Our goal is to teach you what is happening underneath the hood of programs such as Cheat Engine. We hope to give you insight as to how to perform similar modifications by reverse engineering game code through the development of an external trainer for GZDoom. Enjoy!

• Make sure the imgui submodule is pulled.

  git clone --recurse-submodules [email protected]:Game-Hacking-Village/cpp_external.git
  

Necessary Dependencies that need to be installed:

scoop
msys2
cheat engine
pyton3
clion-ide (optional)

1. Navigate back to the parent directory, cpp_external

2. Run PowerShell as Administrator (right click) and change execution policy to allow installation of Scoop

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser

3. Run installation Scoop Package Manager in a new non-Administrative PowerShell terminal:

Invoke-RestMethod -Uri https://get.scoop.sh | Invoke-Expression

4. Install MSYS2 Build Platform

scoop install msys2

5. Set up msys2 environment using PowerShell.

msys2 -c "pacman -S --needed mingw-w64-x86_64-toolchain mingw-w64-x86_64-cmake"

6. In PowerShell and add MSYS to path and replace user with current Windows Username:

   setx PATH "%PATH%;C:\Users\<user>\scoop\apps\msys2\current\mingw64\bin"

7. Close and Restart PowerShell and verify that the MSYS path is added to PATH VARIABLE:

   $Env:Path

C:\Users<user>\scoop\apps\msys2\current\mingw64\bin should be the last path of the Path Environmental Variable

If so the MSYS tooling can now be accessed using PowerShell and is ready to use!!!

8. Install CLion IDE in PowerShell (Optional), Python (if necessary) and Cheat Engine

scoop update *
scoop bucket add extras
scoop install extras/clion

scoop install python

scoop install extras/cheat-engine

-or-

Visit website, Download and Install CLion IDE directly from JetBrains using traditional GUI installation:

https://www.jetbrains.com/clion/

9. Open clion-ide/PowerShell and clone external trainer repo:

git clone --recurse-submodules git@github.com:Game-Hacking-Village/cpp_external.git

10. Navigate to imgui directory into cpp_external dir:

git clone https://github.com/ocornut/imgui.git

11. Download GZDoom

cd doom
python download_doom.py doom_game

Now GZDoom will be ready to run in doom_game dir with Freedoom.

12. Build External Trainer Executables (if using PowerShell instead of CLion)

cmake .
cmake --build .

Clean CMake-generated Build

cmake --build . --target clean

./doom - dir with script to download and setup gzdoom + freedoom
./doom/doom-game - dir that contains the binary code for gzdoom including gzdoom.exe
./simple_game - a simple game to practice simple memory reading+writing
./external - the main source dir with the external trainer code

game - build the simple game
external_simple - build the simple external (write to an arbitrary address in a process)
external_gui_doom - a gui based external trainer for gzdoom

(*** -> means user needs to edit the file):

*** external_doom_gui.cpp >>> key file for building the interface for the GUI of the External Trainer

memory.cpp and memory.h >>> Contains resolve_PointerMap() function for traversing the chains of pointers to find destination address and ScanExecMemory() + CompareSignatureToBytes()
to scan to see if particular group of assembly instructions exist in within a process's executable memory pages

CMakeLists.txt >>> cmake file for building and compiling the code

process.ccp and process.h >>> Contains functions to get the process handle, process id and base address of the process

*** doom.ccp and doom.h >>> Creates the DoomProc class and setters and getters need to be built for each target (Pistol Ammo, Health, etc.)
*** offsets.h contains PointerMap structures for each of the targets to hard code the base offset and vector of additional offsets (Pistol, Ammo, Health, etc.)