如何用C语言做一款游戏外挂
Hi,I’m Vector_Y _.Today,Let me introduce how I make an hacker on Plants Vs Zombies with C .
Sure ,this thinking process can be adapted to most other examples where Cheat Engine works.
First,Let's see the effects.
Original,50 sunlights.
Paste_Image.png
- Open the hacker,
Paste_Image.png
- change the key at 5000
Paste_Image.png
5000 suceess!
- if we quit
![Upload Paste_Image.png failed. Please try again.]
| Game | Plants Vs Zombies |
| Environmen | Mircrosoft Visual Studio 2013 |
| Tools | Cheat Engine |
Clain:Not orgiona,I couldn't do this without the inspriation of Baidu Experience and public class of Tanzhou.Thank you guys.
Here we goes:
Step | Goal |
-|
1|get the only tab_number on 植物大战僵尸中文版 according to the name
2|get its ProcessId according the tab_number
3|Get its HANDLE according to its ProcessId
4|Get the AddressBase step by step
5|Read&Write to hack.
How to Get the AddressBase?
Address0(AddressBase)
↑
Address1 + Offset1
..........↑
...Address2 + Offset2
.................↑
................Address3(Address Now available from Cheat Engine)
First open the game.Wow ,it reminds me of my days in junior high school.Anyway,lets start the game and load our plants .Lets rock!
Paste_Image.png
Now,open Cheat Engine,select the game pvz.exe and scan for different key for 3 times.
Paste_Image.png
Paste_Image.png
Ok,We have scan to the last.Let check if it's ture.Double click and change the key.How about 1000?
Paste_Image.png
Oh,suceed.It's our number one.We can see the Address3(Address Final) is 17B3DD10.
Let's find the Address2 and Offset 2 according the Address3
Lets do as followes to see what writes to the address.
Paste_Image.png
Now ,wehave get the Address2 and Offset2.
Address2:17B387B0(O)
Offset2:5560(O)
Now,lets do as follows ,scaning to get the Address1 and Offset1 accroding the the Address2.Tick the HEX ,and let's scan Address 2.
Paste_Image.png
We've find 4 OUTSTANDING key ,whose Adresss is different from ohters.
Paste_Image.png
Lets find the real Address2 from 4 Possible key .Click Add Adress Manually and input the Address and Offset2.Try for the every possible Address until we get the real one refering to the real sun_number now.
EC
Paste_Image.png
Get the right one.
Paste_Image.png
Lets find out which Address1 has access the Address2.
Paste_Image.png
Repeat like how we get Address2 to find the add,get Address1 and *** Offset1*** where add shows.
We may try many times,gusing and trying.FInally ,we get Address1 and Offset1.
Address1:0019954C
Offset1:768(O)
Then we scan to get the Address0(BaseAddress) .
We may try limited times to get the right BaseAddress.
BaseAddress:006A9EC0
Paste_Image.png
Now We have get All our datas.
Including:
Address3: 17B3DD10(O)
Address2:0019984C + Offset2:5560(O)
Address1:0019954C + Offset1:768(O)
Address0: 006A9EC0
Reclaim:
How to Get the AddressBase?
Address0(AddressBase)
↑
Address1 + Offset1
..........↑
...Address2 + Offset2
.................↑
................Address3(Address Now available from Cheat Engine)
And lets transform these keys(O) into D.
Paste_Image.png
Now,we can start to program.
In Mircosoft Visual Studio,
1.get the only tab_number on 植物大战僵尸中文版 according to the name
by coding:
HWND name= ::FindWindow(NULL, L"植物大战僵尸中文版");
2.get its ProcessId according the tab_number
by coding:
DWORD Id;
GetWindowThreadProcessId(name,&Id);
3.Get its HANDLE according to its ProcessId
by coding:
HANDLE Hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Id);
4.Get the AddressBase step by step
by coding:
int sun = 0;
LPVOID pBase = (LPVOID)6987456; //??HOW COME
//forced to into point
LPVOID sun_Access = (LPVOID)&sun;
DWORD readSize = 0;
::ReadProcessMemory(Hprocess,pBase,sun_Access,4,&readSize);
pBase = (LPVOID)(sun + 1896); //16 to 10
::ReadProcessMemory(Hprocess, pBase, sun_Access, 4, &readSize);
pBase = (LPVOID)(sun + 21856); //0556(O) to 21856(D)
::ReadProcessMemory(Hprocess, pBase, sun_Access, 4, &readSize);
5.Read&Write to hack.
by coding:
//Read:
::ReadProcessMemory(Hprocess, pBase, sun_Access, 4, &readSize);
printf("Sunshine now is %d\n", sun);
//Write:
int want=0;
scanf_s("%d", &want);
::WriteProcessMemory(Hprocess, pBase, &want, 4, &readSize); //put the key into this.
HAha,the whole programme is now finished.Isn't it cool dude?this thinking process can be adapted to most other examples where Cheat Engine works.
However,if there are too many keys,it will be a diaster to find,guess and write.....
Anyway,making an hacker on Plants Vs Zombies with C is exremmly interesting,isn't it?
C is indeed of use.
Last,The whole programme code is as follows:
Whole codes
Ps:想与我交流的话就请评论、关注我吧
Thumbs up and follow if you wanna get my latest articles.
大好き?フォロー!
