Help getting information from a non managed programme.

[garyusenet]

Program is witten in C++ and runs on my windows xp computer. It is a
game, but I have been struggling with this project for weeks now so
would appreciate some help - although I understand what i'm trying to
do is quite advanced. I'm doing this more as a learning excercise where
the means is more important than the end.

When you press 'caps lock' in the programme a heads up type overview is
placed on the screen. The overview consists of coloured squares
representing friends or foe. The squares are different colours
depending on if they represent a friend or a foe. In addition to these
small coloured squares shaded blocks are displayed which indicate the
walls in the room (the parts you can't walk through).

When you press 'caps lock' a second time the heads up view vanishes, so
'caps lock' toggles the view. When the heads up view is displayed you
can walk around as normal it's just a overlay that appears on the
screen.

What I would like to do is create a form which recreates this overlay.
So basically I would open the game and then open my form and the form
would display the same heads up view (or similiar) to what you get when
you press 'caps lock' in the game.

How do I do this please? Any ideas would be appreciated, because this
project is consuming too many of my weekends now without making any
progress!

Many Thanks,

Gary-

 

[Carl Frisk]

Try,

microsoft.public.vc.language

 

[garyusenet]

Carl, im writing this in C#

Try,

microsoft.public.vc.language
--
...Carl Frisk
Anger is a brief madness.
- Horace, 20 B.C.
http://www.carlfrisk.com

 

[rossum]

What I would like to do is create a form which recreates this overlay.
So basically I would open the game and then open my form and the form
would display the same heads up view (or similiar) to what you get when
you press 'caps lock' in the game.

What problems are you having?

Do you need help on how to read the Caps Lock key? Look at the
KeyDown, KeyPress and KeyUp events.

Do you need help with setting a transparent background for your
overlay?

If you can be more specific then we can give you more help.

rossum

 

[Lucian Wischik]

What I would like to do is create a form which recreates this overlay.
So basically I would open the game and then open my form and the form
would display the same heads up view (or similiar) to what you get when
you press 'caps lock' in the game.

Clarify:

can you alter the source code of the game?

are you trying to get real data from the game, or just trying to learn
how to pop up an overlay?

 

[garyusenet]

Thankyou sorry if i was vague.
I'm trying to get real data from the game. I dont have source code for
the game.

So far I have come to the conclusion (rightly or wrongly) that i need
to use P/Invoke and use functions of kernel32.dll for reading memory.
But I dont know where to start looking for what parts of memory i
should be reading etc.. I've never done anything like this before and
am struggling to make a start.

I hope I have clarified a bit, please ask if i need to clarify more.

Thankyou,

Gary-

 

[Lucian Wischik]

So far I have come to the conclusion (rightly or wrongly) that i need
to use P/Invoke and use functions of kernel32.dll for reading memory.
But I dont know where to start looking for what parts of memory i
should be reading etc.. I've never done anything like this before and
am struggling to make a start.

This is one of the most difficult reverse-engineering tasks there is!
And people in this newsgroup are oriented towards high-level
programming rather than low-level reverse engineering. If you want
advice on the reverse-engineering, what you'd have to do is explain
clearly and in detail how the game works, what its user-interface is
like, who wrote it, what's its name, ... And even then you're unlikely
to get useful advice.

I can tell you how I've gone about reverse-engineering stuff.

(1) To reverse engineer a binary file format, I created some example
files in the application, saved them to disk, printed out a binary
dump of them, and just stared at them looking for patterns. Finding
more and more patterns. Figure out what are the blocks, what is the
block architecture.

(2) To reverse engineer how win95 screensavers worked, I loaded a
screensaver in a debugger (Borland C++Builder) and stepped through the
machine code step by step.

(3) To disable copy-protection on one of my games, I loaded it up in
the debugger and looked for a call to the DialogBox API function which
popped up "please insert the CD in your primary CD drive". Set the
breakpoint here. And looked at the callstack when it got here.

(4) To hack a game, I took a note of the number of my current health
points in the game. Saved a snapshot of the game's memory state. Then
searched through the memory looking for that number. Figured out the
surrounding data-structures.

It sounds like you want to query the game's map. This will be like a
combination of (1) and (4), but much more difficult, because the map
will be stored in some game-specific format, not just plain numbers.


If it's a network game then it might be easier to sniff network
packets.

 

[Carl Frisk]

Oh. I just saw the Program written in C++ and non managed in the subject line with no reference that you are writing an
add-on in something else like C#.

You do have an interesting task ahead in reverse engineering the C++ code. Without the source and or an API you are
going to have to see what is exposed publicly. Try using Dependency Walker http://www.dependencywalker.com/ and or
Spy++ which comes with VS 200x. You don't mention which application you are attempting to hook into. That would help.

With that said C# may not be my 1st choice. C++ most likely would be so I would have ready use of pointers. But that's
my own style of course. A lot of games have APIs to accomplish just what you are trying to do.

 

[garyusenet]

hmm thanks Lucian lots to think about there

This is one of the most difficult reverse-engineering tasks there is!
And people in this newsgroup are oriented towards high-level
programming rather than low-level reverse engineering. If you want
advice on the reverse-engineering, what you'd have to do is explain
clearly and in detail how the game works, what its user-interface is
like, who wrote it, what's its name, ... And even then you're unlikely
to get useful advice.

I can tell you how I've gone about reverse-engineering stuff.

(1) To reverse engineer a binary file format, I created some example
files in the application, saved them to disk, printed out a binary
dump of them, and just stared at them looking for patterns. Finding
more and more patterns. Figure out what are the blocks, what is the
block architecture.

(2) To reverse engineer how win95 screensavers worked, I loaded a
screensaver in a debugger (Borland C++Builder) and stepped through the
machine code step by step.

(3) To disable copy-protection on one of my games, I loaded it up in
the debugger and looked for a call to the DialogBox API function which
popped up "please insert the CD in your primary CD drive". Set the
breakpoint here. And looked at the callstack when it got here.

(4) To hack a game, I took a note of the number of my current health
points in the game. Saved a snapshot of the game's memory state. Then
searched through the memory looking for that number. Figured out the
surrounding data-structures.

It sounds like you want to query the game's map. This will be like a
combination of (1) and (4), but much more difficult, because the map
will be stored in some game-specific format, not just plain numbers.


If it's a network game then it might be easier to sniff network
packets.