Basics of making cheat codes - tomvita/Breeze-Beta GitHub Wiki
Code works by modifying memory. Hacking the right memory address with the right value gives the desired change in game behavior
ASLR, dynamic memory and reacquiring the addresses found previously by memory search
Address space layout randomization is performed every time a game starts. This means the game addresses are never the same when you restart a game. The game memory address that was found in search needs to be reacquired every time the game starts. Dynamic memory means memory is allocated when needed from a pool (heap) when needed and released back into the pool when no longer needed. This means target addresses also quite often don't stay the same even in the same gaming session. Luckily the second time around it is easier. Here are some of the method to reacquire those memory address
Base address + offset
Some memory addresses has a constant offset from main base address or heap base address. Every bookmark in Breeze always have this information and the current physical address. When the current physical address is not accessible, base + offset address is then used to resolve the memory address. If a bookmark is still good after you restart the game there is a very good chance that this may be the case every time you restart the game, to be very sure check a few restarts. To make cheat code is as simple as using the bookmark to cheat button in bookmark menu.
Pointer chain
Pointers that originated from main data segment sometimes lead to a chain of pointers that eventually lead to the desired memory addresses. What is needed is a series of offsets. To find these offsets is call pointer search. A bookmark in Breeze may also have a pointer chain attached to it. If a bookmark is derived from another that has pointer chain then it will also have pointer chain attached. If not pointer search needs to be performed. Just like the previous case you want to check that the bookmark is good when the game restarts, when there is enough confidence that it is good make a cheat code using the bookmark to cheat button in bookmark menu.
Pointer Search
Coming in a future update
Register content of game code
Game code is given the memory addresses of interest. By hooking game code and using the register content when the code execute we can have access to the memory address that we wish to acquire.
Hacking the game memory
CheatVM directly writing to game memory
CheatVM is executed at a fix frequency. On every cycle that it execute desired memory writes are performed. The timing is not in sync with game process.
CheatVM injecting ASM instruction that do the change
The act of hacking can only be performed when the hooked code has a chance to execute. The frequency of execution is not fixed. The timing is sync with game process.
Finding the code to hook
To hook a game code is to hack the game code to branch off to a code cave (a series of unused bytes in a process's memory that has capacity for injecting custom instructions).