Programming Humor

Click it and watch it!

In the beginning there was the computer:
 http://www.pi.pwp.blueyonder.co.uk/creation.html

Practice problems + Solutions

Hello fellow members,
I know there are million others who are out of ideas to code, like me. After a little bit of searching, I have found a link in which it contains some C++ exercises and solutions for those exercises. Remember that the exercises are arranged from difficulty; If you want the hard ones, scroll all the way to the bottom.

Ordered based on difficulty(really easy for beginner programmers): http://en.wikibooks.org/wiki/C++_Program...Iterations

A lot of exercises!: http://en.wikibooks.org/wiki/C%2B%2B_Pro.../Exercises

Not ordered in any way: http://www.fz-juelich.de/video/cpp/html/exercises.html

The most famous, ProjectEuler: http://projecteuler.net/index.php?section=problems

I hope you found this helpful. Please if you have any ideas or websites which contains some programming ideas, feel free to post them.

Thanks for reading,

C++ Send EMail + Win32 w/ Download

Hello fellow coders,



It is coded purely C/C++.

Also, the part that consumed most of my time in this project was base64 encryption. I was initially thinking of just ripping one online but couldn't. All the sources used external libraries and if you know me, I hate doing that. Not to mention, I had no patience to read over the external library and copy/paste it and adjust to the modifications of my project.

So I went ahead and implemented my own retarded base64 encryption, which works fine. I followed this: Base64 Wikipedia

It's pretty simple and VERY basic.

Basic outline of the program:

Code:

connect to smtp.gmail.com on port 25
Client: EHLO mail.gmail.com\r\n
Client: AUTH LOGIN\r\n
Client: base64 encrypted email\r\n
Client: base64 encrypted password\r\n
Server: 250 Accepted. --This is important to check.
Client: MAIL FROM: <emailid>\r\n
Client: RCPT TO: <toemailid>\r\n
DATA\r\n
Client: From: uremailid\r\n
Client: To: toemailid\r\n
Client: Subject: somesubject\r\n
Client: \r\n
Client: somemessageyouwanttosend\r\n
Client: .\r\n by sending period, it represents end of message.

The commands above are the ones sent to GMail server. That's all that's needed to send an EMail along with base64 encoder.

oh also, this is a very messy code, with little to no error handling. So, it's not perfect. It finishes its job though: send email. I didn't think about efficiency that much; I just wanted to get it done.

Download Link: http://uploading.com/e422f2f9/Emailer-rar

Source:
main.cpp
resource.rc
resource.h

Thanks and regards,

Simple Port Scanner + Source

Brief Description
Checks whether the given port is either open or closed.

Instructions
There are no need for Instructions for this program. Even your Grandma can figure it out.

Source: Simple Port Scanner

Please feel free to comment and if you have any suggestions, please post those as well.

Thanks for reading,

ProjectEuler Stairs + Source

Here is the assignment with better description: bottmy's idea

Try creating the program yourself; if you can't figure it out, check
out my solution. If you don't understand my source, feel free
to reply your question in the comments below. :D

The Source: bottomy's idea + Source

Please send feed-back if this was helpful so it gives me the motivation
to post more of these helpful code.

Bubble Sort with DMA + Source

Assignment's Information
Here is an illustration of what the program should do: http://pastebin.com/WTLUggxd It might look a little complicated but if you write out the thought process, it will be a piece of cake. Also, one of the requirements the program must have is to DMA(Dynamic Memory Allocation) so it will be a little professional and much more productive and efficient.

Solution: http://pastebin.com/Cz5eBDib

Note: I am sure there are more efficient ways and I admit I am not the most efficient coder but I am trying to be one because I have realized that efficiency plays a huge role in programming. So, If you have any suggestions or constructive criticism, please feel free to reply.

Aristotelian Argumentation

Aristotelian Argumentation

1. Prologue
2. Three ways to persuade
   • Ethos
   • Pathos
   • Logos
     
3. Real-life works and examples
4. Conclusion and credits
   

Prologue: The Aristotelian argumentation, as anticipated, was developed and implemented by a great thinker and a debater, Aristotle. Aristotle was a thinker who surpassed the level of thinking of an average human-being; His contributions encompassed almost of all fields such as Biology, Philosophy, Theology, Astronomy, etc... . One of his most used contribution is his argumentation structure which shows necessary skills to a debater/thinker in to persuading your opponent and 13 fallacies that one should avoid.

Three ways to persuade: This format of persuading is the most effective way to prove your point and build a strong base to your argument; These three ways of argumentation is being used by many debaters. We look at some real-life works and examples of these argumentations later.

• Ethos - An Aristotelian argumentation which uses credible sources to prove his/her point.
  
  • Credibility When one is using credibility to prove his/her point, then that one must provide a credible source which is either provided/written by a qualified scholar or an authoritarian. For example: One cannot support his claim with a source from a website with no qualified credibility such as Yahoo answers, blogspots. However one can support his/her claim by using a source with a qualified author from Harvard University or a certified expert. Holistically, Credibility argumentation is the usage of sources with an expert opinion.
  • Reputable Reputable is a form of credibility except it depends on the reputation a source was given by has. For example: If one is trying to persuade you to buy his product, he/she will use a reputed personality to promote your product; This reputed personality could be Oprah Winfrey, Barack Hussein Obama, or any other famous and persuading character.
    
• Pathos - This argumentation deals with persuading or proving your point through emotional statements or arguments. Pathos doesn't contain any sub-categories because it is a straight-forward argumentation in which the debater or the opponent uses emotional and personal attacks to prove his/her points. Lets use some flamers on Hackforums as an example to this argumentation: When one makes a thread discriminating the entire Muslim religion because of the act of one Muslim terrorist, Muslims are enraged because of the false accusation. This type of response is Pathos. The Muslim member feels this treatment unfair for accusing an entire race for the act of few members.
• Logos - Logos is the most useful and resolving argumentation of the three argumentation type, however, statistics show that people tend to use Pathos and Ethos more often. This also alludes to the fact why people fail to make a strong points and arguments on Hackforums. Logos mainly deals with rational explanations which scientific proofs and reason.
  • Evidence Evidence is a straightforward tool to prove a point and build a strong base. One of the main mis-conceptions of this sub-category is that evidence only encompasses Scientific evidences and proofs which means one cannot use the Bible, Quran, Harry Potter or any other Holy Books and fictional books as evidences to support arguments; If one negates the previous stated rule and uses fictional sources as evidence, that one will fail the debate automatically. One must use scientific proofs and physical/material evidence with supported hypothesis and conclusion as an evidence to support that ones claim.
  • Reason Reason is a sub-category in which most people rarely touch or use on Hackforums. This type of argumentation deals with rational and logical thinking without any scientific evidence or proofs. For example: When one says our Universe has a creator because everything has to have a creator, then the creator should also have a creator according to his/her logic.
    

Those three ways of persuading encompasses all types of speeches or debates. Every passage, debate, or a speech you encounter in your life will fall under one(or two) of the categories.

Real-life works and examples:
In this example, we will be analyzing the letter Martin Luther King[Jr.] sent to the clergyman in Atlanta. The prologue behind this letter is truly fantastic. The seven clergymen from Atlanta accuses Dr. King's actions as violent and it should halted. However, Dr. King[Jr.] rejects this accusation and responds through a polite letter; He uses many argumentations in his letter.

Example: "I think I should indicate why I am here in Birmingham, since you have been influenced by the view which argues against "outsiders coming in." I have the honor of serving as president of the Southern Christian Leadership Conference, an organization operating in every southern state, with headquarters in Atlanta, Georgia. We have some eighty five affiliated organizations across the South, and one of them is the Alabama Christian Movement for Human Rights. Frequently we share staff, educational and financial resources with our affiliates. Several months ago the affiliate here in Birmingham asked us to be on call to engage in a nonviolent direct action program if such were deemed necessary. We readily consented, and when the hour came we lived up to our promise. So I, along with several members of my staff, am here because I was invited here. I am here because I have organizational ties here." ~Martin Luther Kind[Jr.] letter from Birmingham Jail.

Explanation: After analyzing the paragraph, we can conclude that this passage from the speech is an example of credibility which falls under the category of Ethos. This passage is Ethos because Dr. King[Jr.] states that he is a reputed and credible person because he served president of the Southern Christian Leadership Conference, an organization operating in every southern state, with headquarters in Atlanta, Georgia. This shows that he has the complete authority to speak and support his claim.

Example: "In your statement you assert that our actions, even though peaceful, must be condemned because they precipitate violence. But is this a logical assertion? Isn't this like condemning a robbed man because his possession of money precipitated the evil act of robbery? Isn't this like condemning Socrates because his unswerving commitment to truth and his philosophical inquiries precipitated the act by the misguided populace in which they made him drink hemlock? Isn't this like condemning Jesus because his unique God consciousness and never ceasing devotion to God's will precipitated the evil act of crucifixion?" ~Martin Luther Kind[Jr.] letter from Birmingham Jail.

Explanation: This is a tough passage to "decipher" the category it falls under but after analyzing deeply, we can conclude that this is a logical passage, Logos. This passage is logos because he refutes the accusation and continues to provide series of examples and shows that Dr. King[Jr.]'s acts are non-violent just like how the examples he provided are.

-You can find many argumentation styles in just about every speech you encounter. The speech George W. Bush gave us after the 911 attack is a perfect example of Pathos.

Conclusion and credits: This thread was written entirely by me, Sri Krishna(which is my account on Hackforums), without plagiarizing any of the material. If one decides to use any segment or the entire thread, he/she must give credits. I would also like to give credits to my English teacher for teaching us Aristotelian Argumentation.

Thanks for reading,

Problem description:

Quote:By listing the first six prime numbers: 2, 3, 5, 7, 11, and 13, we can see that the 6th prime is 13.

What is the 10001st prime number?

Try to solve it by yourself and then look at the solution.

Solution:

Spoiler (Click to View)

Code:

#include <iostream>
#include <cmath>

bool IsPrime(int num)
{
    if(num % 2 == 0 && num != 2)
        return false;
    for(int i = 3; i <= sqrt((long double)num); i += 2)
            if(num % i == 0)
                return false;
    return true;
}

int main()
{
    unsigned long i = 2, n;
    std::cout << "Find the nth prime number: ";
    std::cin >> n;
    for(int j = 0; j < n; i++)
    {
        if(IsPrime(i))
            j++;
    }
    std::cout << i - 1;
    std::cin.ignore();
    std::cin.get();
    return 0;
}
As you can see, I sort of tweaked it to find the nth prime number, not just 10001st.

Feel free to post any suggestions, tips, or comments.

Get Website Source + Source

Just a simple source, I would like to share. It can output the IP Addresses of as many websites as you pass through the command line.

Code:

#include <iostream>
#include <windows.h>
#pragma comment(lib, "ws2_32.lib")

int main(int argc, char *argv[])
{
    WSADATA wsData;
    if(WSAStartup(MAKEWORD(2, 2), &wsData) != 0)
    {
        std::cout << "Cannot WSAStartup\n";
        WSACleanup();
    }
    else
    {
        for(int i = 1; i < argc; i++)
            std::cout << argv[i] << " : " << inet_ntoa(*(in_addr*)*gethostbyname(argv[i])->h_addr_list) << std::endl;
    }
    std::cin.get();
    return 0;
}

Command-line:

Code:

Directory>GetWebAddress www.hackforums.net www.google.com www.youtube.com
www.hackforums.net : 69.162.82.251
www.google.com : 72.14.204.99
www.youtube.com : 74.125.113.92

Assembly Calculator + Source

Hello everyone,

After a long hassle, I began learning Assembly; I must say it is very challenging and it is definitely worth it.

Here is the source:

Code:

.data
    Hello:
        .asciz "1. Add\n2. Subtract\n3. Divide\n4. Multiplication\nOption:"
    first:
        .asciz "First Number:"
    second:
        .asciz "Second Number:"
    answer:
        .asciz "The answer is: %d\n"
    d:
        .ascii "%d\0"
    int1:
        .int 0
    int2:
        .int 0
    option:
        .int 1
.text

.globl _main

    _main:
        pushl $first
        call _printf
        addl $4, %esp

        pushl $int1
        pushl $d
        call _scanf
        addl $8, %esp

        pushl $second
        call _printf
        addl $4, %esp

        pushl $int2
        pushl $d
        call _scanf
        addl $8, %esp

        pushl $Hello
        call _printf
        addl $4, %esp

        pushl $option
        pushl $d
        call _scanf
        addl $8, %esp

        cmpl $1, option
        jz toadd
        cmpl $2, option
        jz subtract
        cmpl $3, option
        jz divide
        cmpl $4, option
        jz multiplication

        toadd:
        movl int1, %eax
        addl int2, %eax
        pushl %eax
        pushl $answer
        call _printf
        addl $8, %esp        
        jmp end        

        subtract:

        movl int1, %eax
        subl int2, %eax
        pushl %eax
        pushl $answer
        call _printf
        addl $8, %esp
        jmp end        

        divide:
        movl int1, %eax
        movl int2, %ebx
        xorl %edx, %edx
        idivl %ebx
        pushl %eax
        pushl $answer
        call _printf        
        addl $8, %esp
        jmp end        

        multiplication:                
        movl int1, %eax
        movl int2, %ebx
        imull %ebx
        pushl %eax
        pushl $answer
        call _printf
        addl $8, %esp

        end:
        call _getchar
        call _getchar
        ret

How do you assemble it?

Code:

as -o main.o main.s

How do you link it?

Code:

ld main.o -o main.exe -e_main -L"C:\Dev-cpp\lib" -lmsvcrt

Is there an easier method to assemble and link it?
Yes, there is. Open notepad and put this:

Code:

as -o main.o main.s
ld main.o -o main.exe -e_main -L"C:\Dev-cpp\lib" -lmsvcrt

Save it as build.bat[orwhatever.bat] and put it into the same folder as the source. Open the build.bat and it should compile.

Simple Network Chat + Source

Hello fellow programmers,

It's a very simple chat program. The only problem is that the server doesn't handle multiple clients. I'll make one as soon as I gain in depth knowledge in Winsocks. If possible, can anyone link me to a guide to learn about handling multiple clients?

Client source:

Code:

/**

Program: Simple chat program
Author: Sri Krishna

**/

#include <iostream>
#include <windows.h>
#pragma comment(lib, "ws2_32.lib")

SOCKET sock;

void recvdata()
{
    while(1)
    {
        char msg[256];
        memset(msg, 0, 256);
        int r = recv(sock, msg, 256, 0);
        if(r == SOCKET_ERROR)
        {
            std::cout << "\n\nServer is disconnected\n\n";
            std::cin.ignore();
            std::cin.get();
            closesocket(sock);
            WSACleanup();
            exit(1);
        }
        else
            std::cout << "Friend: " << msg << std::endl;
    }
}

void senddata()
{
    while(1)
    {
        char msg[256];
        memset(msg, 0, 256);
        std::cin.get(msg, 256);
        int ret = send(sock, msg, strlen(msg), 0);
        if(ret == SOCKET_ERROR)
        {
            std::cout << "\n\nServer is disconnected\n\n";
            std::cin.ignore();
            std::cin.get();
            closesocket(sock);
            WSACleanup();
            exit(1);
        }
        std::cin.ignore();
    }
}

int main()
{
    WSADATA wsData;
    if(WSAStartup(MAKEWORD(2, 2), &wsData) != 0)
    {
        std::cout << "WSAStartup!\n";
    }
    else
    {
        sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
        if(sock == INVALID_SOCKET)
        {
            std::cout << "socket()\n";
            WSACleanup();
        }
        else
        {
            sockaddr_in sin;
            sin.sin_addr.S_un.S_addr = inet_addr("127.0.0.1");
            sin.sin_port = htons(626);
            sin.sin_family = AF_INET;

            while(connect(sock, (sockaddr*)&sin, sizeof(sin)) == SOCKET_ERROR)
                connect(sock, (sockaddr*)&sin, sizeof(sin));
            std::cout << "Connected to your friend\n\n";
            HANDLE hThread[2];
            DWORD thread1, thread2;
            hThread[0] = CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)recvdata, NULL, NULL, &thread1);
            hThread[1] = CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)senddata, NULL, NULL, &thread2);
            WaitForMultipleObjects(2, hThread, true, INFINITE);
        }
    }

    std::cin.ignore();
    std::cin.get();
    return 0;
}

Server source:

Code:

/**

Program: Simple chat program
Author: Sri Krishna

**/

#include <iostream>
#include <windows.h>
#pragma comment(lib, "ws2_32.lib")

SOCKET sock, acceptsock;

void recvdata()
{
    while(1)
    {
        char msg[256];
        memset(msg, 0, 256);
        int r = recv(sock, msg, 256, 0);
        if(r == SOCKET_ERROR)
        {
            std::cout << "\n\nServer is disconnected\n\n";
            std::cin.ignore();
            std::cin.get();
            closesocket(sock);
            WSACleanup();
            exit(1);
        }
        else
            std::cout << "Friend: " << msg << std::endl;
    }
}

void senddata()
{
    while(1)
    {
        char msg[256];
        memset(msg, 0, 256);
        std::cin.get(msg, 256);
        int ret = send(sock, msg, strlen(msg), 0);
        if(ret == SOCKET_ERROR)
        {
            std::cout << "\n\nServer is disconnected\n\n";
            std::cin.ignore();
            std::cin.get();
            closesocket(sock);
            WSACleanup();
            exit(1);
        }
        std::cin.ignore();
    }
}

int main()
{
    WSADATA wsData;
    if(WSAStartup(MAKEWORD(2, 2), &wsData) != 0)
    {
        std::cout << "WSAStartup!\n";
    }
    else
    {
        sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
        if(sock == INVALID_SOCKET)
        {
            std::cout << "socket()\n";
            WSACleanup();
        }
        else
        {
            sockaddr_in sin;
            sin.sin_addr.S_un.S_addr = INADDR_ANY;
            sin.sin_port = htons(626);
            sin.sin_family = AF_INET;

            while(bind(sock, (sockaddr*)&sin, sizeof(sin)) == SOCKET_ERROR)
                bind(sock, (sockaddr*)&sin, sizeof(sin));

            while(listen(sock, 1) == SOCKET_ERROR)
            {
                listen(sock, 1);
            }

            while(1)
            {
                acceptsock = SOCKET_ERROR;
                while(acceptsock == SOCKET_ERROR)
                {
        acceptsock = accept(sock, NULL, NULL);
                }
                std::cout << "Connected to your friend!\n\n";
                sock = acceptsock;
                break;
            }
        }
    }
    HANDLE hThread[2];
    DWORD thread1, thread2;
    hThread[0] = CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)recvdata, NULL, NULL, &thread1);
    hThread[1] = CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)senddata, NULL, NULL, &thread2);
    WaitForMultipleObjects(2, hThread, true, INFINITE);
    std::cin.ignore();
    std::cin.get();
    return 0;
}

Client code with C++ highlights: http://pastebin.com/Zbc7qwDc
Server code with C++ highlights: http://pastebin.com/R3stNU0v

Also, I need your guys' favor. The only way I can improve my knowledge is by receiving projects that require me to search for new methods and concepts. So, if possible, give me some tough projects or tough concepts to research. I need some concepts to learn....

Dynamic Database - ProjectEuler + Solution

Hello fellow members,

Before you talk about SQL connection and stuff, this has nothing to do with that.

My friend gave me an assignment to do this:

Code:

Make a program like this:
1. Add to database
2. Display databse
Option:

You should be able to add as many databases as you want. It should ask you for name, age, gender, and after it is registered, put the computer time in a string(which should be a string or whatever). All this information should be taken into a structure

When displaying the database, it should display like this:
--
<The registered time>
Name: Name
Age: 15
Gender: M

The 'Display database' option should print all the databases added.

I know this source code sucks, leave me alone:

Spoiler (Click to View)

Code:

#include <iostream>
#include <string>
#include <ctime>

int counter = 0, option = 0;

struct data_base
{
    std::string name;
    int age;
    char gender;
    std::string curtime;
};

int main()
{
    data_base **array = new data_base*;
    data_base *data = new data_base;
    while(1)
    {
        system("CLS"); //don't care
        std::cout << "1. Append to Database\n2. Display Database\nChoose(1/2):";
        std::cin >> option;
        if(option == 1)
        {
            data = new data_base;
            system("CLS"); //don't care
            std::cout << "Enter the name: ";
            std::cin.ignore();
            std::getline(std::cin, data->name);
            std::cout << "Enter the Age: ";
            std::cin >> data->age;
            std::cout << "Enter the gender: ";
            std::cin >> data->gender;
            while(data->gender != 'm' && data->gender != 'M' && data->gender != 'f' && data->gender != 'F')
            {
                std::cout << "\nEnter the correct gender type\n";
                std::cout << "Enter the gender: ";
                std::cin >> data->gender;
            }
            time_t raw_time;
            tm *time_info;
            time(&raw_time);
            time_info = localtime(&raw_time);
            data->curtime = asctime(time_info);
            array[counter] = data;
            counter++;
        }
        else if(option == 2)
        {
            system("CLS"); //don't care
            int c = 0;
            while(c < counter) //problem is heere
            {
                std::cout << "\n--\n";
                std::cout << "Time appended: " << array[c]->curtime << std::endl;
                std::cout << "Name: " << array[c]->name << std::endl;
                std::cout << "Age: " << array[c]->age << std::endl;
                std::cout << "Gender: " << array[c]->gender << std::endl;
                c++;
            }
            std::cin.ignore();
            std::cin.get();
        }
        else
        {
            std::cout << "Can you read?";
        }
    }
    std::cin.ignore();
    std::cin.get();
    return 0;
}

Memory Patching with OllyDbg + Source

Hello fellow programmers,

Today, I'll be showing you a rather interesting technique known as memory patching; this method is also used in game hacking to patch the anti-hack and to modify instructions. You will understand what I mean as we proceed through the tutorial.

In this tutorial, we will be hacking minesweeper. I know you'll be thinking hacking minesweeper is really low and useless but you see, minesweeper is just an example but you can use this technique to patch anti-hack on online games and hack online games. Useful technique, isn't it? Now, I want to open minesweeper in cheat engine and get the time address. I'll show you how to get the time address with screenshots; if you already know how to use cheat engine, then you can skip it.

1. Open minesweeper in cheatengine.
2. Enter '0' in the textbox and click 'New Scan'
3. Click on any of the boxes. You'll see the time incrementing by 1.
4. Change the cheat engine's scan type to 'Increased value' and click 'Next Scan'. What this does is that it will check which address' value has been increasing.
5. Keep clicking 'Next Scan', until you have isolated to one address, which, if you followed the instructions correctly, should be the time address. The value of the address should update real time.
6. Double click on the address. It will add it to the listbox at bottom. Now, right click and click 'Find out what writes to this address'. It should give you one assembly instruction. This is the instruction inside minesweeper that updates the time value by 1.



This is the instruction I recieved from cheat engine:

Code:

01002FF5 - FF 05 9C570001  - inc [0100579C]

Explanation: The instruction is located in memory address(01002FF5) and it is INC(assembly instruction for increment) the value inside the 100579C(time address).

The C/C++ equivalent:

Code:

(*timeAddress)++;

Now, open up OllyDbg and open Minesweeper in it. Winmine.exe is located in system32 folder inside Windows.

After Minesweeper is loaded onto ollydbg, press control + G. This will ask us where in the ollydbg do you want to go to. We want to go to this: 01002FF5, where our instruction is located.



Now, the dark bracket line that covers 9 lines, including our incrememnt instruction is a function minesweeper calls. That functions' purpose is to update the time. Now, I want the game to not execute the function. So, lets write a DLL that will NOP(Assembly instruction for no operation) the function. Lets see what's actually calling time update function. You can do that by clicking the first instruction of the function which is

Code:

01002FE0  /$ 833D 64510001 >CMP DWORD PTR DS:[1005164],0

If you click on it, olly will tell us what's calling this instruction. Here is an image to help you out:


It's a local call from 01001d6c. Lets press control + G and go there or you can right click on that string and click 'Go to CALL from 01001d6c'. Once you go there, you will notice something interesting, if you know Win32 programming. You'll see WM_TIMER. WM_TIMER is a message.

This is the instruction:

Code:

01001D6C  |. E8 6F120000    CALL winmine.01002FE0    ;  Case 113 (WM_TIMER) of switch 01001D5B

That instruction uses CALL(assembly instruction to call a funtion or address in the program) to call the time update function. Now, lets write the DLL to NOP the function. It's very simple. You'll need two functions: VirtualProtect and memcpy

The instruction is protected. It's only for us to read and understand the code and not to edit it as we wish. So we will use VirtualProtect function to edit the privilages to PAGE_EXECUTE_READWRITE which will let us not only read the memory but also write to it.

VirtualProtect asks for:

Code:

VirtualProtect(WhichAddress, Size, WhatTypeOfProtection, ActualProtection);

We will pass in 01001D6C for WhichAddress, and 5 bytes for the size, and PAGE_EXECUTE_READWRITE for WhatTypeOfProtection so that we can use memcpy to write to the address. For the last parameter, we will pass the address of a DWORD to store the actual protection so we can bring the address back to the way it was after we use it. With me so far?

This is what the code will look like:

Code:

    DWORD dwOld;
    VirtualProtect((LPVOID)WM_TIMER_ADDRESS, 5, PAGE_EXECUTE_READWRITE, &dwOld);

WM_TIMER_ADDRESS is a definition for our 01001D6C.

Now, we want to memcpy the NOP bytes to the address. Now how will we do that? Simple. Let's create a BYTE array.

Code:

BYTE nops[] = {0x90, 0x90, 0x90, 0x90, 0x90};

0x90 is the hex exquivalent of the NOP instruction.

Now, let's copy the nops and patch the memory!

Code:

memcpy((void *)WM_TIMER_ADDRESS, nops, 5);

Now, we have to set the original protection type back to the way it was.

Code:

    VirtualProtect((LPVOID)WM_TIMER_ADDRESS, 5, dwOld, &dwOld);

I made a function called patch() to make it easier to understand.

Here is the full code:

Code:

#include <windows.h>

#define WM_TIMER_ADDRESS 0x01001D6C

BYTE nop[5] = {0x90, 0x90, 0x90, 0x90, 0x90};

void patch()
{
    DWORD dwOld;
    VirtualProtect((LPVOID)WM_TIMER_ADDRESS, 5, PAGE_EXECUTE_READWRITE, &dwOld);
    memcpy((void *)WM_TIMER_ADDRESS, nop, 5);
    VirtualProtect((LPVOID)WM_TIMER_ADDRESS, 5, dwOld, &dwOld);
}

BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD dwReason, LPVOID lpReserved)
{
    if(dwReason == DLL_PROCESS_ATTACH)
    {
        MessageBox(NULL, "Injected to Process!", "Injected!", MB_OK);
        patch();
    }
    return true;
}

Now, let's inject the DLL into Minesweeper and attach OllyDbg to it. After doing so, go the WM_TIMER call.

Before injection:


After injection:


W00t! w00t! Notice how the 5 nops were copied on to the address, essentially, cancelling the call to the timer update. Of course, there are different methods of stopping time. You can create a while loop which will always set the time address(0x0100579c) to zero.

Here is the source for it:

Code:

#include <windows.h>

void timezero()
{
    while(1)
    {
        __asm
        {
            mov eax, 0x0100579c
            mov [eax], 0
        }
    }
}

BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD dwReason, LPVOID lpReserved)
{
    if(dwReason == DLL_PROCESS_ATTACH)
    {
        MessageBox(NULL, "Injected to Process!", "Injected!", MB_OK);
        timezero();
    }
    return true;
}

This is a basic hack for a basic game but this technique can be used for other complex games. For example, I'm using this technique to patch XTrap(an anti-cheat program). Basically, step through the code and check for traces of XTrap activity and NOP it or use unconditional jumps. Online games load XTrap through a DLL using LoadLibrary by CALL'ing it from kernel32.dll. You can, of course, NOP the entire LoadLibrary call which, basically, prevents Xtrap.dll from loading.

If you have any questions or suggestions, don't hesitate to reply. You can private message for questions or add my MSN(PM for it).

Hope you learned something.