Solved Question about C++ trainer for assaultcube

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

lluk12

Newbie
Jan 12, 2014
2
102
0
Hey everyone!
First of all, thanks to Fleep for his amazing tutorials :D
Ok, so I have a question about one of his codes. In this tutorial: https://www.youtube.com/watch?v=A_MrrAo8uLk he shows a code which has this part:

C++:
//Ammo Vars

bool AmmoStatus;
BYTE AmmoValue[] = {0xA3, 0x1C, 0x0, 0x0};
DWORD AmmoBaseAdress = {0x54EED484};
DWORD AmmoOffsets[] = {0x4AC};

//Health Vars
bool HealthStatus;
BYTE HealthValue[] = {0x39, 0x5, 0x0, 0x0};
DWORD HealthBaseAdress = {0x00509B74};
DWORD HealthOffsets[] = {0xF8};
I have a question about the: HealthValue [ ] and AmmoValue[ ] variables.
Anyone knows what do they do? The two variables are used here:

C++:
DWORD AmmoAdressToWrite= FindDmaAddy(1, hProcHandle, AmmoOffsets, AmmoBaseAdress);
WriteProcessMemory(hProcHandle,(BYTE*) AmmoAdressToWrite, &AmmoValue, sizeof(AmmoValue), NULL);
So by the name I suppose that they are the values which are going to replace the original values but I can't understand what this means: {0x39, 0x5, 0x0, 0x0};
anyone could explain??

Thanks!!


EDIT: Ok, so I have seen that I also have a problem when implementing the code to Counter Strike Source, I can open the game and get the processId but when I turn on the hack (after having found the base adress and offset) It's not working... but if I freeze the base adress with CE it's working, I can't understand why :/
 
Last edited:

Spamer

Banned
Silenced
Feb 3, 2014
29
157
0
BYTE HealthValue[] = {0x39, 0x5, 0x0, 0x0}; , I think that this is values of 4 bytes , " written backwards " I don't know actually why it needs to be backwards ,so try to do so
1)Open Windows calculator
2)press ALT+3
3)Set it to HEX
4)type 539
5)Set it to DEC
6)See numbers 1337

The same thing is with the ammo BYTE AmmoValue[] = {0xA3, 0x1C, 0x0, 0x0};
convert hex 1CA3 to dec
But I don't know why they need to be written to memory backwards , I only know that there is 2 models of memory big endian , and little endian ..


Actually I think all the values could be set to 0xFF,0xFF,0x00,0x00 , but we don't need such great values FFFF - 65535 max value of unsigned int
 
Last edited:
  • Like
Reactions: Knightscout

SASteve

Newbie
Feb 6, 2014
3
374
0
Fleep edited this in one of his videos' description:

These numbers are simply a conversion of the number we want put into our ammo/health for example:
BYTE HealthValue[] ={0x39,0x5,0x0,0x0};
if you convert the number 1337 into hexadecimal, then you get 539. So by moving the 5 to the end we can write 1337 into our health stash. The same applies to the ammo if you use your Windows calculator and convert 7331 into hexadecimal you get 1CA3. But because we also need to break the hexadecimal value into four bytes to be able to write down into the memory it becomes.
BYTE AmmoValue[] = {0xA3,0x1C,0x0,0x0};
That's just how the conversion goes.
I apologise I should have explained this a bit better in the tutorial, Hope that clears it up.
 

Spamer

Banned
Silenced
Feb 3, 2014
29
157
0
So by moving the 5 to the end we can write 1337 into our health stash

But why ? ... why we need to write it backwards ? I suppose that if we write like 0x5,0x39,0x0,0x0 we shall get 917 , I suppose that memory structure is so but why it is needed to be so ..
The question is , why it is needed to be written as it is written, strange memory ... 0xFF,0xFF,0x0,0x0 will satisfy everybody >< :rolleyes: never mind
 

till0sch

Respected Hacker
Dank Tier VIP
Dank Tier Donator
Oct 14, 2012
1,104
12,593
51
So you're wondering why 1337 == {0x39,0x5,0x0,0x0} ?

EDIT: seems so but as you already said you have to mind the endians. Write 1337 to an address and view it in dump, then you'll see that it's stored exactly in that order. You could also just do this:

DWORD val = 1337;
WriteProcessMemory ( pHandle, (LPCVOID) address, &val, 4, 0);

This would also result in writing val (1337) to address in process with pHandle and write 4 bytes. It's just another.. type of expressing 1337..
 
Last edited:

Spamer

Banned
Silenced
Feb 3, 2014
29
157
0
So you're wondering why 1337 == {0x39,0x5,0x0,0x0} ?

EDIT: seems so but as you already said you have to mind the endians. Write 1337 to an address and view it in dump, then you'll see that it's stored exactly in that order. You could also just do this:

DWORD val = 1337;
WriteProcessMemory ( pHandle, (LPCVOID) address, &val, 4, 0);

This would also result in writing val (1337) to address in process with pHandle and write 4 bytes. It's just another.. type of expressing 1337..
Yep I thought about the same .. to write it like 1337 "directly" as you , not to have this headache with HEX , but as I know true hackers prefer HEX =)) ( rumors )
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods