Video Tutorial How To Call Game Functions C++ x64dbg Hacking Tutorial #2

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

Traxin

Escobar Tier VIP
Dank Tier Donator
Aug 3, 2015
1,041
25,378
154
Here we go guys, part 2 of the How to Call Game Functions tutorial.
We're gonna be using, C++, Cheat Engine, x64dbg, IDA Pro to reverse engineer and hack Assault Cube. Showing you how to call the print to chat function from the game. Make sure you watch the first part of this tutorial!

Like the last video, We will reverse engineer the function prototypes using x64dbg and IDA Pro disassemblers and write a internal DLL hack that will call the functions by address when a key is pressed using a DLL injector. These really are fantastic tutorials if you want to be a pro game hacker someday and I hope you watch all of our videos.

Download the source code from the attachment.


Download x64DBG Debugger

Download the GuidedHacking Injector made by Broihon

Download Assault Cube

Attachment Virus Scan

Donate to GH if you like our videos:
Community - Consider donating!

Follow GuidedHacking!
https://facebook.com/guidedhacking
GuidedHa | Twitter
GuidedHacking is creating a community providing text and video tutorials on game hacking | Patreon
 

Attachments

Last edited by a moderator:

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,149
78,998
2,395
These are awesome Traxin thanks so much for making them and making GH awesome
 

ChrisB

Newbie
Full Member
May 14, 2017
41
173
1
Thanks for the tutorial. I tried to follow your steps as you did them but once we got to the part where we open x32dbg, attach it, and go to the address we got from cheatengine the stack at the bottom right did not include anything related to what was typed in the chat box. I tried many times but could not get this part to work for myself.
 

Traxin

Escobar Tier VIP
Dank Tier Donator
Aug 3, 2015
1,041
25,378
154
Thanks for the tutorial. I tried to follow your steps as you did them but once we got to the part where we open x32dbg, attach it, and go to the address we got from cheatengine the stack at the bottom right did not include anything related to what was typed in the chat box. I tried many times but could not get this part to work for myself.
All I can guess from this is that you've set the breakpoint at the incorrect location and should probably go back to Cheat Engine and try one of the other addresses you found.
It can be a bitch the first few times, especially if you're not very comfortable with reverse engineering. Simply looking at the debugger and all the information displayed can be kind of overwhelming at the beginning.
 

ChrisB

Newbie
Full Member
May 14, 2017
41
173
1
All I can guess from this is that you've set the breakpoint at the incorrect location and should probably go back to Cheat Engine and try one of the other addresses you found.
It can be a bitch the first few times, especially if you're not very comfortable with reverse engineering. Simply looking at the debugger and all the information displayed can be kind of overwhelming at the beginning.
Thanks for the reply, I will definitely give this another go tomorrow.

May I ask you another question? I don't want to derail your topic so feel free to ignore me or edit my question out of my post. But basically, I have a game where I edit the prices of items so I can buy them. This works fine but the addresses change ofcourse. I have tried things to find a static pointer (pointer scanner, what accesses, what writes..) but to no avail. What I did find was that the item prices have an offset of 0xD0 from oneanother, so item 1 for example was AE7D58B0 and item 2 AE7D5A50 etc. This remained true through every restart of the game, though I haven't found a way to make any of my findings useful. I really want to edit these values via dll injection.

Anyway, I will try and follow along with your video again tomorrow and let you know how it goes!
 

ChrisB

Newbie
Full Member
May 14, 2017
41
173
1
I have tried to follow again but i get stuck at the same part, I have tried to screenshot the relevant parts

So firstly I type in something and search, then find the relevant one:
https://i.imgur.com/ThNgkss.png

Then I add a breakpount after 0A and type something else
https://i.imgur.com/3xw8HPn.png

then I delete the cheatengine breakpoint and move to x32dbg and goto the address + toggle breakpoint (conveniently same address from the video)
https://i.imgur.com/1R7c7Fo.png

then my entire stack is here but nothing I typed it is in the stack
https://pastebin.com/0DH7zRFT
 

Traxin

Escobar Tier VIP
Dank Tier Donator
Aug 3, 2015
1,041
25,378
154
I don't know exactly what you did, but I do see something resembling a format string and what seem to be like some strings that are shown as the map is loading.
C++:
0018F728  004B2FC8  return to ac_client.004B2FC8 from ac_client.004BBA3B
0018F72C  0018F748  
0018F730  004ECE8C  "%s\\*.%s"
0018F734  00000000  
0018F738  0018F7A8  &"packages/maps/official"
0018F73C  004EC27C  "cgz"
0018F740  0018F908  
0018F744  00000004  
0018F748  0018F909  
0018F74C  00000103  
0018F750  0018F908  
0018F754  00000042  
0018F758  02952FC8  
0018F75C  77B0A3E3  return to ntdll.77B0A3E3 from ntdll.RtlFillMemoryUlong
0018F760  02952FD8  
0018F764  00000008  
0018F768  0018F784  
0018F76C  004B3008  return to ac_client.004B3008 from ac_client.004B2F3D
0018F770  0018F908  
0018F774  00000104  
0018F778  004ECE8C  "%s\\*.%s"
0018F77C  00000000  
0018F780  0018F7A8  &"packages/maps/official"
0018F784  0018FB30  
0018F788  0040CC48  return to ac_client.0040CC48 from ac_client.004B2FF0
0018F78C  0018F908  
0018F790  00000104  
0018F794  004ECE8C  "%s\\*.%s"
0018F798  0018F7A8  &"packages/maps/official"
0018F79C  0018FB4C  
0018F7A0  0047CF70  return to ac_client.0047CF70 from ac_client.0040CC30
0018F7A4  004ECE8C  "%s\\*.%s"
0018F7A8  004EC280  "packages/maps/official"
0018F7AC  004EC27C  "cgz"
0018F7B0  0018FB4C  
0018F7B4  004EC280  "packages/maps/official"
0018F7B8  0018FB30  
0018F7BC  004EC27C  "cgz"
Maybe hit F9 when you first break into the debugger and look at the stack. Maybe you'll see different messages being passed through each time it breaks.
 

ChrisB

Newbie
Full Member
May 14, 2017
41
173
1
Ah that could very well be it. When I attach the debugger it actually breaks instantly and I have to keep pressing continue over and over again until it looks like it's done, I don't know if I have some settings wrong or something. I find xDbg harder to use than olly and I'm not very good with olly either. Once I finish my current project I think I will jump back to assault cube and go through a lot of the tutorials again to get a firmer understanding of things.
 

VitexHD

Newbie
Full Member
Nobleman
Aug 23, 2017
93
478
2
Thanks for the tutorial. I tried to follow your steps as you did them but once we got to the part where we open x32dbg, attach it, and go to the address we got from cheatengine the stack at the bottom right did not include anything related to what was typed in the chat box. I tried many times but could not get this part to work for myself.
Exact same here, no idea.
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,149
78,998
2,395
Exact same here, no idea.
Just ignore this part and continue the tutorial, it's not even necessary he was just showcasing that the stack view area of x64dbg can be useful.
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods