#1 5. Oktober 2010 Yu-Gi-Oh! - Kaiba the Revenge - Trainer Das Spiel ist zwar älter, hab aber hier einen alten Trainer von mir gefunden, der mit einer GUI (Windows) unterlegt ist. Ob der noch funktioniert kann ich nicht sagen, aber er soll im eigentlichen Sinne als Vorlage dienen und einen eindruck in die ressourcegebundene Formerstellung geben. main.cpp: Code: #include <windows.h> #include <windowsx.h> #include <tlhelp32.h> /* Declare window procedure */ BOOL CALLBACK WindowProcedure (HWND, UINT, WPARAM, LPARAM); /* Main entry point */ int WINAPI WinMain (HINSTANCE hThisInstance, HINSTANCE hPrevInstance, LPSTR lpszArgument, int nFunsterStil) { HWND hwnd; MSG messages; hwnd = CreateDialog(hThisInstance, MAKEINTRESOURCE(100),HWND_DESKTOP,WindowProcedure); ShowWindow (hwnd, nFunsterStil); while (GetMessage (&messages, NULL, 0, 0)) { TranslateMessage(&messages); DispatchMessage(&messages); } return messages.wParam; } /* This function is called by the Windows function DispatchMessage() */ BOOL CALLBACK WindowProcedure (HWND hwnd, UINT message, WPARAM wParam, LPARAM lParam) { switch (message) { case WM_INITDIALOG: SetTimer(hwnd,200,1,NULL); break; case WM_TIMER: HANDLE hSnapshot; PROCESSENTRY32 lppe; lppe.dwSize = sizeof(PROCESSENTRY32); long end; char id[16]; char *name; DWORD hProc; hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0); hProc = 0; end = Process32First(hSnapshot, &lppe); while (end) { name = CharLower(lppe.szExeFile); if (strcmp(name, "kaiba_pc.exe") == 0) hProc = lppe.th32ProcessID; end = Process32Next(hSnapshot, &lppe); }; itoa(hProc,id,10); Edit_SetText(GetDlgItem(hwnd,3),id); if (hProc == 0) Edit_SetText(GetDlgItem(hwnd,2),"not loaded"); else Edit_SetText(GetDlgItem(hwnd,2),"loaded"); if (hProc == 0) { CloseHandle(hSnapshot); break;} if (Button_GetCheck(GetDlgItem(hwnd,0)) == 1) { WORD bOrgWORD = 0; DWORD cWritten = 0; HANDLE popen = OpenProcess(PROCESS_ALL_ACCESS,0,hProc); WriteProcessMemory( popen,(void*)0x0A156b8, &bOrgWORD, 2, &cWritten ); CloseHandle(popen); }; if (Button_GetCheck(GetDlgItem(hwnd,6)) == 1) { WORD bOrgWORD = 10000; DWORD cWritten = 0; HANDLE popen = OpenProcess(PROCESS_ALL_ACCESS,0,hProc); WriteProcessMemory( popen,(void*)0x0A14964, &bOrgWORD, 2, &cWritten ); CloseHandle(popen); }; CloseHandle(hSnapshot); break; case WM_CLOSE: KillTimer(hwnd,200); DestroyWindow(hwnd); break; case WM_DESTROY: PostQuitMessage (0); break; } return 0; } ressource.rc: Code: #include <afxres.h> 100 DIALOG 0, 0, 236, 84 STYLE WS_CAPTION | WS_SYSMENU CAPTION "Yu-Gi-Oh! Power of Chaos KAIBA THE REVENGE" LANGUAGE LANG_GERMAN, SUBLANG_GERMAN FONT 8, "MS Sans Serif" { CONTROL "auto win", 0, "BUTTON", BS_AUTOCHECKBOX | WS_CHILD | WS_VISIBLE | WS_TABSTOP, 12, 44, 60, 14 CONTROL "application", 1, "BUTTON", BS_GROUPBOX | WS_CHILD | WS_VISIBLE, 5, 5, 225, 28 CONTROL "not loaded", 2, "STATIC", SS_LEFT | WS_CHILD | WS_VISIBLE | WS_GROUP, 12, 18, 81, 10 CONTROL "", 3, "EDIT", ES_LEFT | WS_CHILD | WS_VISIBLE | WS_BORDER | WS_TABSTOP, 131, 15, 60, 14 CONTROL "ID",4, "STATIC", SS_LEFT | WS_CHILD | WS_VISIBLE | WS_GROUP, 117, 18, 13, 9 CONTROL "", 5, "BUTTON", BS_GROUPBOX | WS_CHILD | WS_VISIBLE, 5, 36, 225, 28 CONTROL "UE life points", 6, "BUTTON", BS_AUTOCHECKBOX | WS_CHILD | WS_VISIBLE | WS_TABSTOP, 119, 44, 60, 14 CONTROL "written by SubZeroX", 0, "STATIC", SS_LEFT | WS_CHILD | WS_VISIBLE | WS_GROUP, 12, 70, 71, 37 }