I programed a little trainer for windows space cadet. it just changes the current score to 1000000.
But the problem now is that the adress where the value of the current score is being saved to, changes every time space cadet is being restarted. Is there a way to get a constant access to the value?

Posted on 2009-02-24 10:35:50 by Mr. Psycho
I'll take a guess that the score is being stored in a small chunk of Heap memory, and probably on the Process Heap... they're allocating a 'state structure'.

You're always going to need to search for the address, however you can search intelligently... if the address does indeed belong to Heap memory, you can search the Heap for it (see HeapWalker).

Posted on 2009-02-24 20:29:03 by Homer
Ok. But i dont get the thing with the HeapWalker...Could you give me a short example?
Posted on 2009-02-25 11:11:28 by Mr. Psycho
This article describes the inner workings of the program called Heap Walker:

You can take this knowledge to build a specialized 'Heap Searcher' if you can find some constant fields near your target data...
Posted on 2009-02-27 10:21:59 by Homer
There's probably a pointer to the heap memory being stored somewhere, either on the stack or in a global variable. Find this pointer, use it.
Posted on 2009-03-01 10:29:33 by f0dder
Mr. Psycho, you should read some tutorials on www.gamehacking.net or whatever the website is called these days. I believe the trainer scene guys like to call this "DMA" - dynamic memory allocation. A static pointer to a dynamic variable like 'current score'.
Posted on 2009-03-08 06:37:48 by comrade
Good start though if you are figuring this out yourself. My first assembly program was a trainer for Soldier of Fortune in TASM.
Posted on 2009-03-08 06:38:23 by comrade