• Amused
  • Angry
  • Annoyed
  • Awesome
  • Bemused
  • Cocky
  • Cool
  • Crazy
  • Crying
  • Down
  • Drunk
  • Embarrased
  • Enraged
  • Friendly
  • Geeky
  • Godly
  • Happy
  • Hateful
  • Hungry
  • Innocent
  • Meh
  • Piratey
  • Poorly
  • Sad
  • Secret
  • Shy
  • Sneaky
  • Tired
  • Wtf
  • At Work
  • CodenzHub
  • Coding
  • Deejaying
  • Donating
  • Drinking
  • Eating
  • Editing
  • Hacking
  • Hate Mailing
  • Jamin'
  • Lagging
  • Live Streaming
  • Lurking
  • No Status
  • Pawning
  • PC Gaming
  • PS Gaming
  • Raging
  • Reversing
  • Sleeping
  • Steam Gaming
  • Trolling
  • TwitchStreamer
  • Vodka!
  • Watching TV/Movie
  • Xbox Gaming
  • Youtuber
  • Zombies
  • Results 1 to 8 of 8
    1. #1
      Newbie
      Just learning... haha
       
      Feeling Normal
       
      TooManyColor's Avatar
      Join Date
      Oct 2015
      Location
      Brazil
      Posts
      18
      Thanks (-->)
      3
      Thanks (<--)
      4

      Finding operations and changing them

      Advertise on GuidedHacking
      Hello ppl, I'm a starter like many here and I learned some cool stuff that I wanted to share with new ppl like me... So I hope it helps someone and sorry for bad video quality !

      https://www.youtube.com/watch?v=mQUqkKfHIjo&feature

    2. Thanks cruzz, N/A, [GH]Rake thanked for this post
    3. #2
      Administrator
      Hacked By Jesus
       
      Reversing
       
      [GH]Rake's Avatar
      Join Date
      Jan 2014
      Location
      USA
      Posts
      3,596
      Thanks (-->)
      854
      Thanks (<--)
      1063
      Great stuff, video tutorials are a noobs best friend

    4. #3
      Newbie
      Trying to live...
       
      Raging
       
      _Necros_'s Avatar
      Join Date
      Oct 2015
      Location
      My nigthmare
      Posts
      20
      Thanks (-->)
      9
      Thanks (<--)
      3
      Quote Originally Posted by [GH]Rake View Post
      Great stuff, video tutorials are a noobs best friend
      I'm a noob and i feel offended.

      haahah, kidding, nice video tho!

    5. #4
      Newbie
      Learning to hack games!
       
      Feeling Normal
       
      Lidle's Avatar
      Join Date
      Dec 2015
      Posts
      10
      Thanks (-->)
      4
      Thanks (<--)
      0
      Would it be possible to make a trainer the changes the operation to nop using this logic? Sorry, new to hacking so not exactly how all the memory replacing works in programs but I am familiar with c++

    6. #5
      Newbie
      Just learning... haha
       
      Feeling Normal
       
      TooManyColor's Avatar
      Join Date
      Oct 2015
      Location
      Brazil
      Posts
      18
      Thanks (-->)
      3
      Thanks (<--)
      4
      Yeah, you can

    7. #6
      Newbie
      Learning to hack games!
       
      Feeling Normal
       
      Lidle's Avatar
      Join Date
      Dec 2015
      Posts
      10
      Thanks (-->)
      4
      Thanks (<--)
      0
      Quote Originally Posted by TooManyColor View Post
      Yeah, you can
      How would you go about doing that within the code, so far the only thing I found was to freeze is via an infinite loop and not actually changing the actual operation within the memory.

    8. #7
      Administrator
      Hacked By Jesus
       
      Reversing
       
      [GH]Rake's Avatar
      Join Date
      Jan 2014
      Location
      USA
      Posts
      3,596
      Thanks (-->)
      854
      Thanks (<--)
      1063
      Quote Originally Posted by Lidle View Post
      How would you go about doing that within the code, so far the only thing I found was to freeze is via an infinite loop and not actually changing the actual operation within the memory.
      All digital data is in binary, whether on the disk or in the memory. We use hexadecimal to represent the binary because the human brain is not capable of understanding binary in that volume.
      The code section that contains operations and the data section that contains variables are not any different. They are both data stored in memory as binary and we view them as hexadecimal bytes in in our debugging tools.

      The method you use to write to a variable address is the same method you will use to change an operation.

      Instructions of the x86 instruction set are like MOV, NOP, CMP etc...These are simply representations of the opcodes that humans can comprehend. The opcodes are just hexadecimal bytes of data that represent these instructions.
      Instructions can operate on 0, 1 or 2 operands. To change the functionality of an instruction you can write to the instruction or the operands. Each instruction requires a fixed # of bytes depending on the type of operands it will be operating on.

      If you want to write a NOP over an instruction you just look up the opcode at a website such as this:
      ( https://en.wikipedia.org/wiki/X86_instruction_listings ) and you will see that the byte in hexadecimal for that instruction is 0x90.

      Here is an example using No Recoil for AssaultCube


      WriteProcessMemory(hProcHandle, (LPVOID)(0x463786), "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90", 10, NULL);


      The instruction I wanted to disable had a fixed length of 10 bytes that I decided to NOP

      Be aware that code sections typically will not be allocated with "write access" so in order for you to use WriteProcessMemory you previously have to call OpenProcess in which you can give your application "PROCESS_ALL_ACCESS" or "PROCESS_VM_WRITE" permissions.
      https://msdn.microsoft.com/en-us/lib...(v=vs.85).aspx

      When working internally you will need to use VirtualProtect() to give yourself similar permissions

      ...should I sticky this?

    9. Thanks Lidle, Celmos thanked for this post
    10. #8
      Newbie
      Learning to hack games!
       
      Feeling Normal
       
      Lidle's Avatar
      Join Date
      Dec 2015
      Posts
      10
      Thanks (-->)
      4
      Thanks (<--)
      0
      Advertise on GuidedHacking
      Quote Originally Posted by [GH]Rake View Post
      All digital data is in binary, whether on the disk or in the memory. We use hexadecimal to represent the binary because the human brain is not capable of understanding binary in that volume.
      The code section that contains operations and the data section that contains variables are not any different. They are both data stored in memory as binary and we view them as hexadecimal bytes in in our debugging tools.

      The method you use to write to a variable address is the same method you will use to change an operation.

      Instructions of the x86 instruction set are like MOV, NOP, CMP etc...These are simply representations of the opcodes that humans can comprehend. The opcodes are just hexadecimal bytes of data that represent these instructions.
      Instructions can operate on 0, 1 or 2 operands. To change the functionality of an instruction you can write to the instruction or the operands. Each instruction requires a fixed # of bytes depending on the type of operands it will be operating on.

      If you want to write a NOP over an instruction you just look up the opcode at a website such as this:
      ( https://en.wikipedia.org/wiki/X86_instruction_listings ) and you will see that the byte in hexadecimal for that instruction is 0x90.

      Here is an example using No Recoil for AssaultCube


      WriteProcessMemory(hProcHandle, (LPVOID)(0x463786), "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90", 10, NULL);


      The instruction I wanted to disable had a fixed length of 10 bytes that I decided to NOP

      Be aware that code sections typically will not be allocated with "write access" so in order for you to use WriteProcessMemory you previously have to call OpenProcess in which you can give your application "PROCESS_ALL_ACCESS" or "PROCESS_VM_WRITE" permissions.
      https://msdn.microsoft.com/en-us/lib...(v=vs.85).aspx

      When working internally you will need to use VirtualProtect() to give yourself similar permissions

      ...should I sticky this?
      I think so because that helped me out a whole lot

    Similar Game Hacker Threads

    1. [Help] Offsets and CE value changing
      By xa84759x in forum Visual Basic
      Replies: 3
      Last Post: 01-30-2017, 06:24 AM
    2. [Help] Need help changing memory
      By RaZor1994 in forum Hacking Help
      Replies: 6
      Last Post: 01-12-2015, 08:09 PM
    3. Changing registers
      By danivegas in forum Hacking Help
      Replies: 6
      Last Post: 05-12-2013, 04:38 PM
    4. C# Changing ASM
      By baseball435 in forum Hacking Help
      Replies: 4
      Last Post: 08-29-2012, 01:40 PM