Source Code Nether's C++ Memory Class V1.6

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

Nether

The Angel Of Verdun
Meme Tier VIP
Dank Tier Donator
Dec 11, 2013
293
3,738
16
Hey Guys,

here is my public memory class for C++, I do plan to release my polymorphic version but for now it will remain private due some external hacks being sold privately.

I have added a lot of comments to the code, although I haven't 100% tested every function on here as I did mass updates and only tested what I needed, If anyone finds any problems with the class let me know and ill update it :)

New Features:

Return Size Of External Int/Char arrays
Return Boolean Of Value Found/Not Found inside an array
AOB Scan can tell if there is wildcards at the start of your array ( although no one ever does that its just a safety net for beginners ) [ this version still scans each byte manually instead of reading paged memory regions ]

overall cleaner code, still no exception handling so just be careful how you use it, when i ultimately have free time and im bored ill update it if there is nothing else to do but i do have a lot of other work on right now


How To:

Rename "ProcMemH.txt to ProcMem.h"
Rename "ProcMemCPP.txt to ProcMem.cpp"
Move files into your project folder

Initialize

C++:
Credits:
  
Fleep - Provided Method For Hotkeys To Activate Only Once When Pushed.
AgentSmith - Opened My Eyes To A Lot Of Things I Was Doing Wrong And Steered Me In The Right Direction.
NTValk - Helped Me When I Posted For Help On GH (Was Awhile Ago, Still Deserves Credit As This Has Been A Journey Of Learning And Everything Helps).
Agent Smith - Provided Me With Some Very Useful Pages For Learning And Helped Me Get A Better Understanding Of The Language.
Random Posts On GuidedHacking From Members, I Was Able To Pick Up A Few Things From These Threads/Posts.
Everyone At GuidedHacking Who Supported Me.
  
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
  
Features:
  
Read & Write Memory (Pointer Support)
AOB Scan - Scan An Area Of Memory For An Address With Specific Bytes
Patch - Patch OpCodes
Code Injection - Allocate A Random Area Of Memory To Write A Jmp/Call (Codecave)
  
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
  
Usage:
  
//Declarations
ProcMem mem; //Declare Class Object
mem.GetProcess("Process.exe");//Declare Game
DWORD Base = mem.Module("client.dll") ;//Get Module Base Of Client.dll
  
//Basic Memory Functions
mem.Read<int>(0x76999A1); //Basic Read Memory (You Must Declare What Type/Size Of Data You Are Reading <short> | <2> etc)
mem.Read<int>(Base+0x3699B); //Process.exe+0x3699B (Using Base)
mem.Write<int>(0x76999A1, 1337); //Basic Write
mem.Write<float>(Base+0x3699B, 13.37); //Example Of Writing A <float>
  
//Pointer Memory Functions
mem.Read<int>(0x76999A1, "\x2C\x5B\*", true); //Input Offsets In Order As Char* | ATTENTION: MUST ALWAYS Put '*' At The End Of Your Array (true)RETURNS THE ADDRESS
mem.Read<int>(Base+0x3699B, "\x2C\x5B\*", false); //(false)RETURNS THE VALUE
mem.Write<int>(Base+0x3699B, "\x2C\x5B\*", 1337);
 
//Patch Memory Function
mem.Patch(0x76999A1, "\x90\x90\x90\*", "\x4B\x0\x8F\*"); //Input The Bytes You Want To Patch And Also The Default Bytes
mem.Patch(Base+0x3699B, "\x90\x90\x90\*", "\x4B\x0\x8F\*"); //Process.exe+0x3699B (Using Base)
  
//AOB Scan Function
DWORD dwAOBAddress = mem.AOB_Scan(0x76999A1, 0x76999C1, "\x8B\x3C\x28\xDD\*", true); //Start Scan At Address 0x76999A1 And Read Every Byte From There To 0x76999C1, Looking For Char* Array (Returns Address)
DWORD dwAOBAddress1 = mem.AOB_Scan(Base+0x6999A1, Base+0x6999C1, "\x8B\x3C\x28\xDD\*", false); //false = Returns Address After Searched Bytes
mem.Write<int>(AOBAddress, 1337); //Example Of Usage
mem.Write<int>(AOBAddress1, 1337); //Example Of Usage
  
//AOB Scan With Pointers
DWORD dwStartAddy = mem.readP<int>(0x76999A1, "\x2C\x5B\*", false);
DWORD dwEndAddy = mem.readP<int>(0x76999A1, "\xB2\x68\x8B\*", false);
DWORD dwAOBAddress = mem.AOB_Scan(StartAddy, EndAddy, "\x8B\x3C\x28\xDD\*", true);
  
//Code Injection Function (Codecave)
mem.Inject(Base+0x1C8B39, "\xC7\x86\x84\x1\x0\x0\x0\x0\x0\x0\*", "\x89\xBE\x84\x1\x0\x0\*", true); //Input Bytes To Write/Inject Followed By The Default Bytes At The Address (Use CE AA Script To Get Bytes) (true = JMP)
mem.Inject(0x38B39, "\xC7\x86\x84\x1\x0\x0\x0\x0\x0\x0\*", "\x89\xBE\x84\x1\x0\x0\*", false); //Call Jmp Function (false) [Has Not Been Fully Tested]
  
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
  
Notes:
  
Compile As Release
When Compiling Check You Are Building The Correct Build (x64 | x32) For The Target Process.
Do Not Have 2x Inject Functions In A Row (They Will Conflict), Have Them In Seperate Statements.
When Using The Patch Or Inject Function, Have Them Set To A Hotkey So You Can Turn On/Off.
You Can Use Pointers With The AOB Scan/Patch/Inject Functions, Adapt The AOB Scan Example For Others.
I Aim To Release A Tutorial For Creating A Memory Class Before Moving Onto Creating Dll's - Still Have Few More Updates For This Class (Mainly Comments + Code Improvments).
 

Attachments

Last edited by a moderator:

Crazywink

Hacker
Meme Tier VIP
Dank Tier Donator
Jul 18, 2012
626
4,613
17
Beautiful, thanks for the share Nether. :) Approved.
 

MJZombieMan

Newbie
Full Member
Jul 7, 2014
11
418
0
This is awesome! Thanks! I like the object oriented programming. I suck at conceptualizing objects, it's like a brain barrier haha. But this will make code much cleaner!

What is different with the polymorphic version? How does that work? I've never been 100% clear on polymorphism.
 

TYPEX

Coder
Full Member
Nobleman
Aug 28, 2013
101
573
0
This is awesome! Thanks! I like the object oriented programming. I suck at conceptualizing objects, it's like a brain barrier haha. But this will make code much cleaner!

What is different with the polymorphic version? How does that work? I've never been 100% clear on polymorphism.
Polymorphism is the ability of the derived class to share common functionality with the base class, but it still defines its unique behavior.
It allows an object of the derived class to be treated as an object of the base class. When the function is called in runtime, it finds his type and the appropriate function is called from the derived class.
 

Nether

The Angel Of Verdun
Meme Tier VIP
Dank Tier Donator
Dec 11, 2013
293
3,738
16
You need to change your character set to Multi-Byte: Project> Property Pages>Configuration Properties>General>Character Set = Use Multi-Byte Character Set
 

Nether

The Angel Of Verdun
Meme Tier VIP
Dank Tier Donator
Dec 11, 2013
293
3,738
16
C++:
Credits:
 
Fleep - Provided Method For Hotkeys To Activate Only Once When Pushed.
AgentSmith - Opened My Eyes To A Lot Of Things I Was Doing Wrong And Steered Me In The Right Direction.
NTValk - Helped Me When I Posted For Help On GH (Was Awhile Ago, Still Deserves Credit As This Has Been A Journey Of Learning And Everything Helps).
Agent Smith - Provided Me With Some Very Useful Pages For Learning And Helped Me Get A Better Understanding Of The Language.
Random Posts On GuidedHacking From Members, I Was Able To Pick Up A Few Things From These Threads/Posts.
Everyone At GuidedHacking Who Supported Me.
 
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
 
Features:
 
Read & Write Memory (Pointer Support)
AOB Scan - Scan An Area Of Memory For An Address With Specific Bytes
Patch - Patch OpCodes
Code Injection - Allocate A Random Area Of Memory To Write A Jmp/Call (Codecave)
 
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
 
Usage:
 
//Declarations
ProcMem mem; //Declare Class Object
mem.GetProcess("Process.exe");//Declare Game
DWORD Base = mem.Module("client.dll") ;//Get Module Base Of Client.dll
 
//Basic Memory Functions
mem.Read<int>(0x76999A1); //Basic Read Memory (You Must Declare What Type/Size Of Data You Are Reading <short> | <2> etc)
mem.Read<int>(Base+0x3699B); //Process.exe+0x3699B (Using Base)
mem.Write<int>(0x76999A1, 1337); //Basic Write
mem.Write<float>(Base+0x3699B, 13.37); //Example Of Writing A <float>
 
//Pointer Memory Functions
mem.Read<int>(0x76999A1, "\x2C\x5B\*", true); //Input Offsets In Order As Char* | ATTENTION: MUST ALWAYS Put '*' At The End Of Your Array (true)RETURNS THE ADDRESS
mem.Read<int>(Base+0x3699B, "\x2C\x5B\*", false); //(false)RETURNS THE VALUE
mem.Write<int>(Base+0x3699B, "\x2C\x5B\*", 1337);

//Patch Memory Function
mem.Patch(0x76999A1, "\x90\x90\x90\*", "\x4B\x0\x8F\*"); //Input The Bytes You Want To Patch And Also The Default Bytes
mem.Patch(Base+0x3699B, "\x90\x90\x90\*", "\x4B\x0\x8F\*"); //Process.exe+0x3699B (Using Base)
 
//AOB Scan Function
DWORD dwAOBAddress = mem.AOB_Scan(0x76999A1, 0x76999C1, "\x8B\x3C\x28\xDD\*", true); //Start Scan At Address 0x76999A1 And Read Every Byte From There To 0x76999C1, Looking For Char* Array (Returns Address)
DWORD dwAOBAddress1 = mem.AOB_Scan(Base+0x6999A1, Base+0x6999C1, "\x8B\x3C\x28\xDD\*", false); //false = Returns Address After Searched Bytes
mem.Write<int>(AOBAddress, 1337); //Example Of Usage
mem.Write<int>(AOBAddress1, 1337); //Example Of Usage
 
//AOB Scan With Pointers
DWORD dwStartAddy = mem.readP<int>(0x76999A1, "\x2C\x5B\*", false);
DWORD dwEndAddy = mem.readP<int>(0x76999A1, "\xB2\x68\x8B\*", false);
DWORD dwAOBAddress = mem.AOB_Scan(StartAddy, EndAddy, "\x8B\x3C\x28\xDD\*", true);
 
//Code Injection Function (Codecave)
mem.Inject(Base+0x1C8B39, "\xC7\x86\x84\x1\x0\x0\x0\x0\x0\x0\*", "\x89\xBE\x84\x1\x0\x0\*", true); //Input Bytes To Write/Inject Followed By The Default Bytes At The Address (Use CE AA Script To Get Bytes) (true = JMP)
mem.Inject(0x38B39, "\xC7\x86\x84\x1\x0\x0\x0\x0\x0\x0\*", "\x89\xBE\x84\x1\x0\x0\*", false); //Call Jmp Function (false) [Has Not Been Fully Tested]
 
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
 
Notes:
 
Compile As Release
When Compiling Check You Are Building The Correct Build (x64 | x32) For The Target Process.
Do Not Have 2x Inject Functions In A Row (They Will Conflict), Have Them In Seperate Statements.
When Using The Patch Or Inject Function, Have Them Set To A Hotkey So You Can Turn On/Off.
You Can Use Pointers With The AOB Scan/Patch/Inject Functions, Adapt The AOB Scan Example For Others.
I Aim To Release A Tutorial For Creating A Memory Class Before Moving Onto Creating Dll's - Still Have Few More Updates For This Class (Mainly Comments + Code Improvments).
Agent Smith - can you replace the code in the first post with this, Ill add more documentation later :)
 
Last edited:

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,093
78,998
2,372
C++:
#include "ProcMem.h"
 
ProcMem mem;
 
using namespace std;
 
int main()
{
//now you can use the object mem to access all the functions inside ProcMem
mem.Process("csgo.exe");
DWORD Base = mem.Module("client.dll");
 
mem.write<int>(Base+0x1337, 9999); //so if health is at client.dll+1337 you have just set it to 9999, easy :)
mem.write<int>(Base+0x1337, "\x5F\x2A\x6F\*", 55); // just wrote 55 to a pointer using the base
return 0;
}
@Agent Smith - can you replace the code in the first post with this, Ill add more documentation later :)
Done. :)
 

chargerfox

Newbie
Jul 15, 2014
2
102
0
Thanks for your class, I was very useful, but I have a problem, I think I'm doing something wrong:

C++:
            float ptr = mem.Read<float>(0x165fc68,"\x20\*",true); //0x165fc68 is a POINTER
			char str[10];
			sprintf(str, "%f", ptr);
			// when run dll, ptr is = 0.0000
Sin título-2.jpg Sin título-22.jpg

When Inject the .dll the variable ptr is 0, With other addresses I have had no problems. 0x165fc68 is a pointer, no an address, that is wrong?
Sorry for my English. Spanish better.

THANKS AGAIN.
 

Nether

The Angel Of Verdun
Meme Tier VIP
Dank Tier Donator
Dec 11, 2013
293
3,738
16
Thanks for your class, I was very useful, but I have a problem, I think I'm doing something wrong:

C++:
            float ptr = mem.Read<float>(0x165fc68,"\x20\*",true); //0x165fc68 is a POINTER
			char str[10];
			sprintf(str, "%f", ptr);
			// when run dll, ptr is = 0.0000
View attachment 2721View attachment 2722

When Inject the .dll the variable ptr is 0, With other addresses I have had no problems. 0x165fc68 is a pointer, no an address, that is wrong?
Sorry for my English. Spanish better.

THANKS AGAIN.
because this is not meant for dll injection and if its just one pointer level you need to do .

C++:
float ptr = mem.Read<float>(0x165fc68 + 0x20); //0x165fc68 is a POINTER
but internally:

C++:
float ptr = *(int*)(0x165fc68 + 0x20)
 

chargerfox

Newbie
Jul 15, 2014
2
102
0
Then is not posible read a pointer + 1 offset? Is there any way ? THANKS for reply, and thanks for you patience.
 

Nether

The Angel Of Verdun
Meme Tier VIP
Dank Tier Donator
Dec 11, 2013
293
3,738
16
Then is not posible read a pointer + 1 offset? Is there any way ? THANKS for reply, and thanks for you patience.
well ofc there is use your head, or at least give an example of what your trying to do... :facepalm:
 

Luciz

Coder
Dank Tier Donator
Nobleman
Jul 10, 2014
101
458
3
Uh, I'm confused. When I do
C++:
ProcMem Mem;
for some reason I can't use
C++:
Mem.GetProcess();
EDIT: Found out it was
C++:
Mem.Process();
But now I wonder, how would I make this using the Memory Class?
C++:
ReadProcessMemory (fProcess.HandleProcess, (PBYTE*)(CLocalPlayer + dw_Pos), &Position, sizeof(float[3]), 0);
 
Last edited:

Nether

The Angel Of Verdun
Meme Tier VIP
Dank Tier Donator
Dec 11, 2013
293
3,738
16
Uh, I'm confused. When I do
C++:
ProcMem Mem;
for some reason I can't use
C++:
Mem.GetProcess();
EDIT: Found out it was
C++:
Mem.Process();
But now I wonder, how would I make this using the Memory Class?
C++:
ReadProcessMemory (fProcess.HandleProcess, (PBYTE*)(CLocalPlayer + dw_Pos), &Position, sizeof(float[3]), 0);

C++:
Mem.Process("csgo.exe");
DWORD dwClient = Mem.Module("client.dll");
DWORD dwLocalBase = Mem.Read<DWORD>(dwClient + 0x9DF024);
float fPosX = Mem.Read<float>(dwLocalBase + 0x134);
 

Luciz

Coder
Dank Tier Donator
Nobleman
Jul 10, 2014
101
458
3
Just paste the error no need to make a screenshot, its hard to read.
Okay then :p

C++:
Error	1	error LNK2019: unresolved external symbol "public: __thiscall ProcMem::ProcMem(void)" (??0ProcMem@@QAE@XZ) referenced in function "void __cdecl `dynamic initializer for 'Mem''(void)" (??__EMem@@YAXXZ)	C:\Users\Lucas\Documents\Visual Studio 2013\Projects\CSGO Trigger\CSGO Trigger\Main.obj
Error	2	error LNK2019: unresolved external symbol "public: __thiscall ProcMem::~ProcMem(void)" (??1ProcMem@@QAE@XZ) referenced in function "void __cdecl `dynamic atexit destructor for 'Mem''(void)" (??__FMem@@YAXXZ)	C:\Users\Lucas\Documents\Visual Studio 2013\Projects\CSGO Trigger\CSGO Trigger\Main.obj
Error	3	error LNK2019: unresolved external symbol "public: virtual unsigned long __thiscall ProcMem::Module(char *)" (?Module@ProcMem@@UAEKPAD@Z) referenced in function "void __cdecl `dynamic initializer for 'Client''(void)" (??__EClient@@YAXXZ)	C:\Users\Lucas\Documents\Visual Studio 2013\Projects\CSGO Trigger\CSGO Trigger\Main.obj
 

Nether

The Angel Of Verdun
Meme Tier VIP
Dank Tier Donator
Dec 11, 2013
293
3,738
16
Okay then :p

C++:
Error	1	error LNK2019: unresolved external symbol "public: __thiscall ProcMem::ProcMem(void)" (??0ProcMem@@QAE@XZ) referenced in function "void __cdecl `dynamic initializer for 'Mem''(void)" (??__EMem@@YAXXZ)	C:\Users\Lucas\Documents\Visual Studio 2013\Projects\CSGO Trigger\CSGO Trigger\Main.obj
Error	2	error LNK2019: unresolved external symbol "public: __thiscall ProcMem::~ProcMem(void)" (??1ProcMem@@QAE@XZ) referenced in function "void __cdecl `dynamic atexit destructor for 'Mem''(void)" (??__FMem@@YAXXZ)	C:\Users\Lucas\Documents\Visual Studio 2013\Projects\CSGO Trigger\CSGO Trigger\Main.obj
Error	3	error LNK2019: unresolved external symbol "public: virtual unsigned long __thiscall ProcMem::Module(char *)" (?Module@ProcMem@@UAEKPAD@Z) referenced in function "void __cdecl `dynamic initializer for 'Client''(void)" (??__EClient@@YAXXZ)	C:\Users\Lucas\Documents\Visual Studio 2013\Projects\CSGO Trigger\CSGO Trigger\Main.obj
you must of not declared procmem correctly in the cpp file, or you removed some function names or renamed them incorrectly.
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods