That is only DLL injection, you still have to make a separate DLL which creates a Variable from an Address in the Process Memory and modifies it. I have posted some sample code that I made to do just that, it has been tested and works (you have to change "0x0000000" of course).Quote:
Dll injection is easier than you think. All you need is to get the handle of the target process and do this
Code:CreateRemoteThread(handle, NULL, 0, (LPTHREAD_START_ROUTINE)LoadLibrary, "Yourdll.dll", 0, NULL);
Code:
[COLOR="DeepSkyBlue"]#include <windows.h>[/COLOR]
[COLOR="Blue"][B]float[/B][/COLOR] * AddressName = ([COLOR="Blue"][B]float[/B][/COLOR]*) [COLOR="Blue"]0x0000000[/COLOR];
[COLOR="Blue"][B]void[/B][/COLOR] HackThread() { [COLOR="Green"]//The thread where most of our stuff goes on.[/COLOR]
[COLOR="Blue"]for[/COLOR]([B];;[/B]){
*AddressName = [COLOR="DeepSkyBlue"]4000000[/COLOR]; [COLOR="Green"]//Makes "AddressName" or 0x00000000 equal to 4000000.[/COLOR]
Sleep(77); [COLOR="Green"]//Adding a "Sleep" is a good idea and will prevent the program from crashing, even cheat engine has a freeze interval of 100 Milliseconds.[/COLOR]
}
}
BOOL APIENTRY DllMain(HINSTANCE hDll, DWORD callReason, LPVOID lpReserved)
{
[COLOR="Blue"][B]if[/B][/COLOR](callReason == DLL_PROCESS_ATTACH)
{
CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)HackThread, NULL, NULL, NULL); [COLOR="Green"]//Our DLL was just injected so let's create our new thread.[/COLOR]
}
[COLOR="Blue"][B]return[/B][/COLOR] 1;
}
EDIT: Changed "#define AddressName 0x00000000" to "float * AddressName = (float*)0x0000000;" and removed unnecessary code.
Note: Be sure to initialize the memory addresses to their corresponding data types, i.e. make sure that the data at 0x0000000 is actually a float.