Solved using the debugger to find addresses in C++

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

XtremeCoder

Newbie
Full Member
Jan 21, 2016
32
309
1
Hello
so in cheat engine [find out what addresses this instruction accesses] i know that it use debugger functionality
the problem is i don't know how to do it in C++ ? where do i start ? what should i do ?
can anyone please give me an example ... just an example
correct me if i said something wrong

C++:
int32_t WaitForDebugEvent = 0x21b14;

void fun_416f80(void** a1, void** a2, void** a3) {
    goto WaitForDebugEvent;
}
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,118
78,998
2,392
Hello
so in cheat engine [find out what addresses this instruction accesses] i know that it use debugger functionality
the problem is i don't know how to do it in C++ ? where do i start ? what should i do ?
can anyone please give me an example ... just an example
correct me if i said something wrong

C++:
int32_t WaitForDebugEvent = 0x21b14;

void fun_416f80(void** a1, void** a2, void** a3) {
    goto WaitForDebugEvent;
}
sounds like you want to write a debugger but if you just want to grab information out of that function you would use a hook

https://guidedhacking.com/threads/unity-game-hacking-guide-tutorials.12579/


C++:
bool Hook(char* src, char* dst, const intptr_t len)
{
    if (len < 5) return false;

    DWORD  curProtection;
    VirtualProtect(src, len, PAGE_EXECUTE_READWRITE, &curProtection);

    intptr_t  relativeAddress = (intptr_t)(dst - (intptr_t)src) - 5;

    *src = (char)'\xE9'; //truncation of constant values // "\xE9"
    *(intptr_t *)((intptr_t)src + 1) = relativeAddress;

    VirtualProtect(src, len, curProtection, &curProtection);
    return true;
}

char* TrampHook(char* src, char* dst, const intptr_t len)
{
    // Make sure the length is greater than 5
    if (len < 5) return 0;

    // Create the gateway (len + 5 for the overwritten bytes + the jmp)
    void* gateway = VirtualAlloc(0, len + 5, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);

    //Write the stolen bytes into the gateway
    memcpy(gateway, src, len);

    // Get the gateway to destination addy
    intptr_t  gatewayRelativeAddr = ((intptr_t)src - (intptr_t)gateway) - 5;

    // Add the jmp opcode to the end of the gateway
    *(char*)((intptr_t)gateway + len) = 0xE9; //truncation? 0xe9

    // Add the address to the jmp
    *(intptr_t *)((intptr_t)gateway + len + 1) = gatewayRelativeAddr;

    // Place the hook at the destination
    Hook(src, dst, len);

    return (char*)gateway;
}
 
Last edited:

XtremeCoder

Newbie
Full Member
Jan 21, 2016
32
309
1
i am not trying to do anything :D
that code i copied it after i decompiled one of that trainers written in c++ do what i want
i just watched in youtube video about C++ Mid Function Hooking/Codecaving and that what exactly what i want [the jump hack in that video has the same thing i need]
the problem is when i inject that dll to the unity game ... the game crash
 

Vocalor

Newbie
Full Member
Sep 13, 2016
9
74
0
try this one
C++:
int WaitForDebugEvent = 0x21b14;
typedef void(__thiscall*fun)(void** a1,void** a2,void** a3);
fun WFDE = (fun)WaitForDebugEvent;

WFDE(a1,a2,a3);
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods