Studio 2010 Professional [MFC Application]. I downloaded latest .NET Framework 4.0 but it didn't help.
I tried to use both Character set (Unicode and Multi-byte) - nothing changed.
This is my code: (4SGH SpeedHackDlg.cpp)
Definitions:
- Code: Select all
#include "stdafx.h"
#include "4SGH SpeedHack.h"
#include "4SGH SpeedHackDlg.h"
#include <tlhelp32.h>
#include <windows.h>
#include <string>
#include <iostream>
#include <stdlib.h>
#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif
DWORD proc_id;
HANDLE hProcess;
DWORD GetModuleBase(LPSTR lpModuleName, DWORD dwProcessId);
UINT_PTR DeRef( UINT_PTR _uiptrPointer );
UINT MyThreadProc( LPVOID pParam );
void Speedhack();
UINT_PTR BaseAddress;
UINT_PTR uiptrFinal;
unsigned int speed;
bool FreezeOnOff;
int firstTime = 0;
memory():
- Code: Select all
DWORD GetModuleBase(LPSTR lpModuleName, DWORD dwProcessId);
UINT_PTR DeRef( UINT_PTR _uiptrPointer );
UINT MyThreadProc( LPVOID pParam );
void Speedhack();
UINT_PTR BaseAddress;
UINT_PTR uiptrFinal;
unsigned int speed;
bool FreezeOnOff;
int firstTime = 0;
void memory()
{
HWND hWnd = FindWindow(NULL, "4Story");
GetWindowThreadProcessId(hWnd, &proc_id);
hProcess = OpenProcess(PROCESS_ALL_ACCESS|PROCESS_VM_OPERATION|PROCESS_VM_READ|PROCESS_VM_WRITE|PROCESS_QUERY_INFORMATION, FALSE, proc_id);
if (hWnd!=0)
{
MessageBox(NULL,"Process detected","4Story",MB_ICONINFORMATION | MB_OK);
}else{
MessageBox(NULL,"Run game first!","Error",MB_ICONWARNING | MB_OK);
exit(0);
}
Speedhack();
}
Speedhack()
- Code: Select all
void Speedhack() {
BaseAddress = GetModuleBase("TLoader.exe",proc_id);
uiptrFinal = DeRef( DeRef( DeRef( BaseAddress + 0x26767C ) + 0x598 ) + 0x1EC ) + 0x9F2;
if(firstTime = 0) {
::WriteProcessMemory( hProcess, reinterpret_cast<LPVOID>(uiptrFinal), (LPCSTR)16230, sizeof(int), NULL );
++firstTime;
}
else {
::WriteProcessMemory( hProcess, reinterpret_cast<LPVOID>(uiptrFinal), &speed, sizeof(speed), NULL );
}
}
Some buttons:
- Code: Select all
void CMy4SGHSpeedHackDlg::OnSpeedOff()
{
speed = 16230;
Speedhack();
}
void CMy4SGHSpeedHackDlg::OnSpeed1()
{
speed = 16333;
Speedhack();
}
void CMy4SGHSpeedHackDlg::OnSpeed2()
{
speed = 16444;
Speedhack();
}
void CMy4SGHSpeedHackDlg::OnSpeed3()
{
speed = 16555;
Speedhack();
}
void CMy4SGHSpeedHackDlg::OnSpeed4()
{
speed = 16666;
Speedhack();
}
void CMy4SGHSpeedHackDlg::OnFreeze()
{
AfxBeginThread( MyThreadProc, 0 );
FreezeOnOff = 0;
}
void CMy4SGHSpeedHackDlg::OnFreezeExit()
{
FreezeOnOff = TRUE;
}
GetModuleBase():
- Code: Select all
DWORD GetModuleBase(LPSTR lpModuleName, DWORD dwProcessId)
{
MODULEENTRY32 lpModuleEntry = {0};
HANDLE hSnapShot = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, dwProcessId );
if(!hSnapShot)
return NULL;
lpModuleEntry.dwSize = sizeof(lpModuleEntry);
BOOL bModule = Module32First( hSnapShot, &lpModuleEntry );
while(bModule)
{
if(!strcmp( lpModuleEntry.szModule, lpModuleName ) )
//if(!wcscmp( lpModuleEntry.szModule, L"TLoader.exe") )
{
CloseHandle( hSnapShot );
return (DWORD)lpModuleEntry.modBaseAddr;
}
bModule = Module32Next( hSnapShot, &lpModuleEntry );
}
CloseHandle( hSnapShot );
return NULL;
}
DeRef():
- Code: Select all
UINT_PTR DeRef( UINT_PTR _uiptrPointer ) {
UINT_PTR uiptrRet;
if ( !::ReadProcessMemory( hProcess, reinterpret_cast<LPVOID>(_uiptrPointer), &uiptrRet, sizeof( uiptrRet ), NULL ) ) { return 0UL; }
return uiptrRet;
}
MyThreadProc() (used to freeze address):
- Code: Select all
UINT MyThreadProc( LPVOID pParam )
{
while ( !FreezeOnOff ) {
Sleep( 50 ); // 20 times per second
::WriteProcessMemory( hProcess, reinterpret_cast<LPVOID>(uiptrFinal), &speed, sizeof(speed), NULL );
}
return(1);
}
OnHScroll() - Function to my slider that is working on windows 7 and changing address value:
- Code: Select all
void CMy4SGHSpeedHackDlg::OnHScroll(UINT nSBCode, UINT nPos, CScrollBar* pScrollBar)
{
if(nSBCode == SB_THUMBPOSITION) {
speed = nPos;
if(!FreezeOnOff) {
::WriteProcessMemory( hProcess, reinterpret_cast<LPVOID>(uiptrFinal), &speed, sizeof(speed), NULL );
}
UpdateData(false);
}
else {
CDialog::OnHScroll(nSBCode, nPos, pScrollBar);
}
CDialog::OnHScroll(nSBCode, nPos, pScrollBar);
}
I can too share my visual studio project. Any idea why it work on Windows 7 (x32) but doesn't work on Windows XP (x32)?