Solved Using ReadProcessMemory function with Directx External Overlay

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

theoneandonly

Newbie
May 5, 2017
3
12
0
I'm very new to game hacking, it would be awesome if someone could guide me to the right direction. My goal is to draw stuff on a external overlay depending on what data has been read in. The game that i'm coding for is League of Legends.

So far I got this code to work https://guidedhacking.com/showthrea...External-Overlay-Working-For-Any-Game-Program.

I think i'm suppose to be using ReadProcessMemory() to do what I want.

I found this example of ReadProcessMemory.

C++:
DWORD pid;
 
GetWindowThreadProcessId(tWnd, &pid); //Get the process id and place it in pid
pHandle = OpenProcess(PROCESS_VM_READ, 0, pid); //Get permission to read
if (!pHandle) {
     break;
}
bAddr = GetBaseModule("minesweeper.exe", pid);
ReadProcessMemory(pHandle, (void*)(bAddr + CBASE_ADDR_POINTER), &CBASE_ADDR, sizeof(DWORD), NULL);

....

DWORD GetBaseModule(LPSTR lpModuleName, DWORD dwProcessId)
{
	MODULEENTRY32 lpModuleEntry = { 0 };
	HANDLE hSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwProcessId);
 
	if (!hSnapShot)
		return NULL;
	lpModuleEntry.dwSize = sizeof(lpModuleEntry);
	BOOL bModule = Module32First(hSnapShot, &lpModuleEntry);
	while (bModule)
	{
		if (!strcmp(lpModuleEntry.szModule, lpModuleName))
		{
			CloseHandle(hSnapShot);
			return (DWORD)lpModuleEntry.modBaseAddr;
		}
		bModule = Module32Next(hSnapShot, &lpModuleEntry);
	}
	CloseHandle(hSnapShot);
	return NULL;
}
My question is what is my baseAddress suppose to be? For example, if i want to highlight my enemies, how would I find the address for my enemies?
 

Traxin

Escobar Tier VIP
Dank Tier Donator
Aug 3, 2015
1,041
25,378
154
Here's a video be HexMurder as well that might help.
Tutorial - How to find an Entity List (Video)

How to find Entity List Assault Cube

Besides memory scanning you can reverse engineer which, usually takes longer, but you'll end up learning much more about how the internals of the game works and you'll uncover a lot more information that may or may not be useful for you later.
 
Last edited by a moderator:

theoneandonly

Newbie
May 5, 2017
3
12
0
Rake

I'm having trouble finding the entity list. I'm still left with about 60000 pointers after pattern scanning about 20 times.

Steps:
1. Scan for my health (float)
2. buy a health item
3. search for new value
4. Pattern scan for the address
5. Rescan memory by restarting the application and repeating the above steps

Is there a better way of finding the entity list than pattern scanning?
 

theoneandonly

Newbie
May 5, 2017
3
12
0
Here's a video be HexMurder as well that might help.
https://guidedhacking.com/showthread.php?8639-How-to-find-an-Entity-List-(Video)

Besides memory scanning you can reverse engineer which, usually takes longer, but you'll end up learning much more about how the internals of the game works and you'll uncover a lot more information that may or may not be useful for you later.
I watched almost all of the tutorials on this forum and pretty much understand most of it.

I picked the first pointer scan result out of the 60000 and it seems I got the base address for my player health. (i.e. the address is static and after restarting the application it will always point to the health). From this address i tried to find other useful information such as level, spells, etc.., by dissecting the data/structures, but failed to find anything useful.

I tried to use IDA to reverse engineer LoL.exe, but I can't seem to find the base address of the player when i search for it in IDA. I'm not sure if LoL has any obfuscated mechanism to prevent reverse engineering.
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,118
78,998
2,392
Don't use pointer scanner for this. I have explained this like 15 times, here is one thread I found in the EntityList Section :)
https://guidedhacking.com/showthrea...-the-entity-list&p=48668&viewfull=1#post48668

In that thread also Broihon says "why don't you just use a breakpoint and see how the game accesses the players via the entity list" and that's really the way to do it. Once you're reversing the game for a couple of weeks it all starts to make more sense as you identity more and more variables and functions. I wouldn't recommend learning hacking with LoL for the record :)
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods