• Amused
  • Angry
  • Annoyed
  • Awesome
  • Bemused
  • Cocky
  • Cool
  • Crazy
  • Crying
  • Down
  • Drunk
  • Embarrased
  • Enraged
  • Friendly
  • Geeky
  • Godly
  • Happy
  • Hateful
  • Hungry
  • Innocent
  • Meh
  • Piratey
  • Poorly
  • Sad
  • Secret
  • Shy
  • Sneaky
  • Tired
  • Wtf
  • At Work
  • CodenzHub
  • Coding
  • Deejaying
  • Donating
  • Drinking
  • Eating
  • Editing
  • Hacking
  • Hate Mailing
  • Jamin'
  • Lagging
  • Live Streaming
  • Lurking
  • No Status
  • Pawning
  • PC Gaming
  • PS Gaming
  • Raging
  • Reversing
  • Sleeping
  • Steam Gaming
  • Trolling
  • TwitchStreamer
  • Vodka!
  • Watching TV/Movie
  • Xbox Gaming
  • Youtuber
  • Zombies
  • Page 1 of 2 12 LastLast
    Results 1 to 10 of 19
    1. #1
      Coder
      Learning to hack games!
       
      Feeling Normal
       
      Chuck E's Avatar
      Join Date
      Jan 2013
      Location
      United Kingdom
      Posts
      119
      Thanks (-->)
      30
      Thanks (<--)
      20

      Lightbulb [RELEASE] Memory monitor - check for activity on addresses

      John Kittz
      Memory Monitor XL, the code cave's buddy
      A Chuck E attempt

      In brief: Tool will monitor an area of memory while you play to see if any of the addresses are in use.
      Source files and executable included!


      In something bigger than brief:

      Hi peeps, whilst searching the addresses of a game with the intention of creating a code cave, I thought it would be nice to have a tool that monitored an area of memory to see if it was used by the game/program. Now, there more than likely are tools out there that can do this, but I thought, hell, I'm gonna make my own.

      And here it is:

      Click image for larger version. 

Name:	MemoryMonitorImage1.jpg 
Views:	180 
Size:	161.6 KB 
ID:	2078

      All you need to do is:

      1) Select the process you wish to attach to (game or whatever)
      2) Hit the connect button
      3) Enter the start and end addresses (can be the same) of the area you wish to have monitored.
      4) Hit the Start button (changes to Stop button)
      5) Go in game and play till you think you've done enough to prove that the addresses are in use or not


      THE CONTROLS (button, combobox, textbox etc)
      The controls will be deactivated until you need to use them. E.g. all controls are deactivated at the start except for the select process one.


      Output area - Bottom area of the GUI
      The addresses are displayed here.
      - Green address = address has not been used
      - Red address = address has been used
      You can Copy and Paste the addresses into Open Office, and it will retain the colours.


      STOP/START
      The Start button, when active, will act as both Stop and Start of the address monitoring. Text of the button will switch between Stop and Start.
      Start will always start the monitoring afresh. So if needed, make sure you copy the addresses to Open Office (colours are retained).


      The number of addresses
      Best not to use too many, but if it is more than a couple of thousand then best to disable displaying of the addresses. This tool is ideally for monitoring a small area where you would like to put your code cave.


      GOOD LUCK TO ALL WHO TRY THIS OUT


      DEVELOPMENT:
      Visual Studio 2012
      C# and WPF
      MS Windows 7


      CREDITS:
      MSDN (https://msdn.microsoft.com/) <-- my main hangout it seems these days!
      Min Zhu - for the code for locating text in a RichTextBox <--- see, freaking awesome!!!!
      https://social.msdn.microsoft.com/Forums/vstudio/cs-CZ/fc46affc-9dc9-4a8f-b845-89a024b263bc/how-to-find-and-replace-words-in-wpf-richtextbox?forum=wpf
      Fleep and the
      https://guidedhacking.com/ peeps

      DOWNLOAD THE GOODIES HERE

      2 downloads:
      The executable - download it anywhere and run, job done
      The VS 2012 project files - download to wherever, and open up the solution (must have Visual Studio)


      Virus Total scan for MemoryMonitor.zip (executable)
      https://www.virustotal.com/en/file/d...is/1382195493/

      Virusscan Jotti for MemoryMonitor.zip (executable)
      https://virusscan.jotti.org/en/scanr...5c965148d2a027

      Virus Total scan for MemoryMonitor VS project files.zip
      https://www.virustotal.com/en/file/e...is/1382196826/

      Virusscan Jotti for MemoryMonitor VS project files.zip
      https://virusscan.jotti.org/en/scanr...7aa8598e02673e
      Attached Files Attached Files
      Last edited by Chuck E; 10-19-2013 at 11:14 AM.

    2. Thanks ROGAR thanked for this post
    3. #2
      Learning to hack games!
       
      Feeling Normal
       
      's Avatar
      Join Date
      Jan 1970
      Posts
      0
      Thanks (-->)
      294
      Thanks (<--)
      328
      Good job, Chuck E-san!

      You sir, are getting there!

    4. #3
      Coder
      Learning to hack games!
       
      Feeling Normal
       
      Chuck E's Avatar
      Join Date
      Jan 2013
      Location
      United Kingdom
      Posts
      119
      Thanks (-->)
      30
      Thanks (<--)
      20
      Arigatō, Agent Smith-san

      Took me long enough! About 2 seconds to sort out the memory stuff and 2 days to get RichTextBox to do what I wanted !!!! Me no like WPF RichTextBox!
      Last edited by Chuck E; 10-19-2013 at 11:13 AM.

    5. #4
      Global Moderator
      give me my colorz back
      FeelsBadMan
       
      Coding
       
      till0sch's Avatar
      Join Date
      Oct 2012
      Location
      Germany.
      Posts
      1,168
      Thanks (-->)
      179
      Thanks (<--)
      340
      So I could monitor changes in my player structure e.g. and then see what happens if I walk etc.?

    6. #5
      Coder
      Learning to hack games!
       
      Feeling Normal
       
      Chuck E's Avatar
      Join Date
      Jan 2013
      Location
      United Kingdom
      Posts
      119
      Thanks (-->)
      30
      Thanks (<--)
      20
      Quote Originally Posted by till0sch97 View Post
      So I could monitor changes in my player structure e.g. and then see what happens if I walk etc.?
      Yes you can. I forgot to say you can do things like that <--- WRONG

      Actually, it does not show the contents, but I could make it show the contents.

      It also highlights the last address accessed.

      I need to sort out the entering of the addresses. Right now you have to leave the input boxes before it tests the contents. A bit of a pain really.
      Last edited by Chuck E; 10-19-2013 at 01:55 PM.

    7. #6
      Coder
      Learning to hack games!
       
      Feeling Normal
       
      Chuck E's Avatar
      Join Date
      Jan 2013
      Location
      United Kingdom
      Posts
      119
      Thanks (-->)
      30
      Thanks (<--)
      20
      I made this initially for locating a good place for a code cave, but it might be an idea to expand its use and allow the viewing of the address contents.

      Do something like: 2 radio button - address monitor / contents monitor

      If contents monitor, then have it use a bigger display area.

      I'll do this tomorrow. It'll only require the addition of the radio buttons and to have it increase the size of the GUI and RichTextBox. (famous last words!)... 3 weeks later.... &^%* RichTextBox $%$% WPF ^&&* hate *&% MOTH^& F%$^&% BUTT HOLE!
      Last edited by Chuck E; 10-19-2013 at 02:07 PM.

    8. #7
      Kim Kong Trasher
      I don't have status.
       
      Raging
       
      c5's Avatar
      Join Date
      Jul 2012
      Location
      Mankei Iland
      Posts
      1,221
      Thanks (-->)
      97
      Thanks (<--)
      491
      Sweet release chuck

      Nonetheless, easiest way to find a codecave is to find a bunch of 0xCC breakpoints between functions. Or just overwrite a few db functions. Monitoring memory isn't that efficient because you might have to do a lot of testing to be sure nothing accesses the memory, otherwise under some rare conditions you'll crash.

      So 0xCC
      [RELEASE] Memory monitor - check for activity on addresses

    9. #8
      Coder
      Learning to hack games!
       
      Feeling Normal
       
      Chuck E's Avatar
      Join Date
      Jan 2013
      Location
      United Kingdom
      Posts
      119
      Thanks (-->)
      30
      Thanks (<--)
      20
      Quote Originally Posted by c5 View Post
      Sweet release chuck

      Nonetheless, easiest way to find a codecave is to find a bunch of 0xCC breakpoints between functions. Or just overwrite a few db functions. Monitoring memory isn't that efficient because you might have to do a lot of testing to be sure nothing accesses the memory, otherwise under some rare conditions you'll crash.

      So 0xCC
      Thanks, c5

      Ah ha, 0xCC breakpoints and db functions. I'll remember that, thanks

      I was going to ask you what to look for, when wanting to create a code cave, but I figured the answer you would give me would put an end to the tool creation, so I just went "what the hell" and made it, lol

      I'll look for the 0xCC breakpoints and/or db functions tomorrow, then will create my first code cave

    10. #9
      Kim Kong Trasher
      I don't have status.
       
      Raging
       
      c5's Avatar
      Join Date
      Jul 2012
      Location
      Mankei Iland
      Posts
      1,221
      Thanks (-->)
      97
      Thanks (<--)
      491
      Quote Originally Posted by Chuck E View Post
      Thanks, c5

      Ah ha, 0xCC breakpoints and db functions. I'll remember that, thanks

      I was going to ask you what to look for, when wanting to create a code cave, but I figured the answer you would give me would put an end to the tool creation, so I just went "what the hell" and made it, lol

      I'll look for the 0xCC breakpoints and/or db functions tomorrow, then will create my first code cave
      Sure thing, good luck

      I never deal with code caves myself though, just hook what I want. Dealing with code caves is just unnecessary overhead in my opinion.
      [RELEASE] Memory monitor - check for activity on addresses

    11. #10
      Coder
      Learning to hack games!
       
      Feeling Normal
       
      Chuck E's Avatar
      Join Date
      Jan 2013
      Location
      United Kingdom
      Posts
      119
      Thanks (-->)
      30
      Thanks (<--)
      20
      Cheats'n'Trainers
      Quote Originally Posted by c5 View Post
      Sure thing, good luck

      I never deal with code caves myself though, just hook what I want. Dealing with code caves is just unnecessary overhead in my opinion.
      That shows a level of understanding I have not reached yet.

      I think this must be how the Buddy bots work (DemonBuddy, HonorBuddy, etc), as they say they do not inject (one less way their bots can get found out). Hmm, interesting.

      I need to work on this hooking thing

    Page 1 of 2 12 LastLast

    Similar Game Hacker Threads

    1. [Help] Dumping a whole region of memory somewhere to trick a memory check
      By windows.h in forum Hacking Help
      Replies: 6
      Last Post: 02-18-2016, 09:28 AM
    2. [Help] How to find player memory addresses?
      By louie in forum Hacking Help
      Replies: 2
      Last Post: 09-15-2015, 01:48 AM
    3. Memory Addresses! :/
      By Ollie in forum Hacking Help
      Replies: 4
      Last Post: 02-05-2013, 03:08 PM
    4. CoD 4 Weird Memory Store/Check..?
      By Crazywink in forum Hacking Help
      Replies: 4
      Last Post: 07-23-2012, 07:58 AM

    Tags for this Thread