(C++) Function Detouring Tutorial (Internal Game Hacking)
Vložit
- čas přidán 7. 07. 2024
- My first internal game hacking video, hopefully more on the way! :D
Join my server if you need help or want to chat! / discord
Source code and more on my patreon / nullterminator !
Nullbase: github.com/NullTerminatorr/Nu...
![Function hooking, detours, inline asm & code caves [Game Hacking 101]](http://i.ytimg.com/vi/e4HZgx3A-wk/mqdefault.jpg)
![Function hooking, detours, inline asm & code caves [Game Hacking 101]](/img/tr.png)
do an assembly tutorial please, there is really not much about it. good content as always tho.
that was a very good explanation at the beginning!
Please could you explain how to convert this to x64, since _asm is not aupported
Why do you have len when it doesnt even matter because the relative address can only be 4 bytes long and the jmp is always 1 byte long?
heya! this video is kinda old i know, i know. but just in case you're going to read this or.. anyone else with the proper experience.. i followed the tutorial and did end up with the same result, i also tried to rewrite it on my own a few times and happened to bump into things i can't quite explain. what's the reason for such return types we have to use for the dllmain and the actual thread, i seem being able to execute the code no matter if i leave the winapi out or use void as return type etc... kinda puzzling. also is there any reason we use DWORD as datatype instead of uintptr_t? it doesn't matter probably but i'm not sure. also i tried to write different assembly in my method but it doesn't change anything apparently. i checked the memory address in cheat engine and it does correctly jump into my function and NOPs the bytes i wanted to overwrite but it seems my assembly doesn't have any effect on the application (it's pretty much the same one you showed, probably slightly different but same procedure). when i put some console log in there instead it does actually print whatever i included in the console but assembly doesn't seem to work for me. i included the assembly past my console log to get back in memory so that works heh. if you have any idea i would really appreciate the help, thanks a lot for the video anyway it was really helpful and combined with other material very good material to get a better understanding of the topic!
which option you selected in new project->C/C++-> WHICH option? is it .dll or windows console?
Hi mate, great tutorial. I was just wondering, why would you use internal over external? They seem to both do the same thing. Is it something to do with speed or detections or something? Just wanna know xD
cheers Pete :)
Thanks! Basically, they are both very different and allow you to do vastly different things but one isn't always better than the other it just depends on whats best for you :)
@@null7953 Ohh I see. Thanks for the reply my dude. Also could you make a tutorial on how to make an esp? I know you've made one in your multihack tutorial, but I like voice tuts better. Cheers :)
Hey you didn't nop the unused bytes, what happened to those 3 unused bytes? are they auto nop'ed by the compiler?
nice one. keep it up!
yay
king
how do you know that the hp is stored on the eax register?
22:51 I like that Fu*********** folder
Thanks. assembly tutorial would be cool
thank you
You used 8 bytes for those two lines in the assembly, but only overrode the first 5 bytes, what happened to the remaining 3 bytes? Does it just sit there and do nothing?
When you jmp forward, it uses relative adress, but when you embed assembly code to jmp backward, it uses the absolute address, is this the intended behavior?
In your custom assembly code, you change the assembly to sub eax, 0, but never mov the eax back to the original value, this seems a bit misleading. For instance, if I do sub eax, 999, the value will in fact remain unchanged due to I never mov the eax back.
I havent seen the video fully yet. But usually if you remove more bytes than you need, you fill in the gaps with no ops
edit: in this case you would need 3 no ops then.
edit2: I watched the video fully now. he jumped forward 8 bytes from the hook so the program should continue as usual
@@marcelgraf5520 I'm pretty sure what they're talking about is the fact that he broke the line of code that comes after sub eax,7 and never restored it, he just skipped it. What he should've done (although it doesn't matter in this example, sub eax,0 is already silly when you could just nop it directly) is to add the next line of code to his code injection, as in some cases it could make the game crash
great tutorial. Will this work in x64 processes too? inline assembly doesn't work in x64 architecture visual studio. but what about the detour you showed?
no it wont, for x64 it's different because the jmp instruction is FF 25 00 00 00 00, etc it has 14 bytes minimum
How do I make it externally?
Can you make a tutorial about internal game hacking
nice tut
my man is epic
thx
Dude I love your tutorials, I downloaded them all and I really want and hope to learn this stuff :) Because I love catching cheaters and I need to know how shit works before catching them, I'm not catching CSGO cheaters in particular but I do love to check pc's remotely in 1.6.
Also I'll donate whenever I can, I promise :)
deprcsgo Appreciate it!
finally i found game hacking videos thank help me alot . can you make video persent1 hook or expl the consept hook bro ?
or you can read the current value, compare it with when it changed and add the result, it works better if the health taken is random, like getting shot by different weapons
skrt skrt nice voice
Assembly tutorial plz? Also sick beats. Its sex musik
okay
Error LNK1120 1 unresolved externals Function Detouring Tutorial C:\Users\oneon\source
epos\Function Detouring Tutorial\Debug\Function Detouring Tutorial.exe 1
Error LNK2019 unresolved external symbol _main referenced in function "int __cdecl invoke_main(void)" (?invoke_main@@YAHXZ) Function Detouring Tutorial
How do I fix this?
nvm got it
@@-dead-3787 How?
jmp inside _declspec(naked) void ourFunc() dont return to right address.
Please could you explain how to convert this to x64, since _asm is _declspec(naked) not aupported