15Dec/107
Video Tutorial – Structures In Memory
This is my video tutorial on structures in memory. We are going to focus on player structures which can be found in many commercial games and how to reverse them
Click here for the program and source code!
Enjoy.
SEO Powered by Platinum SEO from Techblissonline
December 17th, 2010 - 00:28
Interesting, I was wondering how to find them. I know cheat engine also has a handy tool for memory structures, if you know were the structure is, it will try and fill in types.
December 17th, 2010 - 00:35
Good tutorial! I look forward to your next one.
December 17th, 2010 - 06:32
Depending on the compiler often the values are 4 bytes anyway even though the programmer set it to 1 byte or 2 bytes. The compiler aligns the structure so it can be accessed more easily e.g. MOV [EDI+Offset],EAX instead of first storing the value into AL and then moving it etc.
December 22nd, 2010 - 04:56
This is a great tutorial, can’t wait for the next one. I am going to try small hacks like infinite ammo, but how do you inject the hack from outside the game(how do you make a hack without modifying the game). this was really helpful. Thanks alot.
January 4th, 2011 - 16:18
Heres Read and Write functions for structures or almost any type:
public T ReadMem(IntPtr MemoryAddress)
{
int type_size = Marshal.SizeOf(typeof(T));
byte[] buffer = new byte[type_size], num = { 0 };
T obj = default(T);
if (!P.HasExited)//check if the process has not exited
{
int ptrBytesReaded;
if (!ReadProcessMemory(hProcess, MemoryAddress, buffer, (uint)type_size, out ptrBytesReaded))
LastWin32Error = Marshal.GetLastWin32Error();
if (ptrBytesReaded == type_size)
{
IntPtr buffer2 = Marshal.AllocHGlobal(type_size);
Marshal.Copy(buffer, 0, buffer2, type_size);
obj = (T)Marshal.PtrToStructure(buffer2, typeof(T));
Marshal.FreeHGlobal(buffer2);
}
}
return obj;
}
public bool WriteMem(IntPtr MemoryAddress, T obj)
{
bool succeeded = false;
int rawSize = Marshal.SizeOf(obj);
byte[] buffer = new byte[rawSize];
//convert to byte array
IntPtr buffer2 = Marshal.AllocHGlobal(rawSize);
Marshal.StructureToPtr(obj, buffer2, false);
Marshal.Copy(buffer2, buffer, 0, rawSize);
Marshal.FreeHGlobal(buffer2);
if (!P.HasExited)//check if the process has not exited
{
int bytesWritten;
if (!WriteProcessMemory(hProcess, MemoryAddress, buffer, (uint)rawSize, out bytesWritten))
LastWin32Error = Marshal.GetLastWin32Error();
if (bytesWritten == buffer.Length)
succeeded = true;
}
return succeeded;
}
January 4th, 2011 - 16:25
wierd…still didnt show it, ”
public T ReadMem ” (IntPtr MemoryAddress);
public bool WriteMem ” (IntPtr MemoryAddress, T obj);
Just remove the single quotes, if someone could edit my original comment with the correction, and delete these 2 posts, that would be great.
January 4th, 2011 - 16:30
ok its not letting me print that at all… well its a generic type function
well since it wont let me print out those characters, ill just give you the name of the character. Add this in between the name and the parameters.
“Less-Than Sign” T “Greater-Than Sign”