[Tutorial] Memory editing C#

[Lynie]

Note: I'm not an experienced C# programmer
Note: I found how to do this on another site and tough it would be usefull so i'm now going to explain the basic memory editing.

Let's get started then

I'm going to take freecell as an example.

1.
First step is downloading

Code:

http://www.codeproject.com/KB/trace/freecellreader/freecellreader_demo.zip

and compiling ProcessMemoryReaderLib inside it.

So now we have ProcessMemoryReaderLib.dll inside the bin\Debug.

Create a new C# project and go to Project > Add reference... and click on the browse tab and navigate to the ProcessMemoryReaderLib. Now you're ready to get to the programming part! ^^



2.

Code:

using System;
using System.Diagnostics //allows to use the class Process fast
using ProcessMemoryReadingLib; //allows to use ProcessMemoryReadingLib fast

Now we handle the main function

Code:

namespace FreeCell_Hack
{
    class Program
    {
        static void Main(string[] args)
        {
            ProcessMemoryReader pReader = new ProcessMemoryReader(); //create a new writer - reader
            
            Process[] hProcessSnap; //create an array containing all running processes
            Process hProcess = null; 
            hProcessSnap = Process.GetProcesses(); //Load all processes in the array

Now the adress. This is what I found when looking for the score adress in freecell.

Code:

            IntPtr score_addr = (IntPtr)0x1007800;

Now we also need something to write. Since we need the second arg to be a byte[] in WriteProcessMemory we need to declare a byte[] ^^

Code:

            byte[] write = new byte[4];

Let's say we want our score to be 0 so we win , then we need to make an int.
So we need to convert an int to a byte[]. No problem.

Code:

            write = BitConverter.GetBytes(0);

We need to find the place of our process in the process array

Code:

            for (int n = 0; n < hProcessSnap.Length; n++)
            {
                if (hProcessSnap[n].ProcessName == "freecell")
                    hProcess = hProcessSnap[n];
            }

Now we're going to hook the hack with the app.

Code:

            pReader.ReadProcess = hProcess;
            pReader.OpenProcess();
            pReader.WriteProcessMemory(score_addr, write, out store);
        }
    }
}

And we also need the store int, so put this in the beginning of the Main function.

Code:

            int store = 0;

the complete code:

Code:

using System;
using System.Diagnostics;
using ProcessMemoryReaderLib;

namespace FreeCell_Hack
{
    class Program
    {
        static void Main(string[] args)
        {
            int store = 0;

            ProcessMemoryReader pReader = new ProcessMemoryReader();

            Process[] hProcessSnap;
            Process hProcess;

            hProcess = null;

            hProcessSnap = Process.GetProcesses();

            IntPtr score_addr = (IntPtr)0x1007800;

            byte[] write = new byte[4];

            write = BitConverter.GetBytes(0);

            for (int n = 0; n < hProcessSnap.Length; n++)
            {
                if (hProcessSnap[n].ProcessName == "freecell")
                    hProcess = hProcessSnap[n];
            }
            pReader.ReadProcess = hProcess;
            pReader.OpenProcess();
            pReader.WriteProcessMemory(score_addr, write, out store);
        }
    }
}

So that's it. You probably noticed this is my first tutorial .
If you need anything further explained, let me know.

Hope you like it.

Enjoy

[wakamesoup]

Works great, but how do I find out the process' starting and ending address? I don't want to scan the machines entire memory when searching for a certain value

thanks

Dominik