Jump to content




Editing random pieces of memory is a good idea.


  • You cannot reply to this topic
10 replies to this topic

#1 gamax92

  • Members
  • 157 posts

Posted 09 July 2013 - 06:10 PM

The full album of glitchyness here: http://imgur.com/a/AlP17

Spoiler

Images are in the Spoiler tag, there are 8 various images.

I actually ran this game on a real machine running MS-DOS 6.22, not a VM or DosBox.
The memory editing was achieved by a utility called Game Wizard 32 Pro. The game featured here is "Cyber Sphere"
Posted Image

#2 PixelToast

  • Signature Abuser
  • 2,265 posts
  • Location3232235883

Posted 09 July 2013 - 06:43 PM

epic win :3
rom/ram corruption is fun

#3 Zudo

  • Members
  • 800 posts
  • LocationUK

Posted 13 July 2013 - 01:02 AM

Lol, this topic makes no sense to me!

#4 Dlcruz129

    What's a Lua?

  • Members
  • 1,423 posts

Posted 13 July 2013 - 11:05 AM

View PostZudoHackz, on 13 July 2013 - 01:02 AM, said:

Lol, this topic makes no sense to me!

Ever used Cheat Engine? OP pretty much used a tool like it to change random variables on a game in MS-DOS.

#5 nutcase84

  • Members
  • 711 posts
  • LocationIn My Lonely Little Computer Corner

Posted 13 July 2013 - 06:31 PM

Awesome! Wonder if you can do this with modern games... B)

#6 Pharap

  • Members
  • 816 posts
  • LocationEngland

Posted 14 July 2013 - 12:53 AM

View Postnutcase84, on 13 July 2013 - 06:31 PM, said:

Awesome! Wonder if you can do this with modern games... B)

It's possible but it would require an insane amount of fiddling and hacking.

Anything that runs on an emulator it would be possible with, especially if the emulator is open source or has plugin support.

#7 Mads

  • Members
  • 604 posts
  • LocationCopenhagen, Denmark

Posted 14 July 2013 - 03:01 AM

View PostPharap, on 14 July 2013 - 12:53 AM, said:

View Postnutcase84, on 13 July 2013 - 06:31 PM, said:

Awesome! Wonder if you can do this with modern games... B)

It's possible but it would require an insane amount of fiddling and hacking.

Anything that runs on an emulator it would be possible with, especially if the emulator is open source or has plugin support.

It's basically impossible to do it with modern operating systems, as each programme has it's own physical memory, which is mapped to some virtual addresses via paging. These virtual addresses are what the programme sees, but not where the stuff is stored. See this example:

init_paging();
map_page(0x3000, 0x60000, 3);
int *p = (int *) 0x3000;
*p = 12;
kprintf("*(0x%x) = %i\n", (uint32_t) p, *p);

map_page(0x2000, 0x60000, 3);
int *p2 = (int *) 0x2000;
/* notice how the value of p2 is not set */
kprintf("*(0x%x) = %i\n", (uint32_t) p2, *p2);

First, the virtual address 0x3000 is mapped to the physical address 0x60000. Then a pointer is created, and its value is set to 12.
The virtual address 0x2000 is then mapped to the same physical address. A pointer is then created, but notice how the value is not set. This shouldn't be needed, as the two pointers actually point to the same physical address.

This is the output of the above code:
*(0x3000) = 12
*(0x2000) = 12


#8 Pharap

  • Members
  • 816 posts
  • LocationEngland

Posted 14 July 2013 - 08:51 AM

View PostMads, on 14 July 2013 - 03:01 AM, said:


It's basically impossible to do it with modern operating systems, as each programme has it's own physical memory, which is mapped to some virtual addresses via paging. These virtual addresses are what the programme sees, but not where the stuff is stored. See this example:

init_paging();
map_page(0x3000, 0x60000, 3);
int *p = (int *) 0x3000;
*p = 12;
kprintf("*(0x%x) = %i\n", (uint32_t) p, *p);

map_page(0x2000, 0x60000, 3);
int *p2 = (int *) 0x2000;
/* notice how the value of p2 is not set */
kprintf("*(0x%x) = %i\n", (uint32_t) p2, *p2);

First, the virtual address 0x3000 is mapped to the physical address 0x60000. Then a pointer is created, and its value is set to 12.
The virtual address 0x2000 is then mapped to the same physical address. A pointer is then created, but notice how the value is not set. This shouldn't be needed, as the two pointers actually point to the same physical address.

This is the output of the above code:
*(0x3000) = 12
*(0x2000) = 12

No need to explain virtual addresses to me

The kernel32.dll system library in windows allows you to manipulate heaps.(Yes,I interop)
In theory you could create a wrapper process to watch the heap.

It's also possible to dasm Java and .Net games, add extra instructions and then reasm them, so there's probably ways you could interrupt things using that technique.

#9 Mads

  • Members
  • 604 posts
  • LocationCopenhagen, Denmark

Posted 14 July 2013 - 12:34 PM

View PostPharap, on 14 July 2013 - 08:51 AM, said:

It's also possible to dasm Java and .Net games, add extra instructions and then reasm them, so there's probably ways you could interrupt things using that technique.

That has nothing to do with editing the memory, unless you do it from within the code. And if you do that, you'd have to recompile everytime you changed something

#10 immibis

    Lua God

  • Members
  • 1,033 posts
  • LocationWellington, New Zealand

Posted 15 July 2013 - 02:54 AM

There's no problem with editing random memory on a PC game (the function you want is WriteProcessMemory on Windows, or ptrace(PTRACE_POKEUSER) on Linux), but there's a pretty high chance of it resulting in a segfault (crash)

Edit: I tried it, as expected every time it crashed or nothing happened.

#11 Pharap

  • Members
  • 816 posts
  • LocationEngland

Posted 17 July 2013 - 07:22 AM

View PostMads, on 14 July 2013 - 12:34 PM, said:

View PostPharap, on 14 July 2013 - 08:51 AM, said:

It's also possible to dasm Java and .Net games, add extra instructions and then reasm them, so there's probably ways you could interrupt things using that technique.

That has nothing to do with editing the memory, unless you do it from within the code. And if you do that, you'd have to recompile everytime you changed something

You wouldn't have to reasm each time. .Net has the ability to dynamically load libraries, instantiate objects and other things using reflection (and I'd assume similar is possible in Java). So you could effectively just put in a bit of code that instantiates an inherited class found in a dynamically loaded library and then you could just use external libraries like DLC to screw with the memory.





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users