Xemectrum

The community that will never stop discussing!
https://xemectrum.guyz92.men/

[Tut]How to make a dll trainer

https://xemectrum.guyz92.men/viewtopic.php?t=1650

Page 1 of 10

[Tut]How to make a dll trainer

Posted: Thu May 27, 2010 5:24 pm
by Nerrazzuri
DO NOT LEECH THIS TO GZN or else it will be deleted.
Well since a lot of you guys asking me on how to make a trainer, I'll just post a tutorial on how to make a simple trainer like I've released. This was a total spoon feed so it will be copy and paste and edit. First, there are few things you need:
1. Microsoft Visual Studio 2010
2. A lil knowledge about Assembly.

Ok, let's start this. Run your Microsoft Visual Studio 2010. Click New Project->Win32 and Enter your Project name. Lets say Trainer. Click Ok and next, choose DLL and Empty project. Now you are in Trainer.cpp blank page. Ok, now go Solution Explorer(You could find it easily a View tab) and you'll see 4 things there:
1. External Dependencies
2. Header Files
3. Resource Files
4. Source Files

Image

Now you need to add in a few files inside these folders to make it work. To add a file, simply right click->Add and choose your extension. For Header Files, choose .h extension. For Source Files, choose .cpp extension. I'm lazy so I posted a screenshot for you all to look at, add all the files inside the screenshot.

Image



Ok, if you follow my simple tutorial, these would be your files to make your first dll trainer. We'll use the most simple example for this tutorial.Super tubi.

Code: Select all

//Tubi(Updated by nerrazzuri msea v93)
[enable] 
00488AA6: //75 ? 83 7C 24 ? ? 75 ? 8B ? ? ? ? ? FF 70 ? 83 C0 ? 50 
DB 90 90 
[disable] 
00488AA6: //75 ? 83 7C 24 ? ? 75 ? 8B ? ? ? ? ? FF 70 ? 83 C0 ? 50 
jne 00488ADE //byte 75 36
Now, Open up your Trainer.h and paste the codes below into it.

Code: Select all

#pragma comment(linker,"/manifestdependency:\"type='win32' name='Microsoft.Windows.Common-Controls' version='6.0.0.0' processorArchitecture='*' publicKeyToken='6595b64144ccf1df' language='*'\"")
#include <Windows.h>
#include <tchar.h>

//ADD HACKS BELOW *THIS IS KINDA LIKE A LIST OF THE HACKS YOU ARE ADDING*

void SuperTubi(__in BOOL bEnable);//To add in more hacks, simply copy this line and paste it at the bottom, and change the name SuperTubi to others for example NoKnockBack.
This is where you declare the header of your hacks.
After you have done, now we move to the part where everyone loves, GUI. Go back to the Solution Explorer->Right Click at the Resource Files. Add a Resource(not item) and choose Dialog(DO NOT CLICK THE +, click Dialog and click new and you'll bring to a Dialog Box which is like below:
Image

Add in a checkbox at the Dialog Editor(You can found it easily at View->Toolbars) like mine below.
Image

You could resize your Dialog Box and the size you edited will be show up while you inject into the game.

Open up, dllmain.h and paste this inside.

Code: Select all

#include <Windows.h>
#include <tchar.h>


extern HINSTANCE g_h_main_instance;
And finally your gui.h

Code: Select all

#include <Windows.h>
#include <stdlib.h>
#include <CommCtrl.h>

#include "resource.h"



DWORD WINAPI CreateGUIThread(__in LPVOID lParam);
INT_PTR CALLBACK DialogProc(__in HWND hwndDlg,__in UINT uMsg,__in WPARAM wParam,__in LPARAM lParam);
Now go to your Source Files, and open up your dllmain.cpp and paste this

Code: Select all

#include "dllmain.h"
#include "gui.h"

HINSTANCE g_h_main_instance;

BOOL WINAPI DllMain(__in HINSTANCE hinstDLL, __in DWORD fdwReason, __in LPVOID lpvReserved)
{
  switch(fdwReason)
  {
  case DLL_PROCESS_ATTACH:
    g_h_main_instance = hinstDLL;     
    DisableThreadLibraryCalls(hinstDLL);     
    CreateThread(0, 0, CreateGUIThread, 0, 0, 0); 
    break;
  }
  return TRUE;
}
This is the place to call your dll thread to run on.

And your gui.cpp

Code: Select all

#include "gui.h"
#include "dllmain.h"
#include "Trainer.h"

DWORD WINAPI CreateGUIThread(__in LPVOID lParam)
{
	DialogBox(g_h_main_instance, MAKEINTRESOURCE(IDD_DIALOG1), 0, DialogProc);
	return 0;
}

INT_PTR CALLBACK DialogProc(__in HWND hwndDlg,__in UINT uMsg,__in WPARAM wParam,__in LPARAM lParam)
{
	int checked;

	switch(uMsg)
	{
	case WM_INITDIALOG: //To initiate the dialog box

		return TRUE;

	case WM_COMMAND: //This is where you run your control. The control will let you connect your hacks with the checkboxes.
		switch(LOWORD(wParam))
		{
		        case IDC_CHECK1:      
			checked = IsDlgButtonChecked(hwndDlg, IDC_CHECK1);//check if the check box is checked.
			SuperTubi(checked);//if checkbox checked, read SuperTubi in the Trainer.h and if valid, search the code named under the header SuperTubi in Trainer.cpp
			break;  
			}
		break;

	case WM_CLOSE:// end your dialog if you click the X button.
		EndDialog(hwndDlg, 0);
		break;
	}

	return 0;
}
This is the place you can declare your control on your hacks. For example, if you want to add in more hacks in your trainer, simply add a checkbox and add a check for it.

Re: [Tut]How to make a dll trainer

Posted: Thu May 27, 2010 5:24 pm
by Nerrazzuri
Ok, now finally, open up your Trainer.cpp, add this

Code: Select all

#include "Trainer.h"

BOOL WriteAddress(__in LPVOID lpcvBase, __in LPCVOID lpcvWriteValue, __in size_t uSize)
{
	DWORD old_protection = 0;

	__try 
	{  
		if(VirtualProtect(lpcvBase, uSize, PAGE_READWRITE, &old_protection)) 
		{
			memcpy_s(lpcvBase, uSize, lpcvWriteValue, uSize);
			VirtualProtect(lpcvBase, uSize, old_protection, &old_protection);
		}
		else
			return FALSE;
	}  
	__except(EXCEPTION_EXECUTE_HANDLER) 
	{		
		return FALSE;
	}
	return TRUE;
}

VOID SuperTubi(__in BOOL bEnable)
{
	static BYTE normalbytes[] = {0x75, 0x36}; //DISABLED bytes of the hack
	static BYTE hackonbytes[] = {0x90, 0x90}; //ENABLED bytes of the hack
	static DWORD HackAddr = 0x00488AA6; //Address of the hack

	if(bEnable)
		WriteAddress((LPVOID)HackAddr, hackonbytes, 2); //Number of ENABLED bytes...
	else
		WriteAddress((LPVOID)HackAddr, normalbytes, 2); //Number of DISABLED bytes...
}
Well, this is the main part of the codes. I'll explain it 1 by 1, follow me tightly. Firstly you need to know the bytes for the hacks. Simply open Cheat Engine and go to the address and you'll see something like 00488AA6(Address)-75 36(Bytes)-jne 00488ADE(Opcodes). Copy down the bytes part.

Code: Select all

static BYTE normalbytes[] = {0x75, 0x36};
Your original bytes.(The one found in Cheat Engine.)

Code: Select all

static BYTE hackonbytes[] = {0x90, 0x90};
Your edited bytes.(90 = nop = do nothing)

Code: Select all

static DWORD HackAddr = 0x00488AA6;
Your hack address.

Code: Select all

WriteAddress((LPVOID)HackAddr, hackonbytes, 2);
The bytes you need to activate the hacks. (Super tubi have 2 because 90 90, so if your hack bytes are 90 90 90, then change the 2 to 3)

Code: Select all

WriteAddress((LPVOID)HackAddr, normalbytes, 2);
Your disable bytes amount.(Change it if you have different amount)

Now you have your done your Trainer.cpp, go to gui.cpp. If you have more checkbox to tick with, do it like me.
Image

The IDC_CHECK1 is your checkbox ID to find it, back to Solution Explorer->Resource Files->Dialog->Double click your Dialog Box, and right click your check box and select properties. There will be a properties box beside(either on left or right) and find the (Name) and it would be your check box name. Change both the IDC_CHECK1 to your check box name. And lastly, Change the SuperTubi name to the hack name you've declared in the Trainer.h(must exactly the same) and you are done!

Click the save all button at the top(I assume you could search yourself) and click Build->Build Solution to see whether there is error or not. If your codes are perfectly done, go back to Solution Explorer, right click the Solution 'Trainer' (1 project) and select Configuration Manager. Change Debug to Release and go back to Build and click Rebuild Solution. And CONGRATULATIONS! You have just done your first dll trainer!.

To find your dll, simply go My Document->Visual Studio 2010->Project->Trainer->Release.

Well, that's all from my tutorial, hope you'll have fun making your own trainer. Good Luck guys!

Credit:
Goomba @GK for the teaching me how to do it.
Me, for typing this freaking long tutorial :D

[Download Link]
Microsoft Visual Studio 2010 with Activation Key
Mirror

Re: [Tut]How to make a dll trainer

Posted: Thu May 27, 2010 8:14 pm
by wizme
very nice =)

Re: [Tut]How to make a dll trainer

Posted: Fri May 28, 2010 12:15 am
by Nerrazzuri
Thanks.

Edit : Edited using

Code: Select all

 instead of [quote], just realize there is a [code] function there LOL.

Re: [Tut]How to make a dll trainer

Posted: Fri May 28, 2010 1:16 pm
by Nerrazzuri
So sad, 75 view with 1 person reply. OMG, I type this for so long, at least let me know this tutorial is good or not. Your feedback is my power to work on guys. :D :D :D :D :D :D

Re: [Tut]How to make a dll trainer

Posted: Fri May 28, 2010 1:19 pm
by erogappa
thx nerrazzuri ! now i can try to my own trainer ... lol .

Re: [Tut]How to make a dll trainer

Posted: Fri May 28, 2010 2:49 pm
by Chance
hehehe , great tutorial !
;D
Image

-edit-
how come when I click add a resource , i get :
The operation could not be completed. Unspecified error
Image

Re: [Tut]How to make a dll trainer

Posted: Fri May 28, 2010 5:38 pm
by Nerrazzuri
Chance wrote:hehehe , great tutorial !
;D
Image

-edit-
how come when I click add a resource , i get :
The operation could not be completed. Unspecified error
Image
dude, your void shouldn't be //.
That was your title of your hacks, without it, the checkboxes cannot find which hacks to be activated.

Remake the whole thing.

Re: [Tut]How to make a dll trainer

Posted: Fri May 28, 2010 8:25 pm
by Chance
-edit-
lol , didnt realise that . thanks for your help nerrazzuri !

erm what if the bytes is something like : add eax,00000000
and : mov [ebp+0c],00//KB
inc [7Miss+32]
cmp dword ptr [7Miss+32],07//Miss Amount
jg 7Miss+22
mov [ebp+08],00//Dmg
jmp 7MissRet
7Miss+22:
mov [7Miss+32],00
jmp 7MissReta
and : jmp 0049337a

?

Re: [Tut]How to make a dll trainer

Posted: Fri May 28, 2010 9:03 pm
by Nerrazzuri
Chance wrote:-edit-
lol , didnt realise that . thanks for your help nerrazzuri !

erm what if the bytes is something like : add eax,00000000
and : mov [ebp+0c],00//KB
inc [7Miss+32]
cmp dword ptr [7Miss+32],07//Miss Amount
jg 7Miss+22
mov [ebp+08],00//Dmg
jmp 7MissRet
7Miss+22:
mov [7Miss+32],00
jmp 7MissReta
and : jmp 0049337a

?
That one you need to use codecave script instead of using the bytes directly. This is not a simple one to do it, you have to master C++ to really understand how to do.
All times are UTC+08:00
Page 1 of 10

Powered by phpBB® Forum Software © phpBB Limited