PDA

View Full Version : Titan's ModMemory.bas Tutorial



OverFlow636
07-08-2004, 08:25 PM
Reading/Writing Memory in VB6
Using NAATYE’s ModMemory.bas
Written by: Titan
Date: 7/8/2004

I’m writing this tutorial/guide on how to use the ModMemory module created by NAATYE that allows easy memory editing through VB6. I prefer VB6 to edit memory; it’s a cleaner “WYSIWYG” programming language and, in my opinion, produces a better looking end program. Anyways, here it goes.

Part 1: Basics

What you’ll need:
Visual Basic 6
ModMemory.bas - http://www.gamethreat.com/gt/forum/index.php?download=13

Optional:
Starcraft Brood War (if you want to test the examples)
TSearch

To start, download the ModMemory.bas from the site above. What it is is a VB6 module that has the functions for reading/writing memory. If you look at it and are confused, it’s ok. You don’t need to what NAATYE is doing; all you need to know is how to use it. This is what I’m here to explain.

Next, start a new Visual Basic 6 project. Go to Project > Add Module and find ModMemory.bas(wherever you downloaded it to). When you add it to your project you should see in the Project Properties window (upper right corner) that you have a new “Modules” folder. If ModMemory.bas is there then you’re ready to move onto the next step.

Part 2: Poking an Integer

Now, I’ll guide you through how to change to Low Latency. Note, I’ll just give you the address no searching needed. First, double click your form to show the code for Form_Load(). You want to make Form_Load() look like this:


Dim wName as Long
Private Sub Form_Load()
? ? wName = FindWindow("SWarClass", "Brood War")
End Sub


This just finds the handle for your currently open Brood War window, you don’t need to know what this means, but it is required. Next, make a button and name it Low_Latency. Then double-click it to write the code for Low_Latency_Click(). Here’s what you need to write an integer value.


Private Sub Low_Latency_Click()
? ? Dim x As Integer
? ? x = PokeInteger(wName, 6616248, 0)
End Sub


Well that’s it. Run the program and Brood War. Set network to Extra High Latency and then click your button. When you go back to Network you’ll see it has changed to low. 6616248… that doesn’t look like the address you found in TSearch? Well, keep reading and make note of the Part 4.


Part 3: Using the Other Functions in ModMemory

Well, poking an integer is not the only thing ModMemory can do. Here is a brief look at using the other functions in this module. I’ll only put in the ones I’ve used so far. After you know how to use a few of them, it will be easy to figure out how to use the rest.

PokeInteger(): See above.
PeekInteger():


? ? Dim x As Integer
? ? x = PeekInteger(wName, 6616248)

This will “peek” or read from address 6616248 and store it’s value in x.

PokeString():


? ? Dim x As Integer
? ? x = PokeString(wName, 19035310, Spoof.Text)
End Sub


This will poke a string into address 190535310. This will spoof your name to whatever is in the textbox “Spoof”.

Others: PeekString(), PeekLong(), PeekByte(), PeekBytes(), PokeLong(), PokeByte(), PokeBytes().
Basically, as long as you get the general idea you can figure out the others.

Part 4: Translating Your Address for ModMemory

Hopefully you have noticed that if you find the offset for latency, it is 64F4B8. If you try to use that offset in the functions it will not work. What needs to be done is(using TSearch), is go to the “Converter”, change “Data Type” to “Long” and type in 64F4B8 under Hex. TSearch will automatically update as you type it in, and when you finish you’ll see the value 6616248 under “Decimal”.

Well, that’s it. Now that I have this tutorial completed I can start writing a tutorial on a more specific topic. Hope it was easy to follow.


-Titan

rum
07-09-2004, 12:37 AM
or instead of converting your addresses just put " &H " in front of them to denote hex

OverFlow636
07-09-2004, 12:46 AM
you can also use this function to write to the memory
but this one requires you to have public PHandle as long declared in a module somwhere and the process handle of sc already in it



Public Function WriteMem(address As Long, wut As String)
   'use it like  WriteMem(&H000000, "ff00ff0090")
   If Len(wut) = 1 Then wut = "0" & wut
   leng = Len(wut) / 2
   For i = 1 To leng
       WriteProcessMemory PHandle, address, Chr$("&H" & Left(wut, 2)), 1, &H0
       address = address + 1
       wut = Right(wut, Len(wut) - 2)
   Next
End Function