Author Topic: Some trainer making TUTS  (Read 936 times)

0 Members and 1 Guest are viewing this topic.

ThEViRuS

  • Relentless Teamkiller
  • **
  • Posts: 54
    • View Profile
Some trainer making TUTS
« on: February 11, 2004, 09:11:56 pm »
Trainer Maker Kit
{{Tutorial By ThEViRuS}}
Trainer Maker Kit is most likely the best trainer generating software for beginners
currently on the market.
Not only is it simple to use it is also very user friendly.
This guide will explain how to make a very simple trainer to do this you will need :-
The Address(s) you want to NOP/Freeze/Edit
Trainer Maker Kit(get from www.extalia.com)
A Brain(get from your nearest general store)
Now once you have all those you must first open TMK.
A box will appear titled [Project Option] Now choose the directory you want the trainer
to be stored in and then put in the title of your Project.
Then click the [Create] button
Now the interface that will face you may be overwhelming at first but dont worry
its not as complicated as it might seem to you.
In the middle you will see a box named DIALOG
if you right-click the middle of the box you can change its properties.
So you have the cosmetic details done now its time to add the actual functions.
Go to the insert tab and click button.
Now a button should appear in your main window.
Right click the button to get into a pop up box.
Click on the [Write Memory Actions] tab.
Click the [Wiz] button
Now you get a window.
In the window you have a interface like this
Action to perform Type of value Address Value
[WRITE VALUE] [BYTE] [ ] [ ]
ADD WORD
SUBSTRACT DWORD
LOCK FLOAT
DOUBLE
Now select for now [WRITE VALUE],[BYTE],[Your Address],[The Value You Wish]
And well bingo thats all there is to it.....
Making your trainer from here is extremely simple and purely cosmetic value.
After you master TMK try learning Delphi or ASM.
Well thats it! hope to see some cool looking trainers from you soon.
Later, :evil:

ThEViRuS

  • Relentless Teamkiller
  • **
  • Posts: 54
    • View Profile
Some trainer making TUTS
« Reply #1 on: February 11, 2004, 09:12:28 pm »
Cheat Engine V2.3
The Tutorial
One of the newest tools on the market my friends.Here we have a memory searcher and a trainer maker all in one.If you've never hacked before and your using this as your start out tool then this is the tut for you.
Lets Begin
Always start with the easy stuff first.Alright first you need to actually select what game your going to be cheating in.To do this click on the lil PC Button
This is called the select process button.Now select the exe of your game from the pop up window.Alright lets get crackin.Now you will see the search options not too far away
Now you can search for lots of diffrent things.There are two search types Scan type and Value Type.The value box is where you input the value of ammo,gold MP etc.
Scan Type is what sort of scan you want to do.i e=Exact Value would be your 100% sure of the amount of ammo etc and Advanced is for if your not 100%.
Value type is what sort of value it is you can search for Bits,Bytes,floats,text and double.
1 byte : value between 0-255 stored in 1 byte
2 bytes : value between 0-65535 stored in 2 byte
4 Bytes=value between 0-4294967295
Well now that we know what kind of search were gonna do we can continue(were not going to be dealing with the other types of values..you dont need to worry bout those yet =P )Ok once you have input the thing you want to click on new scan.You'll most likely get tonnes of addresses if you didnt then go over the tut so far again.If your on the same wavelength then lets continue.Now you need to go in and change the thing your hacking somehow.After that click on next scan.Not so many addies now huh?Good now continue this until your left with one and then select it and click the red arrow pointing diagnolly.This will copy the address into the box below.Then you can NOP the address(Its not hard to do)And well.........thats it! I'll update this tut soon with a continuation on how to use the TM on it but well Later days!.
Signed.....

ThEViRuS

ThEViRuS

  • Relentless Teamkiller
  • **
  • Posts: 54
    • View Profile
Some trainer making TUTS
« Reply #2 on: February 11, 2004, 09:14:11 pm »
;---------------------------------------------
;  Protection-Suit Version 1.3 (c) by [NTSC]
;           Non- Public Version
;            Protect your Work
;    I dont like Lamers to steal my work..
;---------------------------------------------
;Contents (Trainer specified):
;--------------------------------------------------
; - Anti-BreakPoint /Kernel32 (ReadProcessMemory,WriteProcessMemory,CreateFileA,)
;                             (DeleteFileA,OpenProcess)
; - Anti-BreakPoint /User32   (FindWindowExA,GetWindowThreadProcessId)
; - CheckTrainerSpy-Routine (if Window present,Goodbye)
; - CheckTrainerSpy-Routine (if Class present,Goodbye)
; - Create TrainerSpy data file (c:\logwmemory.bin) + set specific File-Attributes
; - CheckProcDump-Routine (if Window present,Goodbye)
; - Check FileMon-Routine (if Window present,Goodbye)
; - Check FileMon-Routine (if Class present,Goodbye)
; - Check SmartCheck-Routine (if Class present,Goodbye)
; - Check W32Dasm-Routine (if Window present,Goodbye)
; - Check W32Dasm-Routine (if Class present,Goodbye)
; - Check for TRW2000 (if Window present,Goodbye)

;---------------------------------------------
; Anti-Spy Variables (c) by [NtSC]
;---------------------------------------------
Kernel32             db       "Kernel32",0             ; Base of Kernel Api?s  
User32               db       "User32",0              ; Base of User-Api?s   
Thief                db       "TRAINER SPY",0          ; Trainer-Spy Window-Caption
ThiefClass           db       "#32770",0      ; Trainer-Spy Class
ReadMemory           db       "ReadProcessMemory",0    ; Api?s to check
WriteMemory          db       "WriteProcessMemory",0   ; (most common used by trainers)
OpenProc             db       "OpenProcess",0         ; Api to open an running Process     
CreateFileX          db       "CreateFileA",0      ; for Module-Rippers
DeleteFileX          db       "DeleteFileA",0         ; also
FWindow              db       "FindWindowExA",0       ; for getting Game-Window  
GWindow              db       "GetWindowThreadProcessId",0   
Data                 db       "c:\logwmemory.bin",0    ; TrainerSpy file (Info from vxd)
ProcDump0            db       "ProcDump32 (C) 1998, 1999, 2000 G-RoM, Lorian & Stone",0
FileMon0             db       "File Monitor",0        ; File Monitor Window Caption   
FileMon1             db       "FileMonClass",0        ; File Monitor Class
SmartCheck           db       "NMSCMW50",0            ; SmartCheck Class
W32Dasm              db       "URSoft W32Dasm Ver 8.93 Program Disassembler/Debugger",0
W32Dasm2             db       "OWL_Window",0          ; W32Dasm Class
TRW2000              db       "TRW2000 for Windows 9x",0
SpyFlag              dd       0
;---------------------------------------------

CheckBreakPoints:                  ;Check Read/Write Api?s for Breakpoints
      push   offset Kernel32
      call   GetModuleHandleA
      push   offset ReadMemory
      push   eax
      call   GetProcAddress
      cmp    byte ptr [eax],0cch              ;Breakpoint set on Function?
   je   _wmdestroy

      push   offset Kernel32
      call   GetModuleHandleA
      push   offset WriteMemory
      push   eax
      call   GetProcAddress
      cmp    byte ptr [eax],0cch              ;Breakpoint set on Function?
   je   _wmdestroy

      push   offset Kernel32
      call   GetModuleHandleA
      push   offset CreateFileX
      push   eax
      call   GetProcAddress
      cmp    byte ptr [eax],0cch              ;Breakpoint set on Function?
   je   _wmdestroy

      push   offset Kernel32
      call   GetModuleHandleA
      push   offset DeleteFileX
      push   eax
      call   GetProcAddress
      cmp    byte ptr [eax],0cch              ;Breakpoint set on Function?
   je   _wmdestroy

      push   offset Kernel32
      call   GetModuleHandleA
      push   offset OpenProc
      push   eax
      call   GetProcAddress
      cmp    byte ptr [eax],0cch              ;Breakpoint set on Function?
   je   _wmdestroy

      push   offset User32
      call   GetModuleHandleA
      push   offset FWindow
      push   eax
      call   GetProcAddress
      cmp    byte ptr [eax],0cch              ;Breakpoint set on Function?
   je   _wmdestroy

      push   offset User32
      call   GetModuleHandleA
      push   offset GWindow
      push   eax
      call   GetProcAddress
      cmp    byte ptr [eax],0cch              ;Breakpoint set on Function?
   je   _wmdestroy

CheckTrainerSpy:
      call   FindWindowExA,0,0,0,offset Thief      ;TrainerSpy Window active? if yes,Goodbye
   cmp    eax,0         
   je   CheckTrainerSpyClass
   jmp   _wmdestroy   

CheckTrainerSpyClass:
;     call   FindWindowExA,0,0,offset ThiefClass,0    ;TrainerSpy Class found?..if yes,..time to go
;   cmp    eax,0         
;   je   CreateAntiTrainerSpy
;   jmp   _wmdestroy

CheckProcDump:
      call   FindWindowExA,0,0,0,offset ProcDump0   ;ProcDump Window active? if yes,Goodbye
   cmp    eax,0         
   je   CheckFilemon
   jmp   _wmdestroy   

CheckFilemon:
      call  FindWindowExA,0,0,0,offset FileMon0   ;File Monitor Window active? if yes,Goodbye
      cmp   eax,0         
      je    CheckFileMonClass
      jmp   _wmdestroy   

CheckFileMonClass:
     call   FindWindowExA,0,0,offset FileMon1 ,0     ;File Monitor Class found?..if yes,..time to go
   cmp    eax,0         
   je   CheckSmartCheckClass
   jmp   _wmdestroy

CheckSmartCheckClass:
     call   FindWindowExA,0,0,offset SmartCheck ,0   ;SmartCheck Class found?..if yes,..time to go
   cmp    eax,0         
   je   CheckW32Dasm
   jmp   _wmdestroy

CheckW32Dasm:
      call  FindWindowExA,0,0,0,offset W32Dasm      ;W32Dasm Window active? if yes,Goodbye
      cmp   eax,0         
      je    CheckW32DasmClass
      jmp   _wmdestroy   

CheckW32DasmClass:
     call   FindWindowExA,0,0,offset W32Dasm2 ,0     ;W32Dasm Class found?..if yes,..time to go
   cmp    eax,0         
   je   CheckTRW2000
   jmp   _wmdestroy

CheckTRW2000:
      call  FindWindowExA,0,0,0,offset TRW2000      ;TRW2000 Window active? if yes,Goodbye
   cmp    eax,0         
   je   CreateAntiTrainerSpy
   jmp   _wmdestroy

CreateAntiTrainerSpy:                  ;create our vxd refered File with Attributes      

      push   0                        
      push   1                           
      push   2                    
      push   0
      push   1
      push   40000000h
      push   offset Data
      call   CreateFileA
      push   eax
      call   CloseHandle
      xor    eax, eax

      call SetFileAttributesA,offset Data,FILE_ATTRIBUTE_READONLY+FILE_ATTRIBUTE_HIDDEN

;CheckDebugger:
;      push   offset Fine
;      call   SetUnhandledExceptionFilter
;      mov    eax, 4
;      mov    ebp,'BCHK'
;      int    3                         ; if debugger: execute int
;   jmp   _wmdestroy
;   mov   [ProtectionFlag],001h

;************************************************************************************************


all honor goes to [NTSC]