i am trying to "hack" windows pinball through dll injection.when i inject the dll i made a message box pop up so i know the dll is injected. now the memory editing side of it doesnt work. this is what i have:
First of all I have no idea what you're trying to do.
Second of all you won't be able to access the memory, you need ring 1 or 2 access. http://en.wikipedia.org/wiki/Ring_(computer_security)
You aren't allowed to access the memory you haven't been allocated. What would happen if the unsaved text files you had in memory were suddenly overwritten by some guy trying to cheat at pinball? You'd be pretty annoyed.
I'm guessing he's trying to modify his scores with this. I wouldn't recommend that... It's a waste of time, it's slipping my mind right now, but there's a cheat that allows you to click and move the ball the way you want. Besides that, You can write to another program's memory directly. Ever heard of dll injection? It's a method people use to hack programs while they're running, which is exactly what he's going for.
Yes, but DLL injection != memory editing. You need debug, device driver or kernel privileges for that. If you want to try and make a device driver to do that, be my guest, but I don't think you'll be able to do it.
First of all, you need to know exactly where the program is storing it's memory. The way I think programs like "cheat engine" do that is by you typing in the value that is stored (as hex) and the program searching the memory for an appropriate value. When it finds the value it knows the address so it can edit what is stored there. The thing is you need to be able to edit it, which you won't be able to do. I think cheat engine is open source, but I don't know what language it was written in. You could have a look.
Read the first line in Helios' reply and disregard everything else in this thread.
Also to clear up some things. The Windows API comes with a ReadProcessMemory and a WriteProcessMemory function (inside of kernel32.dll). I've been through this before :'(
i dot it to work! this: CreateThread(0, 0, (LPTHREAD_START_ROUTINE)snip, 0, 0, 0); needed to be changed to this CreateThread(0, 0, (LPTHREAD_START_ROUTINE)&snip, 0, 0, 0); i just looked at a few toutorials and on the third one i saw that it had the &.
Yes, but DLL injection != memory editing. You need debug, device driver or kernel privileges for that.
Incorrect.
When DLL's are loaded by a process, they are mapped into that processes address space. No drivers or kernel privileges required - your DLL is already running in the context of the process you are attempting to interrogate. You can quite happily stomp over any memory location you wish within the processes address space.