[Tut]How to make a dll trainer

[Nerrazzuri]

Oh, ok. What about radio buttons? How do i make it detect if a radio button is checked? Same way as checkboxes?

Yes.

[sameswitch]

I also have a few questions. Whenever I put the media player
to play music it won't load the .dll up whenever I inject it.
And my other question is that I don't see where the control to
put the back ground/icon on the trainer is. In vc++ 08 it
was kind of better, but I only installed vs10, because my
friend wouldn't teach me how to write the lines in 08 for making
a .dll trainer..

Could you help me with my questions please? Thank
you very much, and I am a bit knowledgable at AA
that deals with cheat engine, so it gets easier for me.
Also, great tutorial, keep up the good work.

[Nerrazzuri]

I also have a few questions. Whenever I put the media player
to play music it won't load the .dll up whenever I inject it.
And my other question is that I don't see where the control to
put the back ground/icon on the trainer is. In vc++ 08 it
was kind of better, but I only installed vs10, because my
friend wouldn't teach me how to write the lines in 08 for making
a .dll trainer..

Could you help me with my questions please? Thank
you very much, and I am a bit knowledgable at AA
that deals with cheat engine, so it gets easier for me.
Also, great tutorial, keep up the good work.

Why is media player has any relationship with dll injection?
For Dialog, background color, icon, and pictures need to use code to present to the Dialog frame.
VC2010 and VC2008 works the same, but Visual C++ doesn't support resource editor, so you'll have no Dialog form to make your GUI
2 options for you, either use Visual Studio, or ResEdit.

[sameswitch]

I downloaded Resource Hacker, and even ResEdit. Not even one of
them had an option to add a background image. Is there anyway
to convert the tutorial for win32 project? In the win32 project
I could add a windows form application. Everything would be in
the toolbox, but since you said resource isn't supported in
the c++ form I believe..

[Nerrazzuri]

I downloaded Resource Hacker, and even ResEdit. Not even one of
them had an option to add a background image. Is there anyway
to convert the tutorial for win32 project? In the win32 project
I could add a windows form application. Everything would be in
the toolbox, but since you said resource isn't supported in
the c++ form I believe..

Using Windows Form Application will make your coding method different.
I've uploaded the NRZBot 2.2 source which uses Windows Form Application.
Add me in MSN if you need my help.
nerrazzuri2002@hotmail.com

[francesco149]

Mhm. So i tryed converting 7 miss and making the amount of misses adjustable through a var... here's the codecave, but it's being weird. I get missed with KnockBack, and it always misses, it doesnt seem to stop when it reaches the set amount of misses. And i have no idea what could be wrong x__x

Code: Select all

void __declspec(naked) _stdcall MissCave() {
	_asm{
		mov [ebp+0x10],0x00//No KB
		inc [Misses]
		mov ecx,[miss_amount]
		cmp dword ptr [Misses],ecx//Miss Amount
		jg StopMiss
		mov [ebp+0x08],0x00//Dmg
		jmp [MISS_RET]
		StopMiss:
		mov [Misses],0x00
		jmp [MISS_RET]
	}
}

Declarations of the vars involved:

Code: Select all

DWORD Misses;
extern DWORD miss_amount		=	7;
DWORD MISS =			0x00A6031A; //39 5D 0C 75 ? 39 5D 10 74 ? 8B 45
DWORD MISS_RET =		(MISS+5);

Code for the checkbox:

Code: Select all

				case IDC_CHECK18:      
				checked = IsDlgButtonChecked(hwndDlg, IDC_CHECK18);
				GetDlgItemText(hwndDlg, IDC_EDIT11, buffer, 10);
				miss_amount = atoi(buffer);
				Miss(checked);
				break;

Code for Miss():

Code: Select all

VOID Miss(__in BOOL bEnable){
	if(bEnable){
		*(BYTE*)MISS = 0xE9;
		*(DWORD*)(MISS + 1) = jmp(MISS, MissCave);
	} else
		WriteAddress((LPVOID)MISS, MissGodClean,5);
}

[Nerrazzuri]

Mhm. So i tryed converting 7 miss and making the amount of misses adjustable through a var... here's the codecave, but it's being weird. I get missed with KnockBack, and it always misses, it doesnt seem to stop when it reaches the set amount of misses. And i have no idea what could be wrong x__x

Code: Select all

void __declspec(naked) _stdcall MissCave() {
	_asm{
		mov [ebp+0x10],0x00//No KB
		inc [Misses]
		mov ecx,[miss_amount]
		cmp dword ptr [Misses],ecx//Miss Amount
		jg StopMiss
		mov [ebp+0x08],0x00//Dmg
		jmp [MISS_RET]
		StopMiss:
		mov [Misses],0x00
		jmp [MISS_RET]
	}
}

Declarations of the vars involved:

Code: Select all

DWORD Misses;
extern DWORD miss_amount		=	7;
DWORD MISS =			0x00A6031A; //39 5D 0C 75 ? 39 5D 10 74 ? 8B 45
DWORD MISS_RET =		(MISS+5);

Code for the checkbox:

Code: Select all

				case IDC_CHECK18:      
				checked = IsDlgButtonChecked(hwndDlg, IDC_CHECK18);
				GetDlgItemText(hwndDlg, IDC_EDIT11, buffer, 10);
				miss_amount = atoi(buffer);
				Miss(checked);
				break;

Code for Miss():

Code: Select all

VOID Miss(__in BOOL bEnable){
	if(bEnable){
		*(BYTE*)MISS = 0xE9;
		*(DWORD*)(MISS + 1) = jmp(MISS, MissCave);
	} else
		WriteAddress((LPVOID)MISS, MissGodClean,5);
}

Post the original AA script and I'll see.

[francesco149]

Code: Select all

[enable]
alloc(7Miss,60)
label(7MissRet)

00A6031A:
jmp 7Miss
7MissRet:

7Miss:
mov [ebp+10],00//No KB
inc [7Miss+32]
cmp dword ptr [7Miss+32],07//Miss Amount
jg 7Miss+22
mov [ebp+08],00//Dmg
jmp 7MissRet
7Miss+22:
mov [7Miss+32],00
jmp 7MissRet

[disable]
00A6031A://39 5D 0C 75 ? 39 5D 10 74 ? 8B 45
db 39 5D 0C 75 05
dealloc(7Miss)

[Nerrazzuri]

Code: Select all

void __declspec(naked) _stdcall MissCave() {
   _asm{
      mov [ebp+0x10],0x00//No KB
      inc [Misses]
      mov ecx,[miss_amount]
      cmp dword ptr [Misses],[MissCount]
      jg StopMiss
      mov [ebp+0x08],0x00//Dmg
      jmp [MISS_RET]
      StopMiss:
      mov [Misses],0x00
      jmp [MISS_RET]
   }
}

And declare

Code: Select all

unsigned char MissCount;

which you'll have to set the MissCount by yourself. Not sure if work, but give it a try.

[francesco149]

I already use a var for desired misses, wich is miss_amount. Misses is how many times i got missed. Anyways, i just noticed that i forgot to initialize "Misses" to 0. But i still have the KB problem o_0. They miss me, but i get knockback wich is not supposed to happen.