Reading and Writing to Memory Using Our C++ CLI .dll

Overview

Previously I have shown you how to create a C++ CLI .dll file so that you can easily make a GUI for your .dll files. In this blog, I will be showing off how to use this .dll file to manipulate a game’s memory and create a “trainer” or cheat tool. Just as before if I mention a concept that has a long explanation, chances are I will have the documentation or video guide linked below this blog. With that being stated, let's get coding.

Some Quick Additions

Before we continue with part two of “Creating and Using a C++ CLI .dll” I have to note that I have made some additions to the project. Today I will be showing you how to read from and write to memory using our .dll file. Before we can do this we must add a few files known as “Memory.cpp”, “Memory.h”, and “Scanner.h”. Essentially these files allow us to read from a specific address or pointer in an application's memory as well as write to an address as well.

Example code of “WriteMemory”

You can read more about the “Memory::WriteMemory” function here: https://docs.microsoft.com/en-us/windows/win32/api/memoryapi/nf-memoryapi-writeprocessmemory.

Example code of “findPattern” inside of “Scanner.h”

You can read more about the “findPattern” function here: https://guidedhacking.com/threads/findpattern-signature-scan.9967/

Using Our Memory and Scanner

Now that we have the files “Memory.cpp”, “Memory.h”, and “Scanner.h” created we need to include them in our MyForm.h as seen below so we have access to their functions.

Including “Memory.h” and “Scanner.h”

After including both files we can define our memory “begin” and “end” as well as define our “memory” and “scanner” functions like shown in the following picture.

Defining dwBegin and dwEnd

Setting the value of dwBegin and dwEnd may be specific to your situation. In my case the game’s memory I want to mess around with starts at address 0x4000000. For DLL’s the default ImageBase is 0x400000, which can be read about here: https://docs.microsoft.com/en-us/previous-versions/ms809762(v=msdn.10)?redirectedfrom=MSDN

Making A Few Visual Changes

In the first blog on this subject, I showed off a .dll file that has a simple WindowsForm and Button on that WindowsForm.

Previous WindowsForm

For the purpose of this tutorial, we are going to change the WindowsForm a bit so that we can have a button that will write to the game’s memory as well as a textbox to read from the game’s memory.

New WindowsForm

To better explain how this works, I have named the buttons after what they will do. “Read Memory” will use our “Scanner” to scan the memory at a specific address and return the value at that address in our textbox. “Write Memory” will take the value that we type into the textbox and set the game’s memory address value to that value. “Reset Memory” will essentially just set the value back to what it was before we messed with it.

Adding The Functionality

Just like in the past, even though we added some new buttons and a textbox, the program won’t automatically work or know what you want to do with it. To fix this we need to add code so that when the buttons are pressed, something with happen.

Example of new code

When button1 is pressed, the textbox will be filled with the value of our character’s hitbox value and a message box will appear stating that we should see the hitbox value now. When button2 is pressed, the value we typed in the textbox should be written to the game’s memory and our character’s hitbox value will change to that. When button3 is pressed the game’s memory should be set back to the original value.

Now when we try to compile this we should be able to build the .dll file with no errors and then inject it into our game.

Compiled

Testing Our Tool

Verifying with a debugger

Using a debugger on the hitbox’s address, we can see the value is currently 1. That means, when we press our “Read Memory” button, our textbox should show the value of 1. Let's see if this is true!

Reading Memory is working!

Now let's try to change the value from 1 to a bigger number and press our “Write Memory” button and see if anything happens.

Writing Memory is working!

Once again using a debugger to proof check our work, we see that the value changed to 10 after we typed 10 into the textbox and pressed our “Write Memory” button. So why doesn’t our character look any different? We’ll you might have noticed that our character is standing at a different angle. I turned the character so that you could see a before and after picture. If I turn my character downwards or towards the screen, this happens

After Hitbox changes

Woah! Our character’s textures are almost completely missing and he is stretched across the screen now. Let’s see if we can use our “Reset Memory” button to change him back to normal…

Reset Memory is working!

Conclusion

In conclusion, we’re able to update our C++ CLI .dll file in order to turn it into a working game trainer/cheat tool. Obviously, this isn’t the extent of what you can do with C++ CLI .dll files but it is still a good start and an easier way to make visuals for your tools.

New coder on the block.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store