GameTrainer: A tool to train games

Title:       GameTrainer: An easy way to train games
Author:      Luca Tagliaferri
Email:       pinturicchio@hotmail.com
Member ID:   12345
Language:    C# 2.0 
Platform:    Windows, .NET 2.0 
Technology:  .NET, Platorm Invoke
Level:       Beginner
Description: With the aid of platform invoke is easy to read and modify the memory of running processes 
Section      .NET General
SubSection   .NET

• Download demo project - 37 Kb
• Download source - 37 Kb

Introduction

With the aid of few Windows API calls it is easy to read and write the memory of other running processes. By monitorg the memory of such process it is easy to detect where memory locations containin peculiar variables in games (bullets, gold, lives, etc.); as soon as the variable is found it can be overridden with a new value.
The functioning of the program is very easy and with it a gamer can obtain the desired amount of these elements.

Background

Windows provides programmers with few API that are useful to access for reading and writing the memory of another running process: the following paragraph shows the used APIs and how platform invoke is employed in order to use them in C#.

    

    // Used to read the memory of a process

    [DllImport("Kernel32.dll")]    
    public static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] buffer, UInt32 size, ref IntPtr lpNumberOfBytesRead);
    
    // Used to open process for reading and writing memory 

    [DllImport("kernel32.dll")]
    public static extern IntPtr OpenProcess(UInt32 dwDesiredAccess, bool bInheritHandle, UInt32 dwProcessId);

    // Used to close the process    

    [DllImport("kernel32.dll")]    
    public static extern Int32 CloseHandle(IntPtr hObject);

    // Used to write into the memory of a process    

    [DllImport("kernel32.dll")]    
    static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] lpBuffer, Int32 nSize, out IntPtr lpNumberOfBytesWritten);

Using the program

The functioning principle of GameTrainer is very simple: it is based upon the fact that during a game certain game variables (like bullets, lives, gold, etc) change their value; by monitoring this value during a gameplay it is easy to detect where these variable are stored in memory. Once the memory location is found its value can be changed as desired. The graph here below show the procedure a gamer should us to accomplish this task.

The sequence to follow is very easy and evolves thrpugh the steps shown in he flow chart. During the game the user must choose the variable to monitor (for example the amount of gold). At this point the game must be paused and GameTrainer must be launched and it must be commanded to search for the quantity of gold present in the game (like in the picture below): in the value textbox the user should put the amount to search. The length combobox shows three values (1, 2 and 4): this value indicates how many bytes are needed to store the variable to search. In this case two has been chosen since 1000 needs two bytes to be stored.

When the search button is pressed the memory is searched or the requested value; after few moments (when the memory search has finished) the following form is shown:

It means that to find the variable the user has to refine the search: in other words he has to resume the game and stop a little later until the variable changes (in the example the new variable to search is 1001). When finally the variable is found the shown form is the following one: it shows the memory location and presents a combox where the user can choose the new value for his variable !

History

This is version 1.0. !