ViperSRT3g
11-23-2008, 02:55 AM
Starcraft v1.15.3 Name Spoofing Tutorial Part 1
Written: 11/23/08
Author: ViperSRT3g
This Tutorial is part of a two part tutorial. The second half of this tutorial can be found here: [Part 2] (http://www.gamethreat.net/forums/hacking-tutorials/36446-vb6-name-spoofing-tutorial-part-2-a.html)
This tutorial will go over all the odds and ends of creating a working 1.15.3 Name Spoofer Using Visual Basic 6.
Software Needed:
Artmoney
Starcraft
Microsoft Visual Studio 6.0 (Last Version of Visual Basic 6)
Steps:
1. Getting your name in Artmoney
2. Creating your Visual Basic Project
3. Using Modules
4. Using Hotkeys
5. Temp Ban Protection
6. Color Spoofing!
Viper's VB6 Name Spoofing Tutorial
Getting your name in Artmoney
A vital process when making any hack is to find the offsets that you'll be using. So open up Artmoney, and open up Starcraft. Attach Artmoney to Starcraft in the dropdown Select process box. Log onto Bnet.
http://pages.vipersrt3g.com/NSTut01.png
We are now at the point where we can begin using Artmoney to find our name spoofing offset. This portion of the tutorial will be nearly exactly the same as Overflow's tutorial on Name Spoofing here: Overflow636's Name Spoofing Tutorial (http://www.bwhacks.com/forums/hacking-tutorials/983-advanced-name-spoofer-tutorial.html)
In Artmoney, click the Search button And search for your name.
http://pages.vipersrt3g.com/NSTut02.png
You'll be searching for a text type value, and in the value field, you enter your name exactly how it is (Case Sensitive).
http://pages.vipersrt3g.com/NSTut03.png
In my search, Artmoney found 4 offsets that contained my name in it.
http://pages.vipersrt3g.com/NSTut04.png
4 Offsets is a manageable number, so we can easily figure out which one is our real name spoofing offset. Click the Teal button to bring all the found offsets to the right side of the table so that we can work with them further.
http://pages.vipersrt3g.com/NSTut05.png
Now that we have our offsets on the right side of the table, we can now edit them in anyway we see fit.
http://pages.vipersrt3g.com/NSTut06.png
For those who do not know, Unicode is the type of byte arrangement that lets ASCII characters extend to support many languages. (Upwards of the 256 default characters) One of the only places in Starcraft where Unicode exists is in the channel chat area. So it is safe to say that our Unicode offset here is NOT our name spoofing offset. So let's delete it.
The last three remaining offsets all look very similar. They are not Unicode, they all contain the exact text that we may need, however they are in different regions of Starcraft's memory. The first offset starts off with 059, which basically means it's always in Starcraft's memory. The last two, start off with 190, which means they are only used when on Bnet. That means that our name spoofing offset is located in ONE of the two offsets that start with 190. So we can delete our first offset.
http://pages.vipersrt3g.com/NSTut07.png
Now that we are down to just two offsets, it's time to check to see which one will actually change our name. Go ahead and change the value of the first character in each name to a number, using consecutive numbers allows us to see which offset is which. The first offset was changed to 1iperGTSR3g. The Second offset was changed to 2iperGTSR3g as shown below.
http://pages.vipersrt3g.com/NSTut08.png
Now join a game in Starcraft to see which number the first letter in our names changed to. As you can see, our first offset is the right one! We can save both offsets however, for the second offset will be useful later. Now that we have our offsets, lets start making our Visual Basic Project!
http://pages.vipersrt3g.com/NSTut09.png
Creating your Visual Basic Project
1. Start up Microsoft Visual Studio 6.0
2. Choose create Standard EXE
3. Click the code button to set the editor to code mode (Similar to Dreamweaver's basic design)
Now that we are in the code writing process, we can set up the basics of any Visual Basic application.
The first line in any VB app should be the line "Option Explicit". The reason for this is because if you DON'T use it, you can save any type of value to any type of variable, without your compiler notifying you of this error. This could prove to be very problematic later, so just add it in.
Similar to C++, our VB Project will require certain "header files" before we continue. Our project will set up Hotkeys later on, so we will need our GetAsyncKeyState API. Your source coding should look like the following:
Option Explicit
Private Declare Function GetAsyncKeyState Lib "user32" (ByVal vKey As Long) As Integer
Now that we have our API included with our project, we can go ahead and add the meat and potatoes of our spoofer.
Click the "View Object" button to go back to editing the GUI of our project: http://pages.vipersrt3g.com/NSTut10.png
Add a button to our project by clicking the "CommandButton" tool: http://pages.vipersrt3g.com/NSTut12.png
Add a text box to our project by clicking the "TextBox" tool: http://pages.vipersrt3g.com/NSTut11.png
Your project should look roughly like the following.
http://pages.vipersrt3g.com/NSTut13.png
Now that we have our GUI created (Your free to make it look the way you want as much as you like) we can now add the coding in to make them do stuff! Double click the button you added in earlier to go back to the code viewer. The editor will automatically create coding for you when the button is actually pressed. Your coding should have automatically created the following code for you:
Private Sub Command1_Click()
End Sub
This code will be executed when the button gets clicked. Let's add a call to the function that will actually do the spoofing (Once we add the spoofing process in) Between the "Private Sub Command1_Click()" and "End Sub" lines include the following code:
Call Spoof
Once we add in the WriteProcessMemory module, we'll be able to set up our spoofing function that will get called when the button is clicked!
Using Modules
I have included the module here: modMemoryDP.bas (http://pages.vipersrt3g.com/modMemoryDP.bas)
Or you may download it via Logos' Siggy here: modMemoryDP.bas (http://www.bwhacks.com/forums/programming/28565-vb6-modmemory-bas-w-debug-privileges-sc-bw-v1-15-key-grabber-tutorial.html)
This Module will allow your Visual Basic project to read and write to and from Starcraft's memory!
Now to include the module into your project, simply go to the Project file window. Right click>Add> Module>(Existing if you saved the module)New if your copy pasting
Then simply navigate to where you saved the module, and it will be incorporated into your project!
http://pages.vipersrt3g.com/NSTut14.png
We can now create our Spoof process! In our form's code window, we can now include the following text right below our CommandButton text:
Private Sub Spoof()
Dim ret As Long 'Initializes the return variable that will help you in debugging
Dim hwnd As Long 'Initializes the variable to hold your process ID number
hwnd = modMemoryDP.FindWindow("SWarClass", "Brood War") 'Uses the module to find Brood War
If hwnd = 0 Then 'If it didnt find Brood War, it will look for Starcraft
hwnd = FindWindow("SWarClass", "Starcraft") 'Uses the module to find Starcraft
End If
'Writes your name to Starcraft's Memory
ret = modMemoryDP.PokeString(hwnd, &H19044EE8, Text1.Text & vbNullChar)
End Sub
If you want, you can use this as a standalone spoofer already, just press F5 or hit the Start button to run your program.
http://pages.vipersrt3g.com/NSTut15.png
Let me go in depth however, and explain to you what's being done here.
Dim hwnd As Long 'Initializes the variable to hold your process ID number
hwnd = modMemoryDP.FindWindow("SWarClass", "Brood War") 'Uses the module to find Brood War
If hwnd = 0 Then 'If it didnt find Brood War, it will look for Starcraft
hwnd = FindWindow("SWarClass", "Starcraft") 'Uses the module to find Starcraft
End If
This block of code here initializes the variable that will hold the process ID number of the program you intend to read or write memory to. It's purpose here, is to let the module know what program you intend to modify. Which in this case is Starcraft. The code below that, will find Starcraft for you, and if it cannot find Brood War, will look for Starcraft itself. This code right here was taken directly from Logos' CD Key grabber which you can also find here (http://www.bwhacks.com/forums/user-downloads/28513-starcraft-cd-key-number-grabber.html).
'Writes your name to Starcraft's Memory
ret = modMemoryDP.PokeString(hwnd, &H19044EE8, Text1.Text & vbNullChar)
This block of code is rather self explanatory, it is the line that actually writes to Starcraft's memory allowing you to spoof. If you have not touched anything, it should write "Text1" as your name because the textbox is created with the text "Text1" by default.
The "ret" variable allows you to put debugging processes into your program, such as notifying you if it successfully wrote to Starcraft's memory, without having to actually check in Starcraft.
"&H19044EE8" is the offset to write to. It can be copy pasted from the offset we found in the Artmoney table. "&H" preceding a number in VB6 means a hexadecimal number.
"Text1.Text & vbNullChar" Is the place your spoof is stored in. The "vbNullChar" is an automatic variable in Visual Basic that you do not need to initialize. It's hexadecimal and deximal value in the ASCII character chart is a plain and simple 0x00, or null as it's name implies. It's simply zeroed out memory that Starcraft looks for to let it know that it has reached the end of your name.
All GUI features in VB6 have a name, for our textbox, that name is "Text1" you can change it's name in the Properties form below.
http://pages.vipersrt3g.com/NSTut16.png
And all objects have many sub-object properties that fall under them. the ".Text" that is after "Text1" is an example of this. The Properties form displays a bunch of sub-object properties that you may alter, such as the textbox's height and width, it's position on your form, what text it may already contain by default, whether it's going to handle numbers, if it's going to be editable, or if it has a maximum character count. By modifying these, your able to customize your GUI to make it look like anything you can imagine.
Another important subject that arose from sub-object properties that has arisen is the actual amount of characters your able to use in a name. The default maximum is 15. However by spoofing, your able to obtain a maximum of 23 actual characters. We'll cover how to exceed this default without being disconnected later in this tutorial. So just to be safe, for now change the "MaxLength" property of the TextBox to 15.
http://pages.vipersrt3g.com/NSTut17.png
You now have a standalone Name Spoofer. You may continue on if you want to learn how to make your name spoofer accept hotkeys as well as provide temp ban protection for adding in colors or spoofing to more than the default 15 characters.
This concludes Part 1 of this Tutorial
Credits:
Many Thanks to LCSBSSRHXXX for his initial Name Spoofing help back in 2007.
Thanks to Logos for bettering the Visual Basic Module for writing to Memory.
And to Zonemikel for making me wanna make a tut ^^
Written: 11/23/08
Author: ViperSRT3g
This Tutorial is part of a two part tutorial. The second half of this tutorial can be found here: [Part 2] (http://www.gamethreat.net/forums/hacking-tutorials/36446-vb6-name-spoofing-tutorial-part-2-a.html)
This tutorial will go over all the odds and ends of creating a working 1.15.3 Name Spoofer Using Visual Basic 6.
Software Needed:
Artmoney
Starcraft
Microsoft Visual Studio 6.0 (Last Version of Visual Basic 6)
Steps:
1. Getting your name in Artmoney
2. Creating your Visual Basic Project
3. Using Modules
4. Using Hotkeys
5. Temp Ban Protection
6. Color Spoofing!
Viper's VB6 Name Spoofing Tutorial
Getting your name in Artmoney
A vital process when making any hack is to find the offsets that you'll be using. So open up Artmoney, and open up Starcraft. Attach Artmoney to Starcraft in the dropdown Select process box. Log onto Bnet.
http://pages.vipersrt3g.com/NSTut01.png
We are now at the point where we can begin using Artmoney to find our name spoofing offset. This portion of the tutorial will be nearly exactly the same as Overflow's tutorial on Name Spoofing here: Overflow636's Name Spoofing Tutorial (http://www.bwhacks.com/forums/hacking-tutorials/983-advanced-name-spoofer-tutorial.html)
In Artmoney, click the Search button And search for your name.
http://pages.vipersrt3g.com/NSTut02.png
You'll be searching for a text type value, and in the value field, you enter your name exactly how it is (Case Sensitive).
http://pages.vipersrt3g.com/NSTut03.png
In my search, Artmoney found 4 offsets that contained my name in it.
http://pages.vipersrt3g.com/NSTut04.png
4 Offsets is a manageable number, so we can easily figure out which one is our real name spoofing offset. Click the Teal button to bring all the found offsets to the right side of the table so that we can work with them further.
http://pages.vipersrt3g.com/NSTut05.png
Now that we have our offsets on the right side of the table, we can now edit them in anyway we see fit.
http://pages.vipersrt3g.com/NSTut06.png
For those who do not know, Unicode is the type of byte arrangement that lets ASCII characters extend to support many languages. (Upwards of the 256 default characters) One of the only places in Starcraft where Unicode exists is in the channel chat area. So it is safe to say that our Unicode offset here is NOT our name spoofing offset. So let's delete it.
The last three remaining offsets all look very similar. They are not Unicode, they all contain the exact text that we may need, however they are in different regions of Starcraft's memory. The first offset starts off with 059, which basically means it's always in Starcraft's memory. The last two, start off with 190, which means they are only used when on Bnet. That means that our name spoofing offset is located in ONE of the two offsets that start with 190. So we can delete our first offset.
http://pages.vipersrt3g.com/NSTut07.png
Now that we are down to just two offsets, it's time to check to see which one will actually change our name. Go ahead and change the value of the first character in each name to a number, using consecutive numbers allows us to see which offset is which. The first offset was changed to 1iperGTSR3g. The Second offset was changed to 2iperGTSR3g as shown below.
http://pages.vipersrt3g.com/NSTut08.png
Now join a game in Starcraft to see which number the first letter in our names changed to. As you can see, our first offset is the right one! We can save both offsets however, for the second offset will be useful later. Now that we have our offsets, lets start making our Visual Basic Project!
http://pages.vipersrt3g.com/NSTut09.png
Creating your Visual Basic Project
1. Start up Microsoft Visual Studio 6.0
2. Choose create Standard EXE
3. Click the code button to set the editor to code mode (Similar to Dreamweaver's basic design)
Now that we are in the code writing process, we can set up the basics of any Visual Basic application.
The first line in any VB app should be the line "Option Explicit". The reason for this is because if you DON'T use it, you can save any type of value to any type of variable, without your compiler notifying you of this error. This could prove to be very problematic later, so just add it in.
Similar to C++, our VB Project will require certain "header files" before we continue. Our project will set up Hotkeys later on, so we will need our GetAsyncKeyState API. Your source coding should look like the following:
Option Explicit
Private Declare Function GetAsyncKeyState Lib "user32" (ByVal vKey As Long) As Integer
Now that we have our API included with our project, we can go ahead and add the meat and potatoes of our spoofer.
Click the "View Object" button to go back to editing the GUI of our project: http://pages.vipersrt3g.com/NSTut10.png
Add a button to our project by clicking the "CommandButton" tool: http://pages.vipersrt3g.com/NSTut12.png
Add a text box to our project by clicking the "TextBox" tool: http://pages.vipersrt3g.com/NSTut11.png
Your project should look roughly like the following.
http://pages.vipersrt3g.com/NSTut13.png
Now that we have our GUI created (Your free to make it look the way you want as much as you like) we can now add the coding in to make them do stuff! Double click the button you added in earlier to go back to the code viewer. The editor will automatically create coding for you when the button is actually pressed. Your coding should have automatically created the following code for you:
Private Sub Command1_Click()
End Sub
This code will be executed when the button gets clicked. Let's add a call to the function that will actually do the spoofing (Once we add the spoofing process in) Between the "Private Sub Command1_Click()" and "End Sub" lines include the following code:
Call Spoof
Once we add in the WriteProcessMemory module, we'll be able to set up our spoofing function that will get called when the button is clicked!
Using Modules
I have included the module here: modMemoryDP.bas (http://pages.vipersrt3g.com/modMemoryDP.bas)
Or you may download it via Logos' Siggy here: modMemoryDP.bas (http://www.bwhacks.com/forums/programming/28565-vb6-modmemory-bas-w-debug-privileges-sc-bw-v1-15-key-grabber-tutorial.html)
This Module will allow your Visual Basic project to read and write to and from Starcraft's memory!
Now to include the module into your project, simply go to the Project file window. Right click>Add> Module>(Existing if you saved the module)New if your copy pasting
Then simply navigate to where you saved the module, and it will be incorporated into your project!
http://pages.vipersrt3g.com/NSTut14.png
We can now create our Spoof process! In our form's code window, we can now include the following text right below our CommandButton text:
Private Sub Spoof()
Dim ret As Long 'Initializes the return variable that will help you in debugging
Dim hwnd As Long 'Initializes the variable to hold your process ID number
hwnd = modMemoryDP.FindWindow("SWarClass", "Brood War") 'Uses the module to find Brood War
If hwnd = 0 Then 'If it didnt find Brood War, it will look for Starcraft
hwnd = FindWindow("SWarClass", "Starcraft") 'Uses the module to find Starcraft
End If
'Writes your name to Starcraft's Memory
ret = modMemoryDP.PokeString(hwnd, &H19044EE8, Text1.Text & vbNullChar)
End Sub
If you want, you can use this as a standalone spoofer already, just press F5 or hit the Start button to run your program.
http://pages.vipersrt3g.com/NSTut15.png
Let me go in depth however, and explain to you what's being done here.
Dim hwnd As Long 'Initializes the variable to hold your process ID number
hwnd = modMemoryDP.FindWindow("SWarClass", "Brood War") 'Uses the module to find Brood War
If hwnd = 0 Then 'If it didnt find Brood War, it will look for Starcraft
hwnd = FindWindow("SWarClass", "Starcraft") 'Uses the module to find Starcraft
End If
This block of code here initializes the variable that will hold the process ID number of the program you intend to read or write memory to. It's purpose here, is to let the module know what program you intend to modify. Which in this case is Starcraft. The code below that, will find Starcraft for you, and if it cannot find Brood War, will look for Starcraft itself. This code right here was taken directly from Logos' CD Key grabber which you can also find here (http://www.bwhacks.com/forums/user-downloads/28513-starcraft-cd-key-number-grabber.html).
'Writes your name to Starcraft's Memory
ret = modMemoryDP.PokeString(hwnd, &H19044EE8, Text1.Text & vbNullChar)
This block of code is rather self explanatory, it is the line that actually writes to Starcraft's memory allowing you to spoof. If you have not touched anything, it should write "Text1" as your name because the textbox is created with the text "Text1" by default.
The "ret" variable allows you to put debugging processes into your program, such as notifying you if it successfully wrote to Starcraft's memory, without having to actually check in Starcraft.
"&H19044EE8" is the offset to write to. It can be copy pasted from the offset we found in the Artmoney table. "&H" preceding a number in VB6 means a hexadecimal number.
"Text1.Text & vbNullChar" Is the place your spoof is stored in. The "vbNullChar" is an automatic variable in Visual Basic that you do not need to initialize. It's hexadecimal and deximal value in the ASCII character chart is a plain and simple 0x00, or null as it's name implies. It's simply zeroed out memory that Starcraft looks for to let it know that it has reached the end of your name.
All GUI features in VB6 have a name, for our textbox, that name is "Text1" you can change it's name in the Properties form below.
http://pages.vipersrt3g.com/NSTut16.png
And all objects have many sub-object properties that fall under them. the ".Text" that is after "Text1" is an example of this. The Properties form displays a bunch of sub-object properties that you may alter, such as the textbox's height and width, it's position on your form, what text it may already contain by default, whether it's going to handle numbers, if it's going to be editable, or if it has a maximum character count. By modifying these, your able to customize your GUI to make it look like anything you can imagine.
Another important subject that arose from sub-object properties that has arisen is the actual amount of characters your able to use in a name. The default maximum is 15. However by spoofing, your able to obtain a maximum of 23 actual characters. We'll cover how to exceed this default without being disconnected later in this tutorial. So just to be safe, for now change the "MaxLength" property of the TextBox to 15.
http://pages.vipersrt3g.com/NSTut17.png
You now have a standalone Name Spoofer. You may continue on if you want to learn how to make your name spoofer accept hotkeys as well as provide temp ban protection for adding in colors or spoofing to more than the default 15 characters.
This concludes Part 1 of this Tutorial
Credits:
Many Thanks to LCSBSSRHXXX for his initial Name Spoofing help back in 2007.
Thanks to Logos for bettering the Visual Basic Module for writing to Memory.
And to Zonemikel for making me wanna make a tut ^^