Hello, I am currently working on a project so that you can change a password in the middle of the game (halo). Right now I'm able to read the memory, and find/display the password. I've tried to make an edit box that takes the users inputted text, and write it to the memory. Heres my current code, which is written in visual c++ 6 compiler.
[Main.c]
Code:
#include <windows.h>
#include "resource.h"
#pragma comment(linker,"/FILEALIGN:512 /MERGE:.rdata=.text /MERGE:.data=.text /SECTION:.text,EWR /IGNORE:4078")
char *gameWindow = "Halo";
DWORD pid; HWND hwndWindow; DWORD bytes; HANDLE hand = NULL;
void Initialize(HWND hwnd,WPARAM wParam, LPARAM lParam) {
hwndWindow = FindWindow(NULL,gameWindow);
if(hwndWindow) {
GetWindowThreadProcessId(hwndWindow, &pid);
hand = OpenProcess(PROCESS_VM_READ|PROCESS_VM_WRITE|
PROCESS_VM_OPERATION|PROCESS_QUERY_INFORMATION,FALSE, pid);
SetTimer(hwnd, 1, 100, NULL);
}else {
MessageBox(NULL, "Cannot find Halo Trial! It MUST be open for this trainer to work!", "Error", MB_OK + MB_ICONWARNING);
}
}
void timerCall()
{
}
BOOL CALLBACK DialogProc (HWND hDlg, UINT message, WPARAM wParam, LPARAM lParam)
{
HWND hwnd;
DWORD pid;
HANDLE process = NULL;
int x, y, z;
DWORD iAddress = 0x851178; //Starting value of password
DWORD dummy = 0;
unsigned char value[512];
char outvalue[32];
switch (message)
{
case WM_INITDIALOG:
Initialize(hDlg,wParam,lParam);
SendDlgItemMessage(hDlg, IDC_PLAYERLIST, LB_RESETCONTENT, 0, 0);
for(x = 0; x < 1;x++){
ReadProcessMemory(process,(void*)iAddress,(void*) &value,sizeof(value),&dummy);
z = 0;
for(y = 0; y < 32; y+=2){
outvalue[z++] = value[y];
}outvalue[11] = '\0';
SendDlgItemMessage(hDlg, IDC_PLAYERLIST, LB_ADDSTRING, 0, (LPARAM)outvalue);
iAddress += sizeof value;
}
return TRUE;
case WM_COMMAND:
if (LOWORD(wParam) == IDOK ||LOWORD(wParam)== IDCANCEL) {
EndDialog(hDlg, TRUE);
return TRUE;
}
if (LOWORD(wParam) == IDC_REFRESH) {
SendDlgItemMessage(hDlg, IDC_PLAYERLIST, LB_RESETCONTENT, 0, 0);
hwnd=FindWindow(NULL, "Halo");
GetWindowThreadProcessId(hwnd, &pid);
process = OpenProcess(PROCESS_VM_READ|PROCESS_VM_WRITE|
PROCESS_VM_OPERATION|PROCESS_QUERY_INFORMATION,FALSE, pid);
for(x = 0; x < 1;x++){
ReadProcessMemory(process,(void*)iAddress,(void*) &value,sizeof(value),&dummy);
z = 0;
for(y = 0; y < 32; y+=2){ //y = 0 means how many after the starting value
// y+=2 means it skips 1 each time
outvalue[z++] = value[y];
}outvalue[11] = '\0';
SendDlgItemMessage(hDlg, IDC_PLAYERLIST, LB_ADDSTRING, 0, (LPARAM)outvalue);
iAddress += sizeof value;
}
return TRUE;
}
return TRUE;
case WM_DESTROY:
PostQuitMessage(0);
return TRUE;
case WM_CLOSE:
PostQuitMessage(0);
return TRUE;
case WM_TIMER:
timerCall();
return TRUE;
}
return FALSE;
}
int APIENTRY WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow )
{
DialogBox(hInstance,MAKEINTRESOURCE(IDD_MAINDLG), NULL,DialogProc);
return 0;
}
[rsrc.rc]
Code:
//Microsoft Developer Studio generated resource script.
//
#include "resource.h"
#define APSTUDIO_READONLY_SYMBOLS
/////////////////////////////////////////////////////////////////////////////
//
// Generated from the TEXTINCLUDE 2 resource.
//
#include "afxres.h"
/////////////////////////////////////////////////////////////////////////////
#undef APSTUDIO_READONLY_SYMBOLS
/////////////////////////////////////////////////////////////////////////////
// German (Germany) resources
#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_DEU)
#ifdef _WIN32
LANGUAGE LANG_GERMAN, SUBLANG_GERMAN
#pragma code_page(1252)
#endif //_WIN32
#ifdef APSTUDIO_INVOKED
/////////////////////////////////////////////////////////////////////////////
//
// TEXTINCLUDE
//
1 TEXTINCLUDE DISCARDABLE
BEGIN
"resource.h\0"
END
2 TEXTINCLUDE DISCARDABLE
BEGIN
"#include ""afxres.h""\r\n"
"\0"
END
3 TEXTINCLUDE DISCARDABLE
BEGIN
"\r\n"
"\0"
END
#endif // APSTUDIO_INVOKED
#endif // German (Germany) resources
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
// English (U.S.) resources
#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU)
#ifdef _WIN32
LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
#pragma code_page(1252)
#endif //_WIN32
/////////////////////////////////////////////////////////////////////////////
//
// DESIGNINFO
//
#ifdef APSTUDIO_INVOKED
GUIDELINES DESIGNINFO DISCARDABLE
BEGIN
IDD_MAINDLG, DIALOG
BEGIN
LEFTMARGIN, 2
RIGHTMARGIN, 145
TOPMARGIN, 6
BOTTOMMARGIN, 36
END
END
#endif // APSTUDIO_INVOKED
/////////////////////////////////////////////////////////////////////////////
//
// Dialog
//
IDD_MAINDLG DIALOGEX 0, 0, 151, 38
STYLE DS_SYSMODAL | DS_MODALFRAME | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION |
WS_SYSMENU
EXSTYLE WS_EX_TOOLWINDOW
CAPTION "Password Changer"
FONT 8, "Verdana"
BEGIN
LISTBOX IDC_PLAYERLIST,2,6,48,13,LBS_NOINTEGRALHEIGHT |
WS_TABSTOP
PUSHBUTTON "&Refresh",IDC_REFRESH,111,6,34,14,0,WS_EX_CLIENTEDGE |
WS_EX_STATICEDGE
PUSHBUTTON "&Close",IDOK,111,22,34,14,0,WS_EX_CLIENTEDGE |
WS_EX_STATICEDGE
LTEXT "Orig. Password",IDC_STATIC,52,8,50,8
EDITTEXT IDC_EDIT1,2,21,48,15,ES_AUTOHSCROLL
LTEXT "New Password",IDC_STATIC,52,23,53,10
END
#endif // English (U.S.) resources
/////////////////////////////////////////////////////////////////////////////
#ifndef APSTUDIO_INVOKED
/////////////////////////////////////////////////////////////////////////////
//
// Generated from the TEXTINCLUDE 3 resource.
//
/////////////////////////////////////////////////////////////////////////////
#endif // not APSTUDIO_INVOKED
[Resource.h]
Code:
//{{NO_DEPENDENCIES}}
// Microsoft Developer Studio generated include file.
// Used by rsrc.rc
//
#define IDD_MAINDLG 101
#define IDC_REFRESH 102
#define IDC_ABOUT 1009
#define IDC_EXIT 1010
#define IDC_PLAYERLIST 1011
#define IDC_FAST 1015
#define IDC_CHECK1 1016
#define IDC_CHECK2 1017
#define IDC_NOFLAGS 1018
#define IDC_NOTEAM 1019
#define IDC_NADES 1020
#define IDC_BUTTON4 1021
#define IDC_AMMO 1021
#define IDC_EDIT1 1022
// Next default values for new objects
//
#ifdef APSTUDIO_INVOKED
#ifndef APSTUDIO_READONLY_SYMBOLS
#define _APS_NEXT_RESOURCE_VALUE 106
#define _APS_NEXT_COMMAND_VALUE 40001
#define _APS_NEXT_CONTROL_VALUE 1023
#define _APS_NEXT_SYMED_VALUE 101
#endif
#endif
Any help would be greatly appreciated.
-Thanks, FuFu