Tutorial : Making A Game Hack Trainer Using Cheat Engine Lua Scripting

Overview

Not every computer or video game supports cheats upon release. These games make cheating a little trickier. If you’re a hacker, you may be familiar enough with computer programming languages to take a close look at the video game’s code and find ways to tweak it to create cheats. But for the rest of us, we have to rely on the skills of knowledgeable hackers to create shortcuts for us and make them available somehow.

What you need to create your own trainers

In order to be able to create your own trainers for a PC game, you will need to get cheat engine and learn some very basic techniques to find values. If you do not yet have the skills required, then you might want to check out this tutorial on basic cheat engine handling. You will also have to be patient. The bigger the game is, the harder to actually get a trainer working. You will have to start, scan, restart for quite some time in order to get multiple pointers running and it will require a lot of patience.

Two ways to making your own game hack trainer using Cheat Engine

Game trainers are programs made to modify memory of a computer game thereby modifying its behavior using addresses and values, in order to allow cheating. It can “freeze” a memory address disallowing the game from lowering or changing the information stored at that memory address (e.g. health meter, ammo counter, etc.) or manipulate the data at the memory addresses specified to suit the needs of the person cheating at the game.

By using Cheat Engine you will have 2 ways to making your own trainer. First use Cheat Engine Form Designer and second is use Cheat Engine Lua scripting.

Making your own game hack trainer using Cheat Engine Lua scripting

We assume you already know a lot about the cheat engine (game process and so on), here I am just going to show you how to make a “simple trainer” using CE lua scripting.

Step 1 :

• Open your cheat engine (I am use Cheat Engine 6.4)
• In CE menu, click “Memory View”, a memory viewer window will pop-up (or you can use notepad to writing your script and later copy it to CE > Table > Show CE Lua Table Script), in CE memory viewer menu, go to > Tools > Lua Engine (or simply press CTRL + L)
• A Lua Engine window will pop-up (You can close your memory viewer window now)
• Now we can start typing our Lua script into Lua engine script sheet (below part in Lua engine)

Step 2 :

In this tutorial, we will make a very simple game trainer with properties (let we hack a online 8 ball pool game 3.3.4 by miniclip for example is to get long guide line for all tier rooms). So here :

Our trainer form properties will need :

• 1 Main Form
• 3 Buttons (Open Process Button, Long Guide Line Button, Exit Button)
• 2 Label (Process Identifier Label, Copyright Label)

By default CE with give name to our properties as :

• Main Form > UDF1
• Buttons > CEButton1, CEButton2, CEButton3
• Label > CELabel1, CELabel2

We will change our form trainer properties name later in scripting.

Step 3 :

• Let’s start typing our script in Lua Engine sheet.
• Try typing these script code by your self instead copy and paste

____________________________________________________

Script Code for Main Form :

____________________________________________________

— creating Main Form
local f = createForm( true );
  — Give title to Main Form
control_setCaption( f, ‘My First Trainer’ );
  — Set size of Main form Width=290, High=200
control_setSize( f, 290, 200 );
  — Set Main Form position display at center screen
form_centerScreen( f );

You can try to click “Execute” button and find out what is your trainer look like by displaying it into your computer screen. You can do this many time, but don’t forget to close your “trainer” after you have finish to looking it.

Remember, make sure you make a copy of your script to a notepad page and save it to your computer. This will avoid you loss your script. So, if you want to finish your work at a time, you can close CE and still have a copy of your script and can use if you want to continue writing your script next time. Just copy your script from notepad file to CE Lua Engine or CE > Table > Show CE Table Lua Script.

Or, when you finish your work in CE Lua Engine, just copy your script to CE Show Table Lua Script and save your trainer as a CE Trainer file. Now we continue our script :

____________________________________________________

Script code for Button Open Process, Label for process identifier with  functions  connecting to it :

____________________________________________________

— Make a function for btn_01 (Button Open Process)
— This function below use for read all process in comp. memory
function pidDialog(doPid)
local plugname = {“iexplore”,”flashplayerplugin”,”plugin-container”,”opera”,”chrome”,”awesomium_process”,”torch”,”dragon”,”maxthon”,”palemoon”,”safari” }
local function tmerge(t,o,…) for k,v in pairs(o) do t[k]=v end if select(‘#’,…)>0 then return tmerge(t,…) else return t end end
local function callLater(f,…)
local t = createTimer()
local a,n = {…},select(‘#’,…)
t.Interval = 100
t.OnTimer = function(sender) sender.Enabled=false sender.Destroy() f(unpack(a,1,n)) end
t.Enabled = true
return t
end
local function parseProc(s)
local p,n
for pid,name in string.gmatch(s,'([0-9A-F]+)-(.*)’) do
p = pid ; n = name
end
return  p,n
end
local function prec(i,p,n)
local weight = 0
for _,v in ipairs(plugname) do
if string.find(string.lower(n),string.lower(v),1,true) then weight = weight + 1 end
end
return {pid=p,desc=string.format(‘%5d-%04X-%s’,p,p,n),name=n,w=weight+i/2048}
end

local FP = createForm(false)
tmerge(FP,{FormStyle=’fsStayOnTop’,AutoSize=true,BorderWidth=4,Color=0x6495ED,;Position=’poScreenCenter’,BorderStyle=’bsToolWindow’,;Caption=’Double Click to Select’})
local LB = createListBox(FP)
tmerge(LB,{MultiSelect=false,AutoSize=true,Color=0x6495ED})
local cs = LB.Constraints
tmerge(cs,{MinHeight=300,MinWidth=400})
local fn = LB.Font
tmerge(fn,{Color=0xffffff,Name=’Courier New’,Height=-16,Style='[bsBold]’})

LB.OnDblClick = function()
local idx,PID,NAME = LB.ItemIndex,nil,”
if idx >= 0 then
for pid,pID,name in string.gmatch(LB.Items[idx],'([0-9]+)-\s*([0-9A-F]+)-(.*)’) do
PID = tonumber(pid,10)
NAME = name
end
end
if PID ~= nil then callLater(doPid,PID,NAME) end
FP.close()
end — LB.OnDblClick

FP.OnClose = function()  FP.destroy(); FP = nil end

getProcesslist(LB.Items)
local plist = {}
for i=1,LB.Items.getCount() do
local p,n = parseProc(LB.Items[i-1])
p = tonumber(p,16)
table.insert(plist,prec(i,p,n))
end

table.sort(plist,function(a,b) return a.w > b.w end)
local currProcId = getOpenedProcessID()
for i=1,LB.Items.getCount() do
LB.Items.setString(i-1,plist[i].desc)
if plist[i].pid == currProcId then LB.setItemIndex(i-1) end
end

FP.show()
end

  — Creating Label Open Process = label_01
  — This is to identifying which process opened
local label_01 = createLabel( f )
  — Set caption for the button
control_setCaption( label_01, ‘Waiting . . .’ );
  — Set label position left=100, top=20
control_setPosition( label_01, 110, 26 );

  — Make a function which executing by button click
  — in this case is for button = btn_01
  — function name is scanBrowser()
function scanBrowser()
pidDialog(function(pid,name)
OpenProcess(pid)
label_01.Caption = string.format(‘%4X-%s’,pid,name)
end)
end

  — Creating a button for Open Process name=btn_01
local btn_01 = createButton( f );
  — Set caption for the button
control_setCaption( btn_01, ‘Open Process’ );
  — Set button size
control_setSize( btn_01, 90,30)
  — Set button position left=10, top=20
control_setPosition( btn_01, 10, 20 );
  — Set a function work if button click by user
  — This is executing function scanBrowser()
control_onClick(btn_01, scanBrowser)

____________________________________________________

Script code for button for long guide line hack with all function connecting to the button :

____________________________________________________

Code AOB for long guideline 8 ball pool game 3.3.4 is :

AOB to scan : 24 01 62 08 12 05

AOB for replace : 24 16 62 08 12 05

 — Make a function which executing by button click
 — in this case is for button = btn_02
 — function name is longline()
 — This function will execute by btn_02 clicked
function longline()
 — put our AOB into a variable “scan_aob” an scan
result = AOBScan(“24 01 62 08 12 05”, “+W*X-C”)
 — put a condition if scan found or not
 — if scan found
if (result) then
 — replace all AOB found with our code
 — our code should writing with “0x..” in front of
lngt = result.getCount()
for x=0, lngt-1, 1 do
writeBytes(result[x], 0x24, 0x26, 0x62, 0x08, 0x12, 0x05)
end
 — show message hack success and make beep sound
beep()
showMessage(“Longline Activated”)
 — clear memory from scan result
result.Destroy()
result = nil
 — if scan our AOB not found
else
 — give message to user hack failed and make beep sound
beep()
showMessage(“Hack Failed”)
end
end

  — Creating a button for Longline name=btn_02
local btn_02 = createButton( f );
  — Set caption for the button
control_setCaption( btn_02, ‘Long Line’ );
  — Set button size
control_setSize( btn_02, 130,60)
  — Set button position left=10, top=70
control_setPosition( btn_02, 10, 70 );
  — Set a function work if button click by user
  — This is executing function longline()
control_onClick(btn_02, longline)

____________________________________________________

Script code for button for exit the trainer and all the function connecting to the button :.

____________________________________________________

 — Make a function which executing by button click
 — in this case is for button = btn_03
 — function name is exit_trainer()
 — This function will execute by btn_03 clicked
function exit_trainer()
 — close out trainer
closeCE();
 — clear all process CE in memory
return caFree
end

  — Creating a button for exit trainer name=btn_03
local btn_03 = createButton( f );
  — Set caption for the button
control_setCaption( btn_03, ‘Exit’ );
  — Set button size
control_setSize( btn_03, 130,60)
  — Set button position left=150, top=70
control_setPosition( btn_03, 150, 70 );
  — Set a function work if button click by user
  — This is executing function longline()
control_onClick(btn_03, exit_trainer)

____________________________________________________

Script code for copyright label / creator :

____________________________________________________

 — Creating Label Copyright
 — This is to show out trademark
local label_02 = createLabel( f )
  — Set caption for the button
control_setCaption( label_02, ‘Copyright Hacker – 2015’ );
  — Set label position left=100, top=20
control_setPosition( label_02, 80, 160 );

Well, we have done with our script. Next if you think everything is okay and tested result in Lua engine give  work properly result, now doing next step.

Step 4 :

• Copy all your script in Lua engine
• Paste 1 : to CE > Table > Show Cheat Table Lua Script
• Paste 1 : to your notepad file as documentation
• In CE, save your work as a CE Trainer file
• To save : File > Save

Congratulation, you have been done made with your first CE trainer by using lua script.

You can download source code here : sourcecode

After downloaded open it (text file) copy all code and put it into your CE > Table > Show Cheat Table Lua Script.

VCL Bro