Thread: Hex editing in C++

  1. #1
    Code Injector Gaming's Avatar
    Join Date
    Mar 2008
    Posts
    19

    Talking Hex editing in C++

    Is it possible to change the values of another program? Like hook onto the application and change it somehow. Where would you start? Can you give me some sample code? I can work my way from there, thanks. Also I"m trying to tweak some values of this game I just got called Oblivion. Thanks again!

  2. #2
    Kernel hacker
    Join Date
    Jul 2007
    Location
    Farncombe, Surrey, England
    Posts
    15,677
    There are probably hex editors available if you google for that.

    The next question is of course knowing what to change. It's not always easy.

    And of course, some applications check that the values haven't been changed.

    The above assumes that you can modify the file, and don't need to modify it at runtime, which makes the task a whole lot harder.

    --
    Mats
    Compilers can produce warnings - make the compiler programmers happy: Use them!
    Please don't PM me for help - and no, I don't do help over instant messengers.

  3. #3
    Code Injector Gaming's Avatar
    Join Date
    Mar 2008
    Posts
    19

    Talking

    Quote Originally Posted by matsp View Post
    There are probably hex editors available if you google for that.

    The next question is of course knowing what to change. It's not always easy.

    And of course, some applications check that the values haven't been changed.

    The above assumes that you can modify the file, and don't need to modify it at runtime, which makes the task a whole lot harder.

    --
    Mats
    Yeah I know there are hex editors out, that completely defeats the purpose of writing your own program to change the value.

    Here are the circumstances:
    I know what I'm changing
    I know that the application doesn't check if it's been manipulated
    I know the address

    How would you change the value at an address of a single player role playing game? Say, the HP. This is completely legal and educational. I've done this in VB but not in C++

    Anyone help?

  4. #4
    Kernel hacker
    Join Date
    Jul 2007
    Location
    Farncombe, Surrey, England
    Posts
    15,677
    Open the executable file in binary mode.
    Seek to the appropriate location.
    Modify the value.
    Close the file.

    First few times, make a copy of the original file, just in case you get it wrong.

    --
    Mats
    Compilers can produce warnings - make the compiler programmers happy: Use them!
    Please don't PM me for help - and no, I don't do help over instant messengers.

  5. #5
    Hardware Engineer
    Join Date
    Sep 2001
    Posts
    1,398
    I know the address
    The address in memory?... once the program is loaded and running?

    In general, you can access a memory address with a pointer. This is easy if your program "owns" the particular address. But, Windows tries to keep programs from accessing another program's memory.

    If you want to alter the EXE file (as you would with a hex editor), then you just need to know some File I/O.

    I've done this in VB but not in C++
    What operating system was that? With Winows 98, you could read/write to "random" addresses, but the newer versions of Windows block user-mode programs from directly accessing memory (or hardware). You might be able to do it with a kernel-mode driver*. Driver writing is not for beginners... If you are an advanced VB programmer you can probably learn to do it, but you'll have to learn some C/C++, because I'm pretty sure there are no kernel-mode compilers for VB.


    * A driver can directly read/write to a hardware-address, but I'm not sure if you can read an address "owned" by another "unrelated" program.

  6. #6
    Code Injector Gaming's Avatar
    Join Date
    Mar 2008
    Posts
    19
    I already know pointers and File I/O. Can you give some sample code? Windows library? Do you use a handle? How would I get started.

  7. #7
    Kernel hacker
    Join Date
    Jul 2007
    Location
    Farncombe, Surrey, England
    Posts
    15,677
    So are you looking for code to modify the executable WHILE it's running, or to modify the file before you run it? The latter should be easy following my description if you know about file-I/O.

    Modifying an executable once it is loaded is a bit trickier, but if you search the forum for ReadProcessMemory, then you should be able to find something useful.

    --
    Mats
    Compilers can produce warnings - make the compiler programmers happy: Use them!
    Please don't PM me for help - and no, I don't do help over instant messengers.

  8. #8
    Banned
    Join Date
    Nov 2007
    Posts
    678
    Quote Originally Posted by Gaming View Post
    Here are the circumstances:
    1) I know what I'm changing
    2) I know that the application doesn't check if it's been manipulated
    3) I know the address
    1) That's very good!
    2) Even better!!
    3) do this:
    Code:
    void* p = <i know the address>;
    *p = <what new value you want to put>;
    I am not poking fun at you, it's almost that simple:
    You know the address to modify, assign to a pointer var, typecast into proper type, set the desired values.

    Though, I have to wonder, how such low level stuff was possible in VB ?

  9. #9
    Code Injector Gaming's Avatar
    Join Date
    Mar 2008
    Posts
    19
    Quote Originally Posted by matsp View Post
    So are you looking for code to modify the executable WHILE it's running, or to modify the file before you run it? The latter should be easy following my description if you know about file-I/O.

    Modifying an executable once it is loaded is a bit trickier, but if you search the forum for ReadProcessMemory, then you should be able to find something useful.

    --
    Mats
    I'm planning to do it while I'm running it. I googled for a bit and found out about WriteProcessMemory. ReadProcessMemory and WriteProcessMemory should help when editing my value. It's a bit tricky though. I found a good example in planetsourcecode. thanks!

  10. #10
    Code Injector Gaming's Avatar
    Join Date
    Mar 2008
    Posts
    19
    Heres what I found:
    ReadProcessMemory is to find what value is stored at a specific address. Aha! So this is how hex editors do it!
    WriteProcessMemory is changing a value at a address.

    now I just have to grasp these concepts!

  11. #11
    Code Injector Gaming's Avatar
    Join Date
    Mar 2008
    Posts
    19
    I just finished my program. I changed values of the game Minesweeper. I have the source but I don't feel like I should post it :P, PM me if you really want it (47 lines)

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. hex editing games
    By eric123 in forum Game Programming
    Replies: 12
    Last Post: 11-16-2006, 02:30 AM
  2. Hex Editing help and information please...
    By SG57 in forum C Programming
    Replies: 9
    Last Post: 06-25-2006, 12:30 AM
  3. Replies: 11
    Last Post: 03-24-2006, 11:26 AM
  4. Hex Editing - Remove first 15 bytes
    By xTrinity in forum C++ Programming
    Replies: 13
    Last Post: 08-13-2003, 09:01 PM
  5. help with editing hex
    By clueless in forum Windows Programming
    Replies: 1
    Last Post: 09-02-2001, 08:26 AM