I have an idea. (Hacking)

[Wutai Clan]

Whilst I was incorrect, I *was* talking about memory. Don't confuse the 'persistent' .exe file with executable segments, portions of RAM which contain the executed binary.

As far as I know, if it's in memory, it can be edited, you sometimes have to raise your rights to do so, but it's not hard, I can't remember the code off the top of my head, but the windows API has functions for both editing memory, and elevating access privileges,.

(I had to do that to modify Fable.exe while it was memory. For a trainer I wrote.)

 

[Bosola]

I can't remember the code off the top of my head, but the windows API has functions for both editing memory, and elevating access privileges,.

VirtualProtect?

 

[Wutai Clan]

VirtualProtect?

That sounds familiar, it might be it, this was over a year ago, and I don't have the source anymore due to an HD failure. (It's the Fable Hotkey Trainer.)

But I could be misunderstanding what you are talking about(.exe segments), I'm fairly knowledgeable about these things, but not an expert, so I could easily be wrong.

Regardless, I think this idea might work, if the right ppl get on board with it. (I'll help where I can, but I'm kinda worthless when it comes to C++, beyond basic hacks, etc, I'm still just learning.)

 

[Kranmer]

Well here is the basic code used when i did the DLL for the ff7anycd DLL in ASM (this is just a example, the address's i used in this example are complete fakes, and i also used both decimal and hex to show you that both can be used if you use the correct commands)

Code: [Select]

.386.model flat,stdcalloption casemap:noneinclude include\kernel32.incincludelib lib\kernel32.libinclude include\user32.incincludelib lib\user32.libtCodeasm proto.datamaxhp dd 00400000hmaxhpvalue dd 0000270Fhmaxmp dd 00400000hmaxmpvalue dd 999d.data?OldProt dd ?.codeDllMain proc hInstance:DWORD, reason:DWORD, lpReserved:DWORD    mov eax,reason    cmp eax,1        jnz @returnf                                                invoke CreateThread, 0, 0, addr tCodeasm, 0, 0, 0                @returnf:       ret 0chDllMain endpWriteMemory proc address:DWORD, nData:DWORD, len:DWORD    invoke VirtualProtect,address,len,40h,addr OldProt    invoke RtlMoveMemory,address,nData,len    invoke VirtualProtect,address,len,OldProt,0    ret 0chWriteMemory endptCodeasm proc    @ddk:    invoke WriteMemory,maxhp,addr maxhpvalue,2    invoke WriteMemory,maxmp,addr maxmpvalue,2    retntCodeasm endp       End DllMain

just compile that in MASM as a DLL (and of course edit the values to real ones) and it shoud patch those values ingame.

Going out on a limb, but II think Kranmer is suggesting the segments aren't always contiguous (ie don't follow the same order) on different machines. I could be misunderstanding him, though.

Yes that is what i ment.

 

[Wutai Clan]

Well, anyways, the fact that I don't know what you guys are talking about with this advanced stuff, is proof enough for me, I was correct. I'm just the idea guy on stuff like this, I'll leave the implementation to the pro's who understand the more complex stuff.

Though, don't get me wrong, I'm trying hard to learn how to do advanced game hacking, so far, the best I've managed, is hooking a function in GTA2(add money function), but, as far as anything else goes, I couldn't manage to decode the stack to figure out a data structure for Fable..

I'm getting there though, I need to learn more about the stack\registers\etc, and brush up on my ASM, I just figured out today, the SHL, is shift left, and I have no clue what that means. (Something about shifting a byte, but I don't get what that means, like physically? In memory? Or shifting it's value?)

Anyways, I gotta try to get some sleep, been cool chatting, I hope that I at least inspired something good, even if I can't help as much as I'd like to.

 

[Bosola]

A left / right shift (also known as a logical shift) is when you 'move' the contents of a number to the right or left.

For instance, if I take the binary number 00111100, and left shift it by two places, I get 11110000 - the 1111 is moved two places to the left. If I left shift it by four places, I get 1111000000.

The right shift is slightly different. When I right shift, digits 'fall off' the 'end' of the number. For example, if I right shift 00111100 by two places, I get 00001111. If I right shift it by four places, I get 00000011.

In effect, a left shift multiplies, and a right shift divides by powers of two. If I take the binary number 10 (=2), and left shift it by 1, I get 100 (4). Thus, left shifting by X places is the same as multiplying by 2 to the power of X. Right shifting is the same, but for division.

What's significant is that left and right shifts are far faster to perform than multiplication and division. On most CPUs, division is horrendously slow, so compilers will usually swap any division by a power of two with an appropriate logical right-shift. This makes your application faster.

 

[Wutai Clan]

Thanks for the explanation, I think I understand now.

Honestly, it's a pitiful thing for a programmer to admit, but, alas, math is my biggest weakness, so you lost me a bit here..

If I take the binary number 10 (=2), and left shift it by 1, I get 100 (4). Thus, left shifting by X places is the same as multiplying by 2 to the power of X.

But the rest made sense, I pick up programming stuff fairly quick, math, takes a bit longer to sink in. Though, I guess as long as I remember its for(faster) div\sub, I should be fine.

 

[Wutai Clan]

.....

 

[Bosola]

Can't GCC accept inline ASM for x86?

 

[Wutai Clan]

Created a project.. Moved there..

 

[Bosola]

In that case, I will close this thread.

If, in future, anyone would like to resume theoretical discussion of this subject in this thread, please PM me.