The cThe Cheat application scansof PC memory and searchsearchesme value inside it. The cheat will scan only that part of the memory that your game is using. For example, you are looking at numbers or your game cash. Cheat found, for example, 1000 occurs under 1000 different addresses. The cheat will remember those addresses. Now, inside the game, the value of your money has changed. Cheat is searching under those 1000 addresses, and the value also changed. And then remember only those addresses where the value was changed. After several attempts, the Cheat App receives a shot list of addresses where your game cash is stored. Now you will tell theGame Cheat App: "Put another (bigger) value under every one of those addresses." And then, you will check whether the game's value was changed. If there was a change under those addresses, you could search exactly what address holding cash value. Or you can say whatever and change cash values on multiple addresses and don't care if your game will crash or not, or you will change at the same time gold minerals.
This description is simplified because the game can store cash value encrypted, encoded in many places, etc.. . It can store as a checksum for part of values and compare it from time to time (for example, during loading saved game).
You asked, "How do they make the game show their mini-GUI." When a cheat knows values to paint, it can only have to change the picture that has to be displayed on the monitor screen. This means the question is how to change graphic memory. Well, they have to read graphics memory, modify it, and put it back in their place. Games under Microsoft Windows are using DirectX or OpenGL. It's simple to use libraries to achieve the goal.
That's why so crucial for the Operating System is to get memory protection (read | write) for every process launched.
Memory protection is a way to control memory access rights on a computer and is a part of most modern processor architectures and operating systems. The primary purpose of memory protection is to prevent a process from accessing memory that has not been allocated to it. This prevents a bug or malware within a process from affecting other processes or the operating system itself. An attempt to access unowned memory results in a hardware fault, called a segmentation fault or storage violation exception, generally causing abnormal termination of the offending process. Memory protection for computer security includes additional techniques such as address space layout randomization and executable space protection.
Since Windows XP and on, all major operating systems have this type of memory protection. One program will not be able to write to another program's memory.
It might be possible that a program could "reclaim" memory de-allocated from another program, but it will not have the information previously stored within it.
This description is simplified because the game can store cash value encrypted, encoded in many places, etc.. . It can store as a checksum for part of values and compare it from time to time (for example, during loading saved game).
Another method:
Software developers know the game's source code (for example, Quake III Arena), and they know exactly how and where the game is stored, holding some values. Then, the developer can write a cheat to change another in-game value memory. For example, cheating is reading the coordinates of an enemy unit and "moving "the weapon crosshair to point at those coordinates. The game player is only pressing "fire" to shoot.
You asked, "How do they make the game show their mini-GUI." When a cheat knows values to paint, it can only have to change the picture that has to be displayed on the monitor screen. This means the question is how to change graphic memory. Well, they have to read graphics memory, modify it, and put it back in their place. Games under Microsoft Windows are using DirectX or OpenGL. It's simple to use libraries to achieve the goal.
That's why so crucial for the Operating System is to get memory protection (read | write) for every process launched.
Memory protection is a way to control memory access rights on a computer and is a part of most modern processor architectures and operating systems. The primary purpose of memory protection is to prevent a process from accessing memory that has not been allocated to it. This prevents a bug or malware within a process from affecting other processes or the operating system itself. An attempt to access unowned memory results in a hardware fault, called a segmentation fault or storage violation exception, generally causing abnormal termination of the offending process. Memory protection for computer security includes additional techniques such as address space layout randomization and executable space protection.
Since Windows XP and on, all major operating systems have this type of memory protection. One program will not be able to write to another program's memory.
It might be possible that a program could "reclaim" memory de-allocated from another program, but it will not have the information previously stored within it.
