[Help] DLLs and complex addresses?

Technical Discussions not Related Directly to MHS. For Example, Coding, Hex Editing, General Hacking, Etc.

Moderators: g3nuin3, SpeedWing, WhiteHat

[Help] DLLs and complex addresses?

Postby Fouf » Wed Dec 22, 2010 10:44 pm

I've just started to learn about memory editing and what not and have followed lots of tutorials here, but I can't seem to edit a complex address in my DLL... I have been able to with an application but not in a DLL, I have tried things such as..

Code: Select all
      memcpy((LPVOID)&buffer, (LPVOID)Bombs, 4);
      Bombs2 = (DWORD*)(Bombs + 0x0);
      Bombs3 = (DWORD*)(Bombs2 + 0x0);
      Bombs4 = (DWORD*)(Bombs3 + 0x8C);

But that doesn't work when I try
Code: Select all
Bombs4* = value;


How do :?

[[0x00570074+0x0]+0x0]+0x8C Is the address, I can't seem to do it properly ><.


Fouf
Fouf
I Have A Few Questions
 
Posts: 6
Joined: Tue Dec 21, 2010 9:33 pm

Re: [Help] DLLs and complex addresses?

Postby L. Spiro » Thu Dec 23, 2010 1:34 am

First off:
viewtopic.php?f=30&t=5519
Stop using DWORD and definitely stop using 4.
Code: Select all
memcpy( (LPVOID)&Bombs, (LPCVOID)&buffer, sizeof( UINT_PTR ) ); // Bombs is in the wrong position and sizeof() should be used instead of hardcoding numbers.  NEVER HARDCODE NUMBERS.



Secondly:
[] brackets in Complex Addresses replicate the dereference (*) operator in C/C++.
Whether you are working remotely or locally (remotely using ReadProcessMemory() or locally with an injected DLL), you need to create a function called DeRef() to make things easier.

If you are working remotely:
Code: Select all
UINT_PTR DeRef( UINT_PTR _uiptrPointer ) {
     UINT_PTR uiptrRet;

     if ( !::ReadProcessMemory( hProcess, reinterpret_cast<LPVOID>(_uiptrPointer), &uiptrRet, sizeof( uiptrRet ), NULL ) ) { return 0UL; }
     return uiptrRet;
}


If you are working locally inside the target process via an injected DLL:
Code: Select all
UINT_PTR DeRef( UINT_PTR _uiptrPointer ) {
     return (*reinterpret_cast<UINT_PTR *>(_uiptrPointer));
}



With your helper function working, simply replace “[” with “DeRef( ” and “]” with “ )”.

Code: Select all
[[0x00570074+0x0]+0x0]+0x8C

becomes:
Code: Select all
DefRef( DefRef( 0x00570074+0x0 )+0x0 )+0x8C


And since this resolves to a pointer to a DWORD, your code becomes:
Code: Select all
DWORD * pdwFinal = reinterpret_cast<DWORD *>(DefRef( DefRef( 0x00570074+0x0 )+0x0 )+0x8C);
(*pdwFinal) = 90;  // Modify the value.



L. Spiro
Our songs remind you of songs you’ve never heard.
User avatar
L. Spiro
L. Spiro
 
Posts: 3127
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Re: [Help] DLLs and complex addresses?

Postby Fouf » Thu Dec 23, 2010 4:42 am

Wow, thanks a bunch Spiro. DWORD will be avoided and once again thanks. I do have one question though, whenever my DLL is uninjected the game crashes, would you happen to know why or would you need to see the code?

I kind of have 2 threads made when DLL PROCESS ATTACH is called,

Code: Select all
DWORD WINAPI Cheats(LPVOID lParam)
{
   while(!quit)
   {
      if(iBombs)
      {
         DWORD* FinalPTR = reinterpret_cast<DWORD*>(DeRef(DeRef((Base + 0x170074) + 0x0)+0x0)+0x8C);
         (*FinalPTR) = 3;
      }
   Sleep(20);
   }
   ExitThread(0);
}

DWORD WINAPI Keys(LPVOID lParam)
{
   while(!quit)
   {
      if(GetKey('T'))
      {
         iBombs = (iBombs == true) ? false : true;
      }
      if(GetKey('Q'))
      {
         quit = true;
      }
   Sleep(20);
   }
   ExitThread(0);
}

Works fine, just that it crashes when uninjected ><

I know I should probably make a window and use events but this is just a small little thing so I can expand my knowledge :!.

Anyway thanks again!

Fouf
Fouf
I Have A Few Questions
 
Posts: 6
Joined: Tue Dec 21, 2010 9:33 pm

Re: [Help] DLLs and complex addresses?

Postby L. Spiro » Thu Dec 23, 2010 4:55 am

If it only crashes while your threads are running then the answer is obvious: Close the threads before uninjecting.

Otherwise use a stable uninjector, such as the one in MHS.

If you are sure the injector is working, undo modifications to the game code that you may have made.


L. Spiro
Our songs remind you of songs you’ve never heard.
User avatar
L. Spiro
L. Spiro
 
Posts: 3127
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Re: [Help] DLLs and complex addresses?

Postby Fouf » Thu Dec 23, 2010 4:58 am

I use MHS so I'll see if I can stop the threads before uninjection. Thanks :o

- I hit q before uninjecting and that worked. Yay.

Fouf
Fouf
I Have A Few Questions
 
Posts: 6
Joined: Tue Dec 21, 2010 9:33 pm


Return to Technical Unrelated

Who is online

Users browsing this forum: No registered users and 1 guest

cron