Vince Coding
Would you like to react to this message? Create an account in a few clicks or log in to continue.
Vince Coding

Where I put tutorials that I think will help me in the future.


Coding in C++

Vince Coding :: Coding Tutorials :: Coding Tutorials

Go down

Coding in C++ Empty Coding in C++

Post  Admin Sat Jun 18, 2011 8:02 pm

Hello I'm gonna show you all how to make a simple trainer in C++.

Setup
Now we're gonna create our project.

Go to File -> New -> New project -> Win32 Project.
Call the project TwistTut for this tutorial.

After you've done that you should see an application wizard.
Click next.
Click DLL On application type.
And on additonal options click Empty Project.
Now you can click Finish.

Creating Files
Right click Header Files -> Add -> New Item -> Windows form.
Call it Form1 for this tutorial.
You should see a pop-up asking you something, just click yes.


You should see 2 files now, Form1.h and Form1.cpp.
If you wanna keep your source neat and good-looking move the .cpp file to source files by drag n dropping it.

Form1.h
Right click Form1.h in your solution explorer and click View Code.
On the first line add
Code:
#include <Windows.h>
Form1.cpp
Double click Form1.cpp to open it, there's really just 1 line there and thats the line that includes the .h file.
On the first line in Form1.cpp type
Code:

#include <Windows.h>
And this under the includes.
Code:
using namespace TwistTut;
Now we're gonna add the main function that will be declared later in the MainDLL part.
Code:
void Main(void)
{
    Application::EnableVisualStyles();
    Application::SetCompatibleTextRenderingDefault(false);
    Application::Run(gcnew Form1); //change Form1 this to the name of your Form
    Application::Exit();
}
Making the DLL

Now right click Source files -> Add -> New Item -> C++ File.
Call it MainDLL for this Tutorial.

MainDLL
Now we're finally gonna create the .dll!
on the first line of MainDLL.cpp add this:
Code:
#include <Windows.h>
Add this to the second line
Code:
extern void Main(void);
That points out the main function in Form1.cpp we made.

And in the third line, add this:
Code:
::BOOL WINAPI DllWork ( __in ::HMODULE hModule )
{
    Main();
    return true;
}
This is what will make it a .dll
Now, the last part of the code in MainDLL.cpp
Code:
::BOOL WINAPI DllMain ( __in ::HMODULE hModule, __in ::DWORD dwReason, __in __reserved ::LPVOID lpvReserved )
{
    ::HANDLE hThread = NULL;

    if ( dwReason == DLL_PROCESS_ATTACH )
    {
        if (( hThread = ::CreateThread(NULL, 0, (::LPTHREAD_START_ROUTINE)&DllWork, (::HMODULE)hModule, 0, NULL) ) == NULL )
        {
            return FALSE;
        }
        if ( ::CloseHandle(hThread) == FALSE )
        {
                      //do nothing
        }
    }
    return TRUE;
}
This part makes it injectable, and gets auto-called when injected.

Moment of truth Very Happy
Change Debug on top of your Visual Studio to Release.
Now ontop of your Visual Studio Click build -> Build solution.
If you did all of this right you should get this:
========== Build: 1 succeeded, 0 failed, 0 up-to-date, 0 skipped ==========

Now you can try injecting it, locate the DLL by going Docs -> Visual Studio -> Projects -> TwistTut -> Release -> DLL.
Adding A Hack.
So, now we're gonna add a hack to our form.
Double click Form1.h to get to the design.
In the top right corner you should see a toolbox, click it.
find checkBox, drag it to your form and drop it.
Now double click it, you should be redirected to Form1.h
You should see this:

Code:
private: System::Void checkBox1_CheckedChanged(System::Object^  sender, System::EventArgs^  e) {
            }
    };
}
Remove the { next to the ) and add a ;
Remove the } Under it.
So it looks like this.
Code:
private: System::Void checkBox1_CheckedChanged(System::Object^  sender, System::EventArgs^  e);
           
    };
}
Now lets go to Form1.cpp and add a hack, FINALLY.
We're gonna use a script called Super Tubi. (eMS v70)
Code:
[Enable]
//v70
00488083: //75 36 83 7C 24 0C 00 75 19 8B 86 ?? 20 00 00 FF 70 65 83 C0 61
db 90 90
 
[Disable]
00488083:
db 75 36
note* there are many different hacks. this is one of them
we'll cover JMP scripts and codecaves later on.


If you look at the script it has 1 Addres. 00488083
We can write that as a DWORD

So jump down to the end of your code in Form1.cpp and write
Code:
DWORD SuperTubiAddy = 0x00488083;
''0x'' confirms it as hex.

Now, let's write the enable and disable bytes.
Let's see our script has 2 Enable bytes which are: 90 90
Write this:
Code:
BYTE enableSuperTubi[] = {0x90, 0x90}; //Here we enable the hack by editing the bytes.
Now lets create out disable part.
The disable bytes also has 2 bytes because we edited 2 bytes which needs to be reseted when being unticked.
Code:
BYTE disableSuperTubi[] = {0x75, 0x36}; //Disables the hack by resetting the bytes.
Now lets add the checkBox code.
Code:
void Form1::checkBox1_CheckedChanged(System::Object^ sender, System::EventArgs^ e)
{

unsigned long oldProtect;
VirtualProtect((LPVOID)SuperTubiAddy, 2, PAGE_EXECUTE_READWRITE, &oldProtect);

if(this->checkBox1->Checked)
{
      memcpy((void*)SuperTubiAddy, enableSuperTubi, sizeof(enableSuperTubi));
}
else
{
      memcpy((void*)SuperTubiAddy, disableSuperTubi, sizeof(disableSuperTubi));
}
}
Now you may be wondering what is this:
Code:

unsigned long oldProtect;
VirtualProtect((LPVOID)SuperTubiAddy, 2, PAGE_EXECUTE_READWRITE, &oldProtect);
That's VirtualProtect() the 2 next to the SuperTubiAddy explains how many bytes we're protecting, so if your adding a hack with 3 bytes, you just change the 2 to 3.

Now, on top of your Visual Studio click Build -> Build project.
If it succeded go inject it, but inject a bypass first and test the hack!

Admin
Admin

Posts : 6
Join date : 2011-06-05

https://vincecoding.board-directory.net

Back to top Go down

Back to top

Vince Coding :: Coding Tutorials :: Coding Tutorials

 
Permissions in this forum:
You cannot reply to topics in this forum