Solved DLL Hack

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

zoratz

Jr.Coder
Dank Tier Donator
Nobleman
Jul 22, 2013
81
838
2
Hey guys, i'm trying to get around DLL hacking, step by step.. Because Fleep's tutorial about it, doesn't clear my head.

So, i created a new project like this:
Win32 Console Application -> DLL / Empty project
And put this code:
C++:
#include <iostream>
#include <Windows.h>
#include <string>
#include <ctime>
using namespace std;

string Nops[] = {
	"\x90",
	"\x90\x90",
	"\x90\x90\x90",
	"\x90\x90\x90\x90"
};

// ------------- AMMO SETTINGS ------------//
bool AmmoStatus;                           //
char AmmoOpCode[] = "/xFF/x06";            //
char AmmoDefaultOpCode[] = "\xFF\x0E";     //
DWORD AmmoAddress = 0x4637E9;              //
// ----------------------------------------//

void WriteToMemory(DWORD addressToWrite, char* valueToWrite, int byteNum)
		{
			unsigned long OldProtection;

			VirtualProtect((LPVOID)(addressToWrite), byteNum, PAGE_EXECUTE_READWRITE, &OldProtection);
			 
			memcpy( (LPVOID)addressToWrite, valueToWrite, byteNum);

			VirtualProtect((LPVOID)(addressToWrite), byteNum, OldProtection, NULL);
		}

int Hacks(){
	int GameAvailTMR = clock();
	bool IsGameAvail = true;
	bool ammoStatus = true;

	MessageBoxA(NULL, "Hacks",  "Hacks", NULL);
	
	while(!GetAsyncKeyState(VK_INSERT)){
		MessageBoxA(NULL, "WHILE",  "WHILE", NULL);
		if(clock() - OnePressTMR > 400 && IsGameAvail){
			MessageBoxA(NULL, "IF CLOCK",  "IF CLOCK", NULL);
			if(GetAsyncKeyState(VK_F1)){
				MessageBoxA(NULL, "IF F1",  "IF F1", NULL);
				OnePressTMR = clock();
				if(ammoStatus){
					MessageBoxA(NULL, "AMMOSTATUS",  "AMMOSTATUS", NULL);
					WriteToMemory(AmmoAddress, AmmoOpCode, 2);
					ammoStatus = false;
					break;
				}else{
					MessageBoxA(NULL, "ELSE",  "ELSE", NULL);
					WriteToMemory(AmmoAddress, AmmoDefaultOpCode, 2);
					ammoStatus = true;
					break;
				}
			}
		}
	}

	return 0;
}

DWORD WINAPI Main_thread( LPVOID lpParam )
{
	MessageBoxA(NULL, "ATTACHED",  "ATTACHED", NULL);
	Hacks();
    return S_OK;
}

BOOL APIENTRY DllMain( HMODULE hModule,
                       DWORD  _reason,
                       LPVOID lpReserved
					  )
{
	if (_reason == DLL_PROCESS_ATTACH)
	{
		CreateThread(0, 0x1000, &Main_thread, 0, 0, NULL);
	}
	return TRUE;
}
It inject sucessfully and changed the code OK (i guess). However, when I shoot (left-clicking) pops up an error and crashes:
AssaultCube fatal error

Win32 Exception: 0xc0000005 [0x7c]

()
Now, what i'm doing wrong and how to fix it?
 
Last edited:

zoratz

Jr.Coder
Dank Tier Donator
Nobleman
Jul 22, 2013
81
838
2
C++:
char AmmoOpCode[] = "/xFF/x06";
char AmmoDefaultOpCode[] = "\xFF\x0E";
I found the error.. It's not the common bar "/", it's the inversed one "\".. So, I come to another question.

[1] Why it only works with \ and not with /?

[2] The 'while' loop makes the game super laggy. How can I fiz that?



------------ UPDATE ------------

[2] I fixed the LAG bug with : Sleep(25). Is there another option?
 
Last edited:

TastyHorror

Coder
Dank Tier Donator
Nobleman
Oct 11, 2012
179
2,268
8
To answer your question specifically...you would need to create an external hack to create that "console application", as far as I am aware.

However, there are possible ways to create a console with a DLL hack...
 

Liduen

Hacker
Dank Tier VIP
May 19, 2013
702
8,478
33
C++:
AllocConsole();
AttachConsole(GetProcessId(hModule));
SetConsoleTitle(L"1337 hack");
 

zoratz

Jr.Coder
Dank Tier Donator
Nobleman
Jul 22, 2013
81
838
2
C++:
AllocConsole();
AttachConsole(GetProcessId(hModule));
SetConsoleTitle(L"1337 hack");
I tested it out with this code:
C++:
LPCSTR GameWindow = "AssaultCube";
	HWND hGameWindow = NULL;
	DWORD proc_id;
	hGameWindow = FindWindow( NULL, GameWindow);
	GetWindowThreadProcessId(hGameWindow, &proc_id);
	AllocConsole();
	AttachConsole(proc_id);
	SetConsoleTitle("1337 hack");
	if(proc_id){
		MessageBoxA(NULL, "Attached", "Attached", NULL);
	}else{
		MessageBoxA(NULL, "NOT Attached", "NOT Attached", NULL);
	}
The "Attached" message box did pop up..
But, i'm not able to write to the console with:
C++:
std::cout << "Assault Cube Hack" << std::endl;
or anything else..
 
Last edited:

Liduen

Hacker
Dank Tier VIP
May 19, 2013
702
8,478
33
Is the console window even showing up?
Use
C++:
_cprintf("%s \n", "1337 hack");
to write into console.
 

zoratz

Jr.Coder
Dank Tier Donator
Nobleman
Jul 22, 2013
81
838
2
Is the console window even showing up?.
The console does open, but i'm not able to write to it.
z5gr.jpg


Use
C++:
_cprintf("%s \n", "1337 hack");
to write into console.
Well, i think that's C or C# code.. I'm using C++..
The 'cprintf' does not work for me, and says its 'undeclared'.
I tryed including <stdio.h>, but didn't work too.
 
Last edited:

Liduen

Hacker
Dank Tier VIP
May 19, 2013
702
8,478
33
The console does open, but i'm not able to write to it.
View attachment 2648



Well, i think that's C or C# code.. I'm using C++..
The 'cprintf' does not work for me, and says its 'undeclared'.
I tryed including <stdio.h>, but didn't work too.
C++:
#include <conio.h>
I used it in my own dll hack, also in C++, so it definitely works.
 

zoratz

Jr.Coder
Dank Tier Donator
Nobleman
Jul 22, 2013
81
838
2
C++:
#include <conio.h>
I used it in my own dll hack, also in C++, so it definitely works.
Thanks a lot man.. It worked!!!

Do you have any ideia why 'std::cout' doesn't work?

Oh, and how can I close the console and/or detach it when I leave the loop?


--------------------- UPDATE --------------------

I found on the internet how to use cout with AllocConsole():
C++:
AllocConsole();
freopen("CONOUT$", "w", stdout);
std::cout << "This works" << std::endl;
It has worked for me...

I'm still working on the code closing the console and dettaching the process..

--------------------- UPDATE 2 --------------------

Got it, how to close the console:
C++:
FreeConsole();
 
Last edited:

zoratz

Jr.Coder
Dank Tier Donator
Nobleman
Jul 22, 2013
81
838
2
I updated to VS2013.

When I try to have a newline by using either 'std::endl' or printf("\n"), it inputs 2 characters to the console instead of the real newline.

Why is that?
 

foildream

Newbie
Aug 4, 2014
1
102
0
Most likely because you are compiling the application in Unicode mode, where each "character" is represented by 2 bytes (16 bits), and the console itself is a multi-byte program where each character is represented by a single byte (8 bits) therefore the character you think you're inserting is actually two... Check your project settings and alter any console program to be "Multi-byte".
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods