Post by dlevere on Nov 18, 2012 11:54:26 GMT -4
By Baran Ornarli
There are multiple reasons to edit memory addresses, usually used in embedded systems; however, some people may prefer to use it to hack some simple games like Minesweeper. Of course, you probably wouldn't want to hack any time-consuming high-skill based games as it would be unfair to other players who worked so hard to get better at the game. Regardless, it would still be a funny prank to change the values of your friend's calculator or excel file right in front of him by the click of a program.
Memory editing can get dangerous and users who know it well can really cheat and hack games, making it difficult for programmers to protect their games. Some users figure out how to use TSearch or other memory scanners and they create methods to edit player healths or experience in RPG games. It's really despicable sometimes, hacking games should only be done to prove your own programming skills and show the developers of a game that they have a vulnerability, not to win in a digital pseudo-world.
Writing Memory on Embedded Systems
Sometimes memory address editing can be important for embedded systems where multiple gadgets and hardware interact with the same memory space.
volatile int *const LEDS = (int*)0x81480000;
*LEDS = 15; //initialize LEDs
LEDS variable can be used to light up LEDs in a Spartan S3E board for example.
Another method to do the same thing:
#define CLOCK *(volatile int *)(0xFF953300+0x5)
int main(){
CLOCK = 200;
return 0;
}
This edits the memory address 0xFF953305 to have the value 200.
It's also possible to create a memory scanner with this method, although you should be careful not to edit wrong memory somewhere which could cause Blue screens of death or worse errors if you accidentally edit your operating system's memory space.
#include <iostream>
using namespace std;
volatile int *SCAN = (int*)0x1BD23C;
int main() {
for(int i = 0; i < 500; i++){
if(*SCAN == 4512){
cout << "We found the value we wanted in the memory.\n";
*SCAN = 99;
}
SCAN++;
}
return 0;
}
Although this may not always work, and many adjustments may have to be made to suite your environment. Sometimes your program could just crash.
Writing Memory using WriteMemoryProcess on Windows
Using C++ Win32 API we can edit the memory location that I found on Calculator program of windows, causing it to have a hidden value which isn't the one displayed on the screen.
What happens? Let's say you have 889 in your calculator, then you add 1 to it, and it turns out to be 501??? Hacked.
You can also use ReadProcessMemory to find your value, or use a program like TSearch, try it with your windows calculator program. You may have to press the equal sign first to find the value you're looking for.
#include <windows.h>
int main() {
HWND hWnd = FindWindow(0, "Calculator");
if(hWnd == 0){
MessageBox(0, "Error cannot find window.", "Error", MB_OK|MB_ICONERROR);
} else {
DWORD proccess_ID;
GetWindowThreadProcessId(hWnd, &proccess_ID);
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, proccess_ID);
if(!hProcess){
MessageBox(0, "Could not open the process!", "Error!", MB_OK|MB_ICONERROR);
} else {
int newdata = 500;
DWORD newdatasize = sizeof(newdata);
if(WriteProcessMemory(hProcess, (LPVOID)0x57C2A4, &newdata, newdatasize, NULL)){
MessageBox(NULL, "WriteProcessMemory worked.", "Success", MB_OK + MB_ICONINFORMATION);
} else {
MessageBox(NULL, "Error cannot WriteProcessMemory!", "Error", MB_OK + MB_ICONERROR);
}
CloseHandle(hProcess);
}
}
return 0;
}
There are multiple reasons to edit memory addresses, usually used in embedded systems; however, some people may prefer to use it to hack some simple games like Minesweeper. Of course, you probably wouldn't want to hack any time-consuming high-skill based games as it would be unfair to other players who worked so hard to get better at the game. Regardless, it would still be a funny prank to change the values of your friend's calculator or excel file right in front of him by the click of a program.
Memory editing can get dangerous and users who know it well can really cheat and hack games, making it difficult for programmers to protect their games. Some users figure out how to use TSearch or other memory scanners and they create methods to edit player healths or experience in RPG games. It's really despicable sometimes, hacking games should only be done to prove your own programming skills and show the developers of a game that they have a vulnerability, not to win in a digital pseudo-world.
Writing Memory on Embedded Systems
Sometimes memory address editing can be important for embedded systems where multiple gadgets and hardware interact with the same memory space.
volatile int *const LEDS = (int*)0x81480000;
*LEDS = 15; //initialize LEDs
LEDS variable can be used to light up LEDs in a Spartan S3E board for example.
Another method to do the same thing:
#define CLOCK *(volatile int *)(0xFF953300+0x5)
int main(){
CLOCK = 200;
return 0;
}
This edits the memory address 0xFF953305 to have the value 200.
It's also possible to create a memory scanner with this method, although you should be careful not to edit wrong memory somewhere which could cause Blue screens of death or worse errors if you accidentally edit your operating system's memory space.
#include <iostream>
using namespace std;
volatile int *SCAN = (int*)0x1BD23C;
int main() {
for(int i = 0; i < 500; i++){
if(*SCAN == 4512){
cout << "We found the value we wanted in the memory.\n";
*SCAN = 99;
}
SCAN++;
}
return 0;
}
Although this may not always work, and many adjustments may have to be made to suite your environment. Sometimes your program could just crash.
Writing Memory using WriteMemoryProcess on Windows
Using C++ Win32 API we can edit the memory location that I found on Calculator program of windows, causing it to have a hidden value which isn't the one displayed on the screen.
What happens? Let's say you have 889 in your calculator, then you add 1 to it, and it turns out to be 501??? Hacked.
You can also use ReadProcessMemory to find your value, or use a program like TSearch, try it with your windows calculator program. You may have to press the equal sign first to find the value you're looking for.
#include <windows.h>
int main() {
HWND hWnd = FindWindow(0, "Calculator");
if(hWnd == 0){
MessageBox(0, "Error cannot find window.", "Error", MB_OK|MB_ICONERROR);
} else {
DWORD proccess_ID;
GetWindowThreadProcessId(hWnd, &proccess_ID);
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, proccess_ID);
if(!hProcess){
MessageBox(0, "Could not open the process!", "Error!", MB_OK|MB_ICONERROR);
} else {
int newdata = 500;
DWORD newdatasize = sizeof(newdata);
if(WriteProcessMemory(hProcess, (LPVOID)0x57C2A4, &newdata, newdatasize, NULL)){
MessageBox(NULL, "WriteProcessMemory worked.", "Success", MB_OK + MB_ICONINFORMATION);
} else {
MessageBox(NULL, "Error cannot WriteProcessMemory!", "Error", MB_OK + MB_ICONERROR);
}
CloseHandle(hProcess);
}
}
return 0;
}