PHP Code:
using System;
using System.Windows.Forms;
using System.Diagnostics;
using System.Runtime.InteropServices;
namespace MMOhaxCsharpTrainerBase
{
public partial class Trainer : Form
{
public Trainer()
{
InitializeComponent();
}
// imports from WinAPI, for more information see http://www.pinvoke.net/ and http://msdn.microsoft.com/
// http://www.pinvoke.net/default.aspx/kernel32/WriteProcessMemory.html
// WriteProcessMemory writes memory to a specific address in the target process memory space
[DllImport("kernel32.dll", EntryPoint = "WriteProcessMemory")]
private static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] lpBuffer, uint nSize, [Out] int lpNumberOfBytesWritten);
// http://www.pinvoke.net/default.aspx/kernel32/ReadProcessMemory.html
// ReadProcessMemory reads memory from a specified address in the target process memory space
[DllImport("kernel32.dll", EntryPoint = "ReadProcessMemory")]
private static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [Out] byte[] lpBuffer, int dwSize, [Out] int lpNumberOfBytesRead);
[DllImport("kernel32.dll", EntryPoint = "ReadProcessMemory")]
private static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [Out] IntPtr lpBuffer, int dwSize, [Out] int lpNumberOfBytesRead);
// http://www.pinvoke.net/default.aspx/kernel32/OpenProcess.html
// OpenProcess is used to open the process (obviously)
[DllImport("kernel32.dll", EntryPoint = "OpenProcess")]
private static extern IntPtr OpenProcess(uint dwDesiredAccess, bool bInheritHandle, int dwProcessId);
private static int ProcessID = -1; // will hold ID of the game process
private static IntPtr ProcessHandle = IntPtr.Zero; // will hold handle to the game process
// Connect function will open the game process
private bool Connect()
{
Process.EnterDebugMode(); // gain debug privileges
// GetProcessesByName gets all running processes with the specified name
Process[] processes = Process.GetProcessesByName("winmine"); // winmine.exe is Windows XP Minesweeper
ProcessID = processes[0].Id; // assume the first found process is the correct one, because otherwise 2 instances of the game would be running
if (ProcessID == 0)
{
// game process not found
Process.LeaveDebugMode();
return false;
}
// open process and save the handle of it
// we start looking up OpenProcess at MSDN http://msdn.microsoft.com/en-us/library/ms684320(VS.85).aspx
// "The access to the process object. This access right is checked against the security descriptor for the process. This parameter can be one or more of the process access rights."
// click the link to "process access rights", http://msdn.microsoft.com/en-us/library/ms684880(v=VS.85).aspx
// PROCESS_ALL_ACCESS - All possible access rights for a process object.
// yeah, we might aswell use that
// if we look at http://www.pinvoke.net/default.aspx/kernel32/OpenProcess.html
// we see that All = 0x001F0FFF
ProcessHandle = OpenProcess(0x001F0FFF/*PROCESS_ALL_ACCESS*/, false, ProcessID);
return true;
}
// Disconnect function will close the game process & clean up
private void Disconnect()
{
Process.LeaveDebugMode(); // no need to still have debug privileges
}
private uint adrTime = 0x0100579C; // this is the address where time-variable is located in Windows XP Minesweeper, get this with Cheat Engine
private uint freezeTime = 0;
private void checkBox_CheckedChanged(object sender, EventArgs e)
{
if (Connect() == false) { return; }
byte[] buffer = new byte[4];
ReadProcessMemory(ProcessHandle, (IntPtr)adrTime, buffer, buffer.Length, 0);
freezeTime = BitConverter.ToUInt32(buffer, 0);
Disconnect();
}
private void timer_Tick(object sender, EventArgs e)
{
if (Connect() == false) { return; }
if (checkBox.Checked == true) // if the "freeze value" checkbox is ticked, make sure the value is same as when frozen
{
WriteProcessMemory(ProcessHandle, (IntPtr)adrTime, BitConverter.GetBytes(freezeTime), 4/*an int is 4 bytes in size*/, 0);
}
byte[] buffer = new byte[4];
ReadProcessMemory(ProcessHandle, (IntPtr)adrTime, buffer, buffer.Length, 0);
uint Time = BitConverter.ToUInt32(buffer, 0);
textBox.Text = Time.ToString();
Disconnect();
}
private void button_Click(object sender, EventArgs e)
{
if (Connect() == false) { return; }
// set game timer to 0 when button is clicked
WriteProcessMemory(ProcessHandle, (IntPtr)adrTime, BitConverter.GetBytes(0), 4/*an int is 4 bytes in size*/, 0);
freezeTime = 0;
Disconnect();
}
private void pictureBox_Click(object sender, EventArgs e)
{
// when picture is clicked, open website
System.Diagnostics.Process.Start("http://www.mmohax.com/");
}
}
}
Source used in this Trainer for example:
http://www.itsmods.com/forum/Thread-Call...ainer.html
Credits:
mmohax