Login

**barata** · (This post was last modified: 02-22-2012, 16:41 by barata.)

Well after releasing the D3D menu trainer in C++ i decided to make something more simple for the people who are starting in making trainers and stuff...

In this tutorial i will cover the following aspects:

- How to Import Functions
- How to detect a Process
- How to Write Process Memory (Editing Memory)
- How to Use GetAsyncKeyState ( Hotkeys )

First Steps:

Includes you are going to need:

CSHARP Code
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Runtime.InteropServices;
using System.Diagnostics;
using System.Windows.Forms;

Dll Imports:

CSHARP Code
[DllImport("user32.dll")]
        public static extern short GetAsyncKeyState(Keys vKey);
 
        [DllImport("kernel32.dll", EntryPoint = "WriteProcessMemory")]
        private static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] lpBuffer, uint nSize, [Out] int lpNumberOfBytesWritten);
 
 
        [DllImport("kernel32.dll", EntryPoint = "ReadProcessMemory")]
        private static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [Out] byte[] lpBuffer, int dwSize, [Out] int lpNumberOfBytesRead);
 
        [DllImport("kernel32.dll", EntryPoint = "OpenProcess")]
        private static extern IntPtr OpenProcess(uint dwDesiredAccess, bool bInheritHandle, int dwProcessId);

Variables:

CSHARP Code
public int opt1 = 0;
        public int opt2 = 0;
        public int opt3 = 0;
 
        private static int ProcessID = -1;
        private static IntPtr ProcessHandle = IntPtr.Zero;

First create a new project:

[Image: tutn.png]

We are going to need a form with some labels on it:

[Image: scaled.php?server=163&filename=tut1z.png&res=medium]

Then you are going to rename those labels to the functions of your trainer:

[Image: scaled.php?server=828&filename=tut2e.png&res=medium]

After this we are going to create a Groupbox and another label for detecting if the game process is running:

[Image: scaled.php?server=38&filename=tut3h.png&res=medium]

[Image: scaled.php?server=38&filename=tut3h.png&res=medium]

Now we are going to make the code for detecting the game process:

1 - Create a Timer;
2 - Double Click on the Timer and insert this code:

[Image: tut4q.png]

CSHARP Code
System.Diagnostics.Process[] myprocesses = System.Diagnostics.Process.GetProcessesByName("iw5sp");
             if (myprocesses.Length != 0)
             {
                 label5.Text = "Mw3 Found!";
                 label5.ForeColor = Color.Lime;
 
             }

Now we are going to make variables for our trainer options and import a function to detect our hotkeys:

CSHARP Code
using System.Runtime.InteropServices;//Dont forget to add this to the includes...
 
///////////////////////////// - Import / Variables - ///////////////////////////////
 
        public int opt1 = 0;
        public int opt2 = 0;
        public int opt3 = 0;
 
  [DllImport("user32.dll")]
        public static extern short GetAsyncKeyState(Keys vKey);

Now we are going to create another timer for writting memory and detecting our hotkeys:

[Image: tut5e.png]

[Image: scaled.php?server=807&filename=tut6.png&res=medium]

CSHARP Code
private void timer2_Tick(object sender, EventArgs e)
        {
            bool OPT1 = Convert.ToBoolean(GetAsyncKeyState(Keys.F1));
            if (OPT1 == true)
            {
                if (opt1 == 0)
                {
                    opt1 = 1;
                }
                else
                {
                    opt1 = 0;
                }
            }
            bool OPT2 = Convert.ToBoolean(GetAsyncKeyState(Keys.F2));
            if (OPT2 == true)
            {
                if (opt2 == 0)
                {
                    opt2 = 1;
                }
                else
                {
                    opt2 = 0;
                }
            }
            bool OPT3 = Convert.ToBoolean(GetAsyncKeyState(Keys.F3));
            if (OPT3 == true)
            {
                if (opt3 == 0)
                {
                    opt3 = 1;
                }
                else
                {
                    opt3 = 0;
                }
            }
            bool OPT4 = Convert.ToBoolean(GetAsyncKeyState(Keys.F4));
            if (OPT4 == true)
            {
                int activated = 0;
                if (activated == 0)
                {
 
                }
                else
                {
 
                }
            }
            if (opt1 == 1)
            {
 
            }
            if (opt2 == 1)
            {
 
            }
            if (opt3 == 1)
            {
 
            }
        }

Ok now we are ready for importing the functions for opening our game process and writting memory:

[Image: tut7k.png]

CSHARP Code
private static int ProcessID = -1;
        private static IntPtr ProcessHandle = IntPtr.Zero;
 
        [DllImport("kernel32.dll", EntryPoint = "WriteProcessMemory")]
        private static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] lpBuffer, uint nSize, [Out] int lpNumberOfBytesWritten);
 
 
        [DllImport("kernel32.dll", EntryPoint = "ReadProcessMemory")]
        private static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [Out] byte[] lpBuffer, int dwSize, [Out] int lpNumberOfBytesRead);
 
        [DllImport("kernel32.dll", EntryPoint = "OpenProcess")]
        private static extern IntPtr OpenProcess(uint dwDesiredAccess, bool bInheritHandle, int dwProcessId);

And finally we are going to open the game process and writte it memory to get some results:

Open Game Process:

CSHARP Code
private void timer1_Tick(object sender, EventArgs e)
        {
             System.Diagnostics.Process[] myprocesses = System.Diagnostics.Process.GetProcessesByName("iw5sp");
             if (myprocesses.Length != 0)
             {
                 label5.Text = "Mw3 Found!";
                 label5.ForeColor = Color.Lime;
                 timer2.Start();
                 Process[] processes = Process.GetProcessesByName("iw5sp"); // in the "iw5sp" is the name of the process
                 ProcessID = processes[0].Id;
                 ProcessHandle = OpenProcess(0x001F0FFF/*PROCESS_ALL_ACCESS*/, false, ProcessID);
             }
        }

NOP function:

http://www.itsmods.com/forum/Thread-Tuto...-in-C.html

CSHARP Code
private void timer2_Tick(object sender, EventArgs e)
        {
            bool OPT1 = Convert.ToBoolean(GetAsyncKeyState(Keys.F1));
            if (OPT1 == true)
            {
                if (opt1 == 0)
                {
                    opt1 = 1;
                    label1.ForeColor = Color.Lime;
                }
                else
                {
                    opt1 = 0;
                    label1.ForeColor = Color.Red;
                }
            }
            bool OPT2 = Convert.ToBoolean(GetAsyncKeyState(Keys.F2));
            if (OPT2 == true)
            {
                if (opt2 == 0)
                {
                    opt2 = 1;
                    label2.ForeColor = Color.Lime;
                }
                else
                {
                    opt2 = 0;
                    label2.ForeColor = Color.Red;
                }
            }
            bool OPT3 = Convert.ToBoolean(GetAsyncKeyState(Keys.F3));
            if (OPT3 == true)
            {
                if (opt3 == 0)
                {
                    opt3 = 1;
                    label3.ForeColor = Color.Lime;
                }
                else
                {
                    opt3 = 0;
                    label3.ForeColor = Color.Red;
                }
            }
            bool OPT4 = Convert.ToBoolean(GetAsyncKeyState(Keys.F4));
            if (OPT4 == true)
            {
                int activated = 0;
                if (activated == 0)
                {
                    byte[] nop = { 0x90, 0x90, 0x90, 0x90, 0x90 };// 5 bytes
                    WriteProcessMemory(ProcessHandle, (IntPtr)0x004DBB96, nop, 5/*amount of bytes written(5)*/, 0);
                    label4.ForeColor = Color.Lime;
                    activated = 1;
                }
                else
                {
                    byte[] nop = { 0xE8, 0xC5, 0x72, 0x03, 0x00 };// 5 bytes
                    WriteProcessMemory(ProcessHandle, (IntPtr)0x004DBB96, nop, 5/*amount of bytes written(5)*/, 0);
                    label4.ForeColor = Color.Red;
                    activated = 0;
                }
            }
            if (opt1 == 1)
            {
                int val = 999;
                WriteProcessMemory(ProcessHandle, (IntPtr)0x012A7AA0, BitConverter.GetBytes(val), 4, 0);
                WriteProcessMemory(ProcessHandle, (IntPtr)0x012A7B18, BitConverter.GetBytes(val), 4, 0);
                WriteProcessMemory(ProcessHandle, (IntPtr)0x012A7AA8, BitConverter.GetBytes(val), 4, 0);
                WriteProcessMemory(ProcessHandle, (IntPtr)0x012A7B24, BitConverter.GetBytes(val), 4, 0);
                WriteProcessMemory(ProcessHandle, (IntPtr)0x012A7B30, BitConverter.GetBytes(val), 4, 0);
                WriteProcessMemory(ProcessHandle, (IntPtr)0x012A7B48, BitConverter.GetBytes(val), 4, 0);
                WriteProcessMemory(ProcessHandle, (IntPtr)0x012A7B54, BitConverter.GetBytes(val), 4, 0);
                WriteProcessMemory(ProcessHandle, (IntPtr)0x012A7B3C, BitConverter.GetBytes(val), 4, 0);
            }
            if (opt2 == 1)
            {
                int val = 999;
                WriteProcessMemory(ProcessHandle, (IntPtr)0x010BD628, BitConverter.GetBytes(val), 4, 0);
            }
            if (opt3 == 1)
            {
                int val = 0;
                WriteProcessMemory(ProcessHandle, (IntPtr)0x12A7948, BitConverter.GetBytes(val), 4, 0);
                WriteProcessMemory(ProcessHandle, (IntPtr)0x8ABA88, BitConverter.GetBytes(val), 4, 0);
            }
        }

And the final code should be:

CSHARP Code
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Runtime.InteropServices;
using System.Diagnostics;
using System.Windows.Forms;
 
namespace Mw3_Trainer_tuto
{
    public partial class Form1 : Form
    {
        public int opt1 = 0;
        public int opt2 = 0;
        public int opt3 = 0;
 
        private static int ProcessID = -1;
        private static IntPtr ProcessHandle = IntPtr.Zero;
 
        public Form1()
        {
            InitializeComponent();
        }
 
        [DllImport("user32.dll")]
        public static extern short GetAsyncKeyState(Keys vKey);
 
        [DllImport("kernel32.dll", EntryPoint = "WriteProcessMemory")]
        private static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] lpBuffer, uint nSize, [Out] int lpNumberOfBytesWritten);
 
 
        [DllImport("kernel32.dll", EntryPoint = "ReadProcessMemory")]
        private static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [Out] byte[] lpBuffer, int dwSize, [Out] int lpNumberOfBytesRead);
 
        [DllImport("kernel32.dll", EntryPoint = "OpenProcess")]
        private static extern IntPtr OpenProcess(uint dwDesiredAccess, bool bInheritHandle, int dwProcessId);
 
        private void Form1_Load(object sender, EventArgs e)
        {
            timer1.Start();
        }
 
        private void timer1_Tick(object sender, EventArgs e)
        {
             System.Diagnostics.Process[] myprocesses = System.Diagnostics.Process.GetProcessesByName("iw5sp");
             if (myprocesses.Length != 0)
             {
                 label5.Text = "Mw3 Found!";
                 label5.ForeColor = Color.Lime;
                 timer2.Start();
                 Process[] processes = Process.GetProcessesByName("iw5sp"); // in the "iw5sp" is the name of the process
                 ProcessID = processes[0].Id;
                 ProcessHandle = OpenProcess(0x001F0FFF/*PROCESS_ALL_ACCESS*/, false, ProcessID);
             }
        }
 
        private void timer2_Tick(object sender, EventArgs e)
        {
            bool OPT1 = Convert.ToBoolean(GetAsyncKeyState(Keys.F1));
            if (OPT1 == true)
            {
                if (opt1 == 0)
                {
                    opt1 = 1;
                    label1.ForeColor = Color.Lime;
                }
                else
                {
                    opt1 = 0;
                    label1.ForeColor = Color.Red;
                }
            }
            bool OPT2 = Convert.ToBoolean(GetAsyncKeyState(Keys.F2));
            if (OPT2 == true)
            {
                if (opt2 == 0)
                {
                    opt2 = 1;
                    label2.ForeColor = Color.Lime;
                }
                else
                {
                    opt2 = 0;
                    label2.ForeColor = Color.Red;
                }
            }
            bool OPT3 = Convert.ToBoolean(GetAsyncKeyState(Keys.F3));
            if (OPT3 == true)
            {
                if (opt3 == 0)
                {
                    opt3 = 1;
                    label3.ForeColor = Color.Lime;
                }
                else
                {
                    opt3 = 0;
                    label3.ForeColor = Color.Red;
                }
            }
            bool OPT4 = Convert.ToBoolean(GetAsyncKeyState(Keys.F4));
            if (OPT4 == true)
            {
                int activated = 0;
                if (activated == 0)
                {
                    byte[] nop = { 0x90, 0x90, 0x90, 0x90, 0x90 };// 5 bytes
                    WriteProcessMemory(ProcessHandle, (IntPtr)0x004DBB96, nop, 5/*amount of bytes written(5)*/, 0);
                    label4.ForeColor = Color.Lime;
                    activated = 1;
                }
                else
                {
                    byte[] nop = { 0xE8, 0xC5, 0x72, 0x03, 0x00 };// 5 bytes
                    WriteProcessMemory(ProcessHandle, (IntPtr)0x004DBB96, nop, 5/*amount of bytes written(5)*/, 0);
                    label4.ForeColor = Color.Red;
                    activated = 0;
                }
            }
            if (opt1 == 1)
            {
                int val = 999;
                WriteProcessMemory(ProcessHandle, (IntPtr)0x012A7AA0, BitConverter.GetBytes(val), 4, 0);
                WriteProcessMemory(ProcessHandle, (IntPtr)0x012A7B18, BitConverter.GetBytes(val), 4, 0);
                WriteProcessMemory(ProcessHandle, (IntPtr)0x012A7AA8, BitConverter.GetBytes(val), 4, 0);
                WriteProcessMemory(ProcessHandle, (IntPtr)0x012A7B24, BitConverter.GetBytes(val), 4, 0);
                WriteProcessMemory(ProcessHandle, (IntPtr)0x012A7B30, BitConverter.GetBytes(val), 4, 0);
                WriteProcessMemory(ProcessHandle, (IntPtr)0x012A7B48, BitConverter.GetBytes(val), 4, 0);
                WriteProcessMemory(ProcessHandle, (IntPtr)0x012A7B54, BitConverter.GetBytes(val), 4, 0);
                WriteProcessMemory(ProcessHandle, (IntPtr)0x012A7B3C, BitConverter.GetBytes(val), 4, 0);
            }
            if (opt2 == 1)
            {
                int val = 999;
                WriteProcessMemory(ProcessHandle, (IntPtr)0x010BD628, BitConverter.GetBytes(val), 4, 0);
            }
            if (opt3 == 1)
            {
                int val = 0;
                WriteProcessMemory(ProcessHandle, (IntPtr)0x12A7948, BitConverter.GetBytes(val), 4, 0);
                WriteProcessMemory(ProcessHandle, (IntPtr)0x8ABA88, BitConverter.GetBytes(val), 4, 0);
            }
        }
    }
}

Well i know is not that detailed but i think its a good tutorial to start with.

You can do your modifications to design and make it a little less ugly.

Thats all,

Thanks Barata...

PS: the attachment is the compiled trainer.

**kokole** · (This post was last modified: 02-22-2012, 01:47 by kokole.)

thank you

aosma8 · (This post was last modified: 02-22-2012, 06:46 by aosma8.)

Great Job, this is an excellent tutorial for beginners Big Grin

+Rep!

**JariZ** · 02-22-2012, 08:42

This is completely epic, thanks for taking the time, i'm pretty sure i'll be using this

**rotceh_dnih** · 02-22-2012, 09:42

tldr; but great work man :0 will +rep 4sure

but c# Dodgy

next time c++ Like a sir

**JariZ** · 02-22-2012, 09:57

I'm happy that this is in C# because all injecting stuff is in C++

**barata** · 02-22-2012, 14:28

(02-22-2012, 09:42)rotceh_dnih Wrote: tldr; but great work man :0 will +rep 4sure

but c#

next time c++

Next time i will make a C++ form trainer tuto, is almost the same as this but no problem!

Thanks Barata...

Tomsen1410 · 02-22-2012, 16:38

nice...but....
WHY THE HELL ALWAYS C#

i want C++!!!

**iAegle** · (08-10-2011, 12:58)

(02-22-2012, 16:38)Tomsen1410 Wrote: nice...but....
WHY THE HELL ALWAYS C#

i want C++!!!

Coz this can be found in C++ all over the web Troll

http://lmgtfy.com/?q=c%2B%2B+injector+source

Tomsen1410 · (This post was last modified: 02-22-2012, 17:40 by Tomsen1410.)

but not on itsmods Troll

and i have my own injector already U JELLY?

(hahahaah)

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	[Release] Black Ops Single Player/Zombie Trainer V3.6	Craig87	52	88,512	07-01-2013, 15:12 Last Post: explosivebanana55
	[Release] LF's BO2 Trainer (Latest Version)	LegitFlash	3	4,950	06-11-2013, 18:14 Last Post: surtek
	Black Ops 2 DLC camo trainer	surtek	10	10,736	04-19-2013, 23:16 Last Post: Gladio
	Menu base	EliTeEishiii	1	2,875	04-17-2013, 16:10 Last Post: Nekochan
	Black Ops 2 camo trainer	surtek	33	28,363	04-16-2013, 11:07 Last Post: surtek
	Saint Row: The Third - +7 Trainer - Steam v1.0.0.1 - DX10/11	d0h!	5	30,376	03-02-2013, 15:31 Last Post: BunnySkills
	[Release] [DETECTED] Black ops 2 Zombie Trainer	dylankrajewski	8	16,134	02-09-2013, 10:07 Last Post: Erik The Born
	Preview BarataConsole Trainer/Mod/Plugin API	JariZ	1	3,036	02-05-2013, 23:59 Last Post: barata
	[Release] MW3 +12 Singleplayer Trainer 1.9.453 by Geomatrical	Silencemod	15	11,321	01-18-2013, 21:54 Last Post: JariZ
	Black Ops 2 emblem trainer	surtek	3	5,717	12-17-2012, 17:23 Last Post: surtek