Making a mod menu is easy! (Here's how to make one with Python and Cheat Engine)

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
in modern union is basically this little tool you can use with the games that lets you enable some cheats and while they're fun to use making them is a little bit more complicated in simple terms everything in games and programs is controlled by variables so for example your health your ammo in a game is a variable there's a variable that controls whether money appears on top of your head or not there's a variable that controls whether you have pressed the like button all of these variables are stored somewhere on your computer and that's what we call memory addresses you can imagine memory addresses as being a label on a box that contains a variable and what mod menus basically is is a program that tells the computer to change the value inside one of these boxes now that that's out of the way how do you actually make one so the first thing i want to figure out is what addresses i want to be modified and the best tool to do this is of course cheat engine now i have done a video before which i heavily suggest watching which explains the basics of how you use cheat energy so assuming you know the fundamentals the games i'll be using for this demonstration is the cheat engine tutorial you can access it by going to the help tab sheet engine tutorial where i will click next to get to the game itself this game is very simple it's just health that will decrease when you click on the hit me but here i'm going to do the exact same thing as i showed in the cheat engine tutorial to find the address that holds the health and here it is so by default cheat engine already shows the address where the value is located and on top of that lets us change it to whatever we want so this is already a very simple kind of modem so if i were now to create a program in c c plus plus or python that changes the value inside of these memory addresses we already have a mod menu and this leads me to the problem which is that if i close and reopen the game again the value i had found for the health will no longer work this is because the value i found is something called a dynamic address to be able to explain what a dynamic address is first i needed to picture how computer memory works every single second information is being written and read from memory addresses and generally speaking only a small portion of the total memory available is actually being used now one of these memory addresses contains the variable for the help and while the program is open it will be allocated which means that if i were to open a new chrome tab for example it wouldn't be allowed to store information like the link you're searching for inside the same address as the game's health if i were to close the game the memory addresses that were previously allocated including the one that stored the health variable will no longer be used which means that any program like chrome for example can use that same address to store their own variables in reality it's a lot more complicated than that but to keep it simple that's how i'm going to interpret it now that i know that closing and reopening the game will make the address i had found previously useless how exactly can i avoid having to find the same address every single time the game is closed and open and that's where pointers come in now according to a quick google search a pointer is a variable that stores the address of another variable the interesting thing about pointers is that they can be used to calculate an address by using something called offsets an offset is basically the distance between two memory addresses so for example if you had a pointer where the base address is all zeros and added an offset of for example aaa to it you would end up with a pointer to this new address so imagine you have a game called game.exe if i open the game it will allocate a memory address for itself in the memory currently available if this game has coins then every single memory address where the coins are located will be at a fixed offset from the address where the program allocated itself and no matter how many times the game has closed and reopened the coins will always be at the same offset distance relative to the initial address so now my job is to find the offset so that i can create a pointer pointing to the health address relative to the starting point of the game alright so going back to cheat engine where i already found the address for the health value first i want to figure out what offset i'm looking for to figure this out right click the address and click on find out what accesses this address i already see that something is accessing the address without me having to do anything but if i press the hit me button then i can also see that three new values that also access this address pop up here in between the brackets i can see that the offset is 4b0 and the zeros to the left can be ignored now it is possible that more than one offset appear in between these brackets and if that's the case then you want to keep the one that appears more often or just maybe try both now that i know the offset i want to generate a pointer map for this address by right clicking generate pointer map in the prompt it will ask where i want to save the pointer map and what name i want to give it i'll name it pointer map 1. now that the pointer map has been saved i want to run a pointer scan by right clicking pointer scan for this address take the used saved point map checkbox and select the pointer map that was just generated take the pointers must end with specific offsets checkbox and enter the offset that we had just found out which in my case was 4b0 press ok i'll save the results of the pointer scan in a file called pts1 which stands for pointer scan 1 and wait until that finishes running once that's done you can see that there are over 1 million results and most of these will actually be useless so what i want to do now is narrow down this list of pointers and figure out which one will actually stay when i close and reopen the game to do this i want to repeat the entire process with very slight changes i'll open the game again in the help tutorial press next to go back to the game where i was select the game tutorial process again from cheat engine make sure not to clear the list so that we keep the health that was found in the previous scan scan for the health there it is again generate a new pointer map for this address this time i'll name it pointer map 2. now right click the new health address again pointer scan for this address here i'm going to take the used saved pointer map again but this time i'll select the pointer map to which i just generated and the most important part is to take the compare results with other safe pointer maps where i'll select the first pointer map and the address of the health that was found during the first scan that no longer works press ok and i'll save this as pts2 what this is going to do is take the huge list of pointers that was found during the first pointer scan make a new pointer scan for the health address that was found and find out which pointers are exactly the same in both of the scans while removing the ones that were not identical now that the scan is completed there are considerably less pointers in the list than what i got in the first scan which is very good i'll start randomly adding a lot of these results by double clicking them and praying one of them works and if i close and reopen the game and select it from the process list i see that all of the pointers i had found work even though in most cases only a few of these will work finding pointers this way is very time consuming especially in modern games where you're probably going to need to do pointer scans 10 20 times to be able to find anything that's usable but in all fairness this is the most consistent way that i know of to be able to find pointers but now that the pointers have been found how can i turn this into a mod menu there are a ton of ways to do this depending on what language but since python is the preferred language for this channel i'll show you how to do it that way oh and by the way if you're enjoying this video a sub would be really appreciated so now open up a terminal and install the read write memory module with pip install read write memory the documentation of this module is pretty good and covers a bunch of examples which i'll be going so open up a new python file and start by importing the read write memory module with from redroid memory import read write memory as they stated in their documentation then i'll start the reading memory service with read write memory and store the results in the rwm variable now going back to the pointers that were previously found you can see that the base module is tutorial minus i386.exe and since i'm going to be interacting with this process directly i need to open it to do this use the get process by name function of read write memory which is stored in the rwm module like this and enter the name of the base module in the parenthesis like this i'll store the process in the process variable and open it in a new line with process dot open now i mentioned that the health variable is at an offset from the base address of the tutorial.exe so what i want to do now is figure out what the address of the tutorial.exe is and while i wish there was an automatic way to do this unfortunately it's never that simple unlike my segway to this video sponsor brain fm brainfm helps you focus better and be more productive by providing music made to increase concentration they also offer music for sleep relaxation and even meditation sign up today and get 20 off by using the code cambrose or using the link in the description alright so to get the base address we're going to need to calculate it manually to do this go back to cheat engine right click the health value browse this memory region go to tools and dissect pe headers what you can see here is the list of all modules that the tutorial is loading and here you can see the tutorial.exe which is the base for the pointer that i find i want to click on it and i can see that the preferred image space which is just a fancy way of saying hey when i open i want to be located in this address i'll copy paste it inside of a comment for now and create a new variable called the base address the value of this base address will be the preferred image space of the tutorial which as i just found out was this plus the address that was added to it in the pointer so in my case it will go from this to this oh and also remember to add a little zero x in front of the address to be able to tell python that it's a hex address and if you really want to you can also remove any zeros between the zero x and anything that isn't a zero now that the base address has been calculated all that's left to do is create the pointer according to the documentation so first i will declare a variable that will contain the pointer for the health i'll call it healthpointer and it's going to be equal to process.getpointer where getpointer is a function that as its name states gets the pointer to something the parameters it takes in is base address and then an array of offsets in this format so in my case i'll set base address to the base address variable that has already been calculated oh and by the way if you don't manage to find a pointer then you can always just take the address for the value and just stick it in here without any offsets and that will work just fine you'll just have to re-enter it every single time you close and reopen the game or it won't work but assuming you did find a pointer after entering the base address set a comma followed by offsets equals brackets and in the brackets write the offsets with the little zero x in front and here you can see how i did it compared to the offsets i got and yeah that's it for the pointer now i can write a quick little while one loop which will run infinitely that will save the value that the pointer is pointing at inside of a variable i will call value which equals to process dot read health pointer right under that i'll print the value and the quick run shows that the script can in fact read the live health of the game now there is a possibility that you get this error message that says that the process can't be found and if this is the case you need to close python search for idle right click run as administrator file open recent and get back to the script now when you run it as administrator it should work properly so now that i showed you how to read an address which is already plenty useful when you combine it with bots for example but how can i write to an address and freeze it if necessary to write to an address which i'll just use the health pointer i can use process dot write health pointer followed by a comma and the value that i want so for example 500. if i run this once i can see that the value changes to 500 and that's how values are set now freezing is just setting a value really quickly so that if something tries to change the value it's just going to be set right back to what you wanted it to be so just sticking the write statement into an infinite while loop that's the trick so yeah that's pretty much it for this video if you have any problems make sure to read the pinned comment first because i'm pretty sure that the answer is in there but other than that i hope you enjoyed and thank you for watching hey
Info
Channel: Kian Brose
Views: 798,029
Rating: undefined out of 5
Keywords: mod, menu, mod menu, cheat, engine, cheat engine, Kian, brose, kian brose, how, to, how to, how to make, how it works, works, work, python, how make mod menu, how mod menus work, how mod menu work
Id: Ot7SeZvfBA0
Channel Id: undefined
Length: 10min 28sec (628 seconds)
Published: Mon Oct 25 2021
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.