Making a mod menu is easy! (Here's how to make one with Python and Cheat Engine)
HTML-код
- Опубликовано: 20 июн 2024
- Want to know how mod menus work and how to make one yourself? In this video I'll show you exactly how to do that using Python and Cheat Engine.
Huge thanks to BrainFM for sponsoring this video! Get 20% off at checkout by using the following link or using code "kianbrose":
brain.fm/kianbrose?via=kianbrose
Chapters:
0:00 - Introduction
0:32 - Addresses and pointers
3:08 - Finding offsets
5:59 - Turning pointers into a mod menu
7:12 - Sponsor segment
7:25 - Calculating base address
8:16 - Coding the pointer
9:02 - Reading & printing an address
9:42 - Writing to an address
9:53 - Freezing an address
The method used in this video to be able to create mod menus uses Cheat Engine as a primary tool to find memory addresses and determine pointers to those addresses.
Finding pointers this way is very time consuming and more modern games are likely to have some degree of protection against this and from my research I have been unable to find a way to find pointers to virtualized applications such as a game running inside an emulated android in bluestacks or a game running in windows inside VirtualBox.
There are ways to create mod menus without needing to find pointers using methods called "Hooking" and "AoB" scanning, but since these methods are quite advanced I won't be covering them all in the same video since they require a video for themselves.
Once pointers have been found, all that's really necessary is to use any memory editing library in any programming language to access, read and modify the addresses those pointers point to, the example in the video being Python. I would not recommend python for an actual mod menu as it's slow by design and the best choice in my opinion is to make them either in c++ or c#.
FAQ:
1. I can't find the pointer to my address!!!!
Finding pointers is never easy and newer games tend to have measures against this method, but you can always find the values manually through cheat engine and use those addresses together with the script without the pointer and that will work just fine, the only downside being having to find the address(es) every time the game is closed and opened
2. I'm on mac
That's a shame
3. Does the python bit version matter? (64 vs 32 bit)
From my testing I have found that you can use 64 bit python to read and write to addresses of both 32 and 64 bit programs, but when trying to use a 32 bit python installation to access a 64 bit program it will not work properly and give you some huge weird values
4. What method usually works on all games?
AoB scanning generally works regardless of what game it is, but that requires an entire video of its own and is the method I personally use. For those interested in researching the topic while the video is made, the AoB scanning module I use can be found here: github.com/AlexCatDev/ProcessMemory (Note: this is c#, not python)
that's a perfect video, i can't wait for the AOB tuotrial already.. learned SOO much from this 10mins video..!!!
just few questions:
1. how can we bypass when a game block ce from running at the same time? (which is most games i presume)
2. if the preferred base value is already in use in memory how would we figure the correct base address to use the offset to figure the correct value we want to edit?
@@disrael2101 Most games that block ce just check if a program called "Cheat engine" is running in the background, so renaming it often does the trick. More advanced games check if memory is being accessed by a process which shouldn't be allowed according to the game logic which causes the game to shut down, lots of ways.
2. You would need to find a way to find the preferred base value of the program from code without hardcoded calculations which is as far as my research went not possible in python
@@KianBroseVery interesting information, just couple more questions,
1. How the preferred value is gurnautee to work if it may be in use by other programs at the time of loading the game?
2. How people create cheats to multiplayer games where the devs block access to memory outside the allowed list of processes?
3. Can we use ce to find backdoor in softwares / os or even on a website?
@@disrael2101 1. Nothing is ever guaranteed to work, I'm not sure I understand the question enough to be able to answer it
2. They either reverse engineer the application itself and remove the anticheat or find a way to work around it, I have never done this before so I don't know the specifics
3. If your definition of "backdoor" is a way to gain complete control of software/os/server hosting a website then no. You can however use cheat engine to mess with license keys which is how most keygens are created
@@KianBrose the first question was about the base preferred address, which may be in used by other programs, what can we do in that case, just manually find it each time?
2. Will you teach us to reverse engineering apps in the future vids?
"There's a variable that controls whether you have pressed the Like Button."
And at that moment, a rainbow border suddenly appeared around the Like/Dislike panel. Very cool addition.
ty
omg i didnt even know that can be modified!
exacly what i though so i went to the comments xd
This video is "scripted" and thus is very clear, and easy to follow. Other authors' videos are often improvised and thus contain too much redundant part and irrelevant talks. To sum up, Kian did a very good job.
YOu had me in the first part not gonna lie
lol same@@KianBrose
This video is insanely good. Great editing and overall quality. The information is presented in an easy-to-understand way with a visual explanation. Keep up the great content!
Thank you! Will do
Easy to understand my ass
Thank you so much for making these tutorials. This is exactly what I'm interested in. I really hope that you continue with the tutorials and maybe make some a little bit more advanced or in depth. Much love for you
I hope I can continue as well
Me too i am interested on making gta5 mod menus
@@GameHackingGuru The market for cheats in online games is at an all time high right now. Best way to earn some money on the side.
Thanks bro finally someone who isn't posting malware or fake stuff, you deserve my subscribe!
Thank you!
Nice work man! Keep it up, your quality rises so quickly
Thanks!
Beautiful stuff 🔥 Need more of this content please !
Will do! Takes a while to make these xD Not because theyre thaaat hard to make, but because I am a
Certified Expert Procrastinator™
@@KianBrose love it bro thank you ❤️
Your quick explanation as to what pointers are is better than any tutorial I've seen yet. But I already know how to use CE so maybe I'm a little biased, but other tutorials have a bad habit of explaining how to do it without giving a simple explanation first.
Holy crap!! This is wonderfully put and so detailed at a good speed. Love you man!
Glad you enjoyed it!
Hey, this tutorial helped me a lot. i been learning AHK (AutoHotKey) for 1 year now, and i have been trying to make mod menu's, and this video caused my success. Thanks bro, you're a legend.
Great video! I know nothing about pointers but you managed to make me understand it all
well explained!
already knew python, just found out how cheat engine works.
Looks like a ton of fun
It is!
Hey quick question I know it's been a couple months, but I'm currently trying to find a good online class/s to learn python and C++. Could you point me in the right direction? And yes I'm doing my own searching and have asked others, just don't want to waste my time with something that is useless by accidentally going to a wrong websit.
@@sandrawilliams1659 hmmm, honestly i can't recommend anything since the best way to learn is to just start programming on your own
I'm so happy you're getting recognition because the way you explain things plus the speed at which you do it is just perfect.
Keep up the great work.
Thanks! Will do
"things plus the speed at which you do it is just perfect."
The topic is interesting but not perfect in my pov.
This tutorial could be more interesting if :
- He didn't put a very annoying / boring song in background ... believe it or not anybody do not share the same taste for songs /sound ...
- He could take his time and force himself to correct his pronunciations dificulties with words sound s / ch instead speaking like "Speedy Gonzales under cocaine " ... believe it or not when you work in a compagnie and/or explain something to other persons if you speak too fast and people have dificulties to understand ... you will have big problem ...
- The fact to speed as quick as possible the shootscreen on your tuto is not a good idea too ... if we slow down the video 0.75 some screen stay less than 1 second ...
- For this kind of topic this video 25 to 30 minutes could be a good good timing.
Interesting tuto but ... and as you know in communication no sentence before this magic word "but" is important ... he has good topics and knows so if he wana skyrocket on youtube he must work on the "shape" of his video and think that his target are persons who wana learn, not people who already knew how to deal.
@@antoninperbosc1532 Thank you for taking the time to write your advice
Honestly the hardest part of any video in my opinion is the music, I just don't know how to do it properly, but I don't think just plain silence is a good idea either...
As for the speed, since a video is something that can be paused and played back I'm doing everything as quickly as possible to waste as little time as possible
@@KianBrose can u do afk 24/7 on online game
10k Bawat Pamilya
I was looking for this topic a lot, you really explained it in the best and simplest way, I am really grateful to you. Good luck
Glad it was helpful!
You know, I am 30 years old and started my programming journey with python a few months back. THIS has to be the most fun/educational/value_packed video out there. Thanks for sharing your knowledge and thanks for helping out with an absolutely other project of mine :D
glad to hear that!
Is it just me or did the like button glow rainbow when he said there was a variable if I like the video or not
I also saw that, RUclips's a chang'in
Had to go back to see if I really saw it
time stamp?
there's a variable to tell if you're schizophrenic or not
0:16@@rsgmj
I have always been interested in reverse engineering.This one's turning out to be my dream channel.Keep it up!
Will do!
Insanely productive video.
No bs
Hi! Using this pip package makes Read and Writes to process memory really easy and handful. But before finding your video, I managed to do the same by importing the kernel32 DLL from the Windows API using the built-in ctype module. That means that we are directly calling C functions from the Windows API within our Python script. While this is trickier and requires more lines of code to do the same thing, this is a wonderful way to learn how low-level stuff works while still using an easy high-level language like python! This is how I learnt the basics of assembly and memory management using Cheat Engine and creating my own trainer with Python while calling the original Windows API
Oh yeah for sure that's a better method, but this one is simpler xD
@@KianBrosecan you make a video about making a mod menu have gui with tkinter or pygame please I haven’t been able to get my crappy one to work
I've used cheat engines like the ones you find on wemod before but its cool to see what a cheat engine is actually doing. I studied abit of computer structure in college so I was aware how computers store memory but its interesting to see how memory can be easily manipulated.
indeed! It's just knowing da wae with python
@@KianBrose I see what u did there
Anyone Realize when he said like the like button turned chroma colar
Cheat engine = adware in installer
wemod = monthly payment
just dont use cheats at this point
Yes because those are definitely the only two options to cheat.@@Azertyyys
Wait……. 0:17 HOW DID YOU DO THAT 😂😂 your very creative. I noticed the Like button glow when you said that. Very cool, didn’t even know that was possible.
rainbow magic
@@KianBrose Legend 🤣💪
I just watched ur video now and it was wat av been looking for bro..... thanks champ
No problem 👍
Yoo I learned, appreciate the knowledge you share Liked and subscribed! Keep it up Kian.
Thanks!
This is amazing! Where did you go to learn all this kind of stuff? School, google, forums, friends?
Google, lots and lots of google
I find modern education to be sort of irrelevant, just learn what you want as you go by looking for it
@@KianBrose W
@@KianBrose🤨
We need more Python bots please ❣
Theres so many videos to make xD
@@KianBrose bro just one question if u know PUBG MOBİLE is there any chance that anyone can hack the UC in it or let me say the units that used to inapp purchase
@@walidtlm2788 probably not to be honest
@@walidtlm2788 money is stored on the servers and then you need to hack the servers and like aimbot is memory that's stored on your computer that's something you can use for example aimbot
@@walidtlm2788 You can change the ammount of money you have but you won't be able to use them since the server checks your real balance to make purchases. In the end is like Monopoly cash
really nice tutorial u explained everything very well and the speed of which you were explaining is perfect :)
thanks! Glad you liked da speed
BROTHER, YOU ARE THE BEST!!! You oooh really helped me!! THANK YOU VERY MUCH!
np
Hey there. I was wondering how I would make a python script that started running when a pointer value changed. Like when your health drops it automatically run. Can you also write that pointer value to a text file?
Theoretically you can put the statement that reads the value of the address in an infinite while loop that will only stop once the value is set to something you want, here's a rough theory behind it:
var = False
while not var:
pointer_val -read the value of your pointer here-
if pointer_val == something_you_want:
var = True
- do something -
hope that's understandable
As for writing a string to a text file:
file_object = open('file.txt', 'a', encoding='utf-8')
file_object.write(f'{pointer_variable}
')
file_object.close()
@@KianBrose that’s brilliant yeah that would work really well I’ve just started doing coding and I’m not great at it. Made a randomiser that never repeats until it’s used up numbers 1-50 then restarts. A few read and write things. Lists and stuff but yeah very basic but I’m wanting to do a few more things. This is so helpful thankyou. Your video was very well done by the well really insightful.
@@KianBrose also. Sorry again. Would I have to start the python script initially? And how would I stop the while loop if I’ve made it so it would run constantly (whole duration of gameplay). If that makes sense. Is there another way to stop it.
@@DexNeXuS1 glad you liked it!
@@DexNeXuS1 yes, you can use while loops with conditions that will eventually break when something happens as I showed in the first snippet
Bro we need laptop to do mod or we can do on any device
You do need a PC to make the mod yes
@@KianBrose tanks bro and happy easter
Interesting, and very informative. Good job!
Thank you!
The way you find pointers is much faster than the way i used to!
True fact: he is in the same cave as tony stark in iron man 1
Lol, yep my walls are literal big rocks
It was very easy to understand I like how you explain using analogies! I'm curious about game hacking and it's not easy to find a good video like this
glad to hear that!
Thx, a great explanation video, espacially the offset-part
Glad it was helpful!
great vid man!
Thanks!
finally i found another swedish tech pro, keep up❤
Thanks! Will do
Love your content! Keep up the greate work!
Thank you! Will do!
Thanks for the tutorial man!, i made a executer runner for roblox thanks to this vid
Np!
Cool bro! greetings from Central America
I just started watching this video, so I'm not familiar with the content or the channel in general, but I really appreciate the lack of "Hello my name is X and today we'll be doing Y". Nice and straight to the point.
Thanks!
Great vid. 👍🏾
Thanks!
good work king, love you
Ty
Love ur gaming bots tutorial. 👍🙏 Thankyou
Glad you like them!
Your living space is rad 🤙🏼
Thanks, my cave is nice and cozy
Helpful video after I watched the video I found out that there is subscribe variable which I executed immediately :D
ty"!
You rocked in this tutorial! 🤟
Thank you!
really helpful!!, made my own menu for a sp game
nice!
Very interesting video :D
YES!!!! FINALLY THE LEGEND HAS COME BACK TO PUBLISH A NEW VIDEO!!!!
I WAITED SOOOOOOO LONG!!!!
I LIKE YOUR VIDEOS BECAUSE IT'S SO EASY TO UNDERSTAND!!!!
Ty!
Good, thanks for share!
np!
Teaching me new things everyday
Nice
The best subscription request.
Lol
Thank you mate
You're welcome
What an amazing video
thank you
Bruh, I've been grifting through all this.
Loving your breakdowns. 🤙
thank you!
Nice video
Thanks!
Nice video, easy sub
Thank you!
I didn't know that Cheat Engine was actually such a complex program considering that that was one of the first apps I downloaded from the internet...
your job is amazing :Dd
Thanks!
I am a CS student and have never heard pointers explained better than in your 15 second breakdown
lmao that's sad
Works good, tnx
np
OMG Thank you so much
You're welcome!
Nice work ! :D I will try it later with Ratopia
gl
wow didnt understand anything although you explained it perfectly and watching your cheat videos is damn entertaining, hope you get your playbutton soon
lol ty
Thanks for the knowledge you gave me I am going to use to bypass anti cheats and develop malicious cheats for games, thanks! now im learning kernel level injection
bruh
damn, this is really interesting, thanks
np!
ok the like button lighting up rgb when he mentioned it was sick
rainbow magic
Even i dont use mod menus and not planning on it its helpful to learn codeing
Kians back again with his "educational purposes" video
ofc
Love from Lovelak !!
ty
I have so many ideas for this
Nice
Thanks !! I build a mod menu with this
Nice 👍
i very like ur video ur awsome guy
Thank you!
Thanks, this brings me back to getting 2.47 billion dollars in asphalt 8 in high school 😂 we would play that game at school as it was one of the only ones that would run on the laptops both hardware wise and network wise
ayy the max 32 int value, 2.147, nice!
Love your vids ❤❤ more bot videos later please 🙏
Well, that variable that made the like button shine made me auto liked the video.
magic
One cool thing to know, the offsets are being written in python from down to up, or in programming terms, from right to left(least significant bit to most significant bit) due to windows systems being little endian.
Some extra knowledge to get you to explore system memory and its core concepts :)
thanks BRo
No problem
thanks
😀😀😀😀😀
No problem 😊
nice thx
np
Great tutorial! Another way you can do pointer scans is manually. After you activated that breakpoint you can see the address is stored in ebx. If you open the registers and look at ebx, then scan for that pointer value, save the results then re-launch the game. Set another breakpoint on that same function command and then update your search. This generates a substantially smaller pool of results and also takes a great deal less time!
Will you be going over how to call/alter game functions? or maybe alter the assembly code instructions?
thats ctually fairly advanced usage of cheat engine i dont even know how to do yet lol
it does sound interesting,b ut atm im trying to like move away from tutorials into more "educational entertainment" so it's highly unlikely
in regards to pointers, i dont really use them anymore, i was unable to use pointers with emulated processes like bluestacks so moved to another method called AoB scanning which ive used ever since
@@KianBrose AOB is very handy but can be time consuming especially if the memory ranges are MASSIVE. There are some fairly advanced techniques that use AOB to scan for a function call which returns the desired pointer to a struct.
I used to rely HEAVILY on memory manipulation (what you showed) with AOB scans in the PS3/Xbox 360 days. Still useful! All the same, I'd love to see what sort of educational stuff you can come up with!
@@Cain532. indeed, i remember my first aob menu taking a solid 5 minutes to scan for values even with methods like taking in 4086 (dont remember exact byte size, multiple of 8) bytes of memory to read at once to minimize memory reads and other methods like that, i also find it quite a lot simpler than pointers once you get the hang of them
@@KianBrose haha Oooh I remember those days too... Awesome stuff man :) Definitely looking forward to seeing what I can learn from you!
Why you don't get much views? This was amazing
Because as youtube decided to remove the dislike button, people are now unable to judge the authenticity of educational content on the platform which naturally repels viewers from either looking for it or spending time figuring out whether it was good or not
Hey I stumbled upon your channel a while ago & I learned a ton! thank you. I been on this tutorial for a while. So far I can get the baseaddress to print the value but with offsets it cant seem to find it. Do i keep trying different offsets from the addresses loaded up?
In modern games you need to do the pointer scans at least a few dozen times before getting rid of most false positives, but since for demo purposes I used the training program i only had to do it a couple of times
@@KianBrose ok makes sense. thank you. It's definitely a tedious process. Im going to try and do a python script to automate it all.
Nice
i love how the like button turns rainbow when you say like button
ty
looking forward to the video about AoB scanning..
probably wont come tbh
@@KianBrose 😔🥲
what a god
ty xD
A neat system I found was when I was introduced to Roblox hacking. You can scan for variables being used (adaptation of remotes) and eventually find the one you want by doing the action repeatedly until the variable shows up. You can create simple code to modify it then.
indeed
So you can modify variables in Roblox games with cheats?
thx
mmmmmmmmmmMMMMMMMMMMWWWWWWWWWWWWWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
yoo he said dat and the like button glew
I have used Cheat Engine for a lot of games and right now I am focused on The Long Dark (there is a detailed video on my channel). However I wish I could transform this into a mod menu which identifies all resources I need into the game and automatically turns them into the value I need.
My experience with Phyton is zero but I will give it a try. Maybe it will work. In this video you used the CE tutorial which is a very easy "game" with only one variable but The Long Dark is much more complex, even if it uses the same principle: find the address and freeze it to where you like it.
Huge thanks for the video
To be honest, for a complex case with bigger games I'd recommend using AoB instead of pointers which is generally easier and more reliable, it will require using a c language like c# or c++
0:16, when he says "the like button" the like button actually glows :DD
rainboow
I’m high asf and you taught me more in 20 minutes than school ever did.
nice
some corrections:
1:48 - while technically true, its quite misleading in this context. Modern OSs don't actually give you direct access (atleast easily) to the physical memory in your computer, each process is given its own virtual memory space, it is completely empty, only filled with exclusively what the running program requires to operate, and so the addresses that are shown in cheat engine, and the ones you use to write your own mod menus, use these virtual memory addresses. It is entirely possible for processes to have resources allocated at the same virtual address, matter of fact, all system dlls are guaranteed to be located at the same virtual memory address in every process, partially because the OS relies on DLL injection for standard operation. This is also possible for user dlls - when an instance of one is loaded into memory, any subsequent mapping of it will use its base address, though only as long as nothing else is located there, until all instances of this dll are closed (to an extent, this is heavily dependent upon the version of windows, it might forget the base address right away, or it might take a system restart).
7:33 - it should be noted that this way of getting the image base will likely never work in the real world. Starting with windows vista a mechanism called ASLR was introduced. This stands for Address Space Layout Randomization, a mechanism that ensures that the base image, stack and heap address won't always be the same. While at the time it was introduced the enforcement of this feature was quite lax, nowadays modern OSs and compilers are far more aggressive at applying it. It can still be disabled though, by modifying the applications PE headers (and in rare cases changing some settings in windows), which is what the CE tutorial executable does.
For more indepth reading about ASLR you can check out - www.mandiant.com/resources/blog/six-facts-about-address-space-layout-randomization-on-windows.
also i keep seeing the mention of AoB scanning in the comments to get around ASLR, it should be noted that this is not entirely necessary. To get the base address of an image, internally you can either use GetModuleHandle or CreateToolhelp32Snapshot, while externally only CreateToolhelp32Snapshot will work, for python I'm sure there's libraries that expose this functionality.
Great comment, it was unfortunately buried in a weird youtube bug that I was notified today was fixed, you hit some kind of spam filter
I did not know about most of those things outside of the existence of ASLR, I just knew that while it existed I never encountered it in the wild
Personally my main reason for going with AoB nowadays is its just pretty simply and convenient to be honest, doesnt require injection, rarely requires anticheat bypass, simple and functional
For at least one game I have successfully concurred the elusive 2 cheats "POWER AND MASS" with Cheat engine. It may change from now game to new game but it remains for the game you are in at the moment. I use power or mass I just go to the value and enter 1000 to make power 1000 to Mass enter 200 and its 200. I stopped the game to rest and it may have changed but will come back and inform you of what it does.
I like your funny words magic man
Ty
amazing video and explanation. i was wondering if you could do some for games if that is possible?
Sadly I wont be doing any videos where I show how to use the pointer methods for a game since it's a horrible process and is starting to be nearly impossible to do in 2017+ games where a single pointerscan can take like 200 gb of disk space, but I'll very likely be making a video about how to use "AoB" scanning which is conceptually simple and very reliable
This video was more of an introduction to how mod menus actually work, some of the logic behind them, memory addresses, what they are and what they do and how to make something really really simple with python
@@KianBrose ah alright well thats fine thank you very much for your response :D
@@ilsigniore2260 np
Nice vid.
PS: You look like Steve Smith from American Dad,
Lol
WHY DOESMY LIKE BUTTON GLOW WHEN HE SAYS IT?! EVERY TIME TOO
Magic