VB6 Name Spoofing Tutorial [Part 1]

[ViperSRT3g]

Starcraft v1.15.3 Name Spoofing Tutorial Part 1
Written: 11/23/08
Author: ViperSRT3g

This Tutorial is part of a two part tutorial. The second half of this tutorial can be found here: [Part 2]

This tutorial will go over all the odds and ends of creating a working 1.15.3 Name Spoofer Using Visual Basic 6.

Software Needed:
Artmoney
Starcraft
Microsoft Visual Studio 6.0 (Last Version of Visual Basic 6)

Steps:
1. Getting your name in Artmoney
2. Creating your Visual Basic Project
3. Using Modules
4. Using Hotkeys
5. Temp Ban Protection
6. Color Spoofing!

Viper's VB6 Name Spoofing Tutorial

Getting your name in Artmoney
A vital process when making any hack is to find the offsets that you'll be using. So open up Artmoney, and open up Starcraft. Attach Artmoney to Starcraft in the dropdown Select process box. Log onto Bnet.


We are now at the point where we can begin using Artmoney to find our name spoofing offset. This portion of the tutorial will be nearly exactly the same as Overflow's tutorial on Name Spoofing here: Overflow636's Name Spoofing Tutorial

In Artmoney, click the Search button And search for your name.


You'll be searching for a text type value, and in the value field, you enter your name exactly how it is (Case Sensitive).


In my search, Artmoney found 4 offsets that contained my name in it.


4 Offsets is a manageable number, so we can easily figure out which one is our real name spoofing offset. Click the Teal button to bring all the found offsets to the right side of the table so that we can work with them further.


Now that we have our offsets on the right side of the table, we can now edit them in anyway we see fit.


For those who do not know, Unicode is the type of byte arrangement that lets ASCII characters extend to support many languages. (Upwards of the 256 default characters) One of the only places in Starcraft where Unicode exists is in the channel chat area. So it is safe to say that our Unicode offset here is NOT our name spoofing offset. So let's delete it.

The last three remaining offsets all look very similar. They are not Unicode, they all contain the exact text that we may need, however they are in different regions of Starcraft's memory. The first offset starts off with 059, which basically means it's always in Starcraft's memory. The last two, start off with 190, which means they are only used when on Bnet. That means that our name spoofing offset is located in ONE of the two offsets that start with 190. So we can delete our first offset.


Now that we are down to just two offsets, it's time to check to see which one will actually change our name. Go ahead and change the value of the first character in each name to a number, using consecutive numbers allows us to see which offset is which. The first offset was changed to 1iperGTSR3g. The Second offset was changed to 2iperGTSR3g as shown below.


Now join a game in Starcraft to see which number the first letter in our names changed to. As you can see, our first offset is the right one! We can save both offsets however, for the second offset will be useful later. Now that we have our offsets, lets start making our Visual Basic Project!



Creating your Visual Basic Project
1. Start up Microsoft Visual Studio 6.0
2. Choose create Standard EXE
3. Click the code button to set the editor to code mode (Similar to Dreamweaver's basic design)

Now that we are in the code writing process, we can set up the basics of any Visual Basic application.
The first line in any VB app should be the line "Option Explicit". The reason for this is because if you DON'T use it, you can save any type of value to any type of variable, without your compiler notifying you of this error. This could prove to be very problematic later, so just add it in.

Similar to C++, our VB Project will require certain "header files" before we continue. Our project will set up Hotkeys later on, so we will need our GetAsyncKeyState API. Your source coding should look like the following:

Code:

Option Explicit

Private Declare Function GetAsyncKeyState Lib "user32" (ByVal vKey As Long) As Integer

Now that we have our API included with our project, we can go ahead and add the meat and potatoes of our spoofer.
Click the "View Object" button to go back to editing the GUI of our project:
Add a button to our project by clicking the "CommandButton" tool:
Add a text box to our project by clicking the "TextBox" tool:
Your project should look roughly like the following.


Now that we have our GUI created (Your free to make it look the way you want as much as you like) we can now add the coding in to make them do stuff! Double click the button you added in earlier to go back to the code viewer. The editor will automatically create coding for you when the button is actually pressed. Your coding should have automatically created the following code for you:

Code:

Private Sub Command1_Click()

End Sub

This code will be executed when the button gets clicked. Let's add a call to the function that will actually do the spoofing (Once we add the spoofing process in) Between the "Private Sub Command1_Click()" and "End Sub" lines include the following code:

Code:

Call Spoof

Once we add in the WriteProcessMemory module, we'll be able to set up our spoofing function that will get called when the button is clicked!

Using Modules
I have included the module here: modMemoryDP.bas
Or you may download it via Logos' Siggy here: modMemoryDP.bas
This Module will allow your Visual Basic project to read and write to and from Starcraft's memory!
Now to include the module into your project, simply go to the Project file window. Right click>Add> Module>(Existing if you saved the module)New if your copy pasting
Then simply navigate to where you saved the module, and it will be incorporated into your project!


We can now create our Spoof process! In our form's code window, we can now include the following text right below our CommandButton text:

Code:

Private Sub Spoof()
Dim ret As Long 'Initializes the return variable that will help you in debugging
Dim hwnd As Long 'Initializes the variable to hold your process ID number
hwnd = modMemoryDP.FindWindow("SWarClass", "Brood War") 'Uses the module to find Brood War
    If hwnd = 0 Then 'If it didnt find Brood War, it will look for Starcraft
        hwnd = FindWindow("SWarClass", "Starcraft") 'Uses the module to find Starcraft
    End If
'Writes your name to Starcraft's Memory
ret = modMemoryDP.PokeString(hwnd, &H19044EE8, Text1.Text & vbNullChar)
End Sub

If you want, you can use this as a standalone spoofer already, just press F5 or hit the Start button to run your program.


Let me go in depth however, and explain to you what's being done here.

Code:

Dim hwnd As Long 'Initializes the variable to hold your process ID number
hwnd = modMemoryDP.FindWindow("SWarClass", "Brood War") 'Uses the module to find Brood War
    If hwnd = 0 Then 'If it didnt find Brood War, it will look for Starcraft
        hwnd = FindWindow("SWarClass", "Starcraft") 'Uses the module to find Starcraft
    End If

This block of code here initializes the variable that will hold the process ID number of the program you intend to read or write memory to. It's purpose here, is to let the module know what program you intend to modify. Which in this case is Starcraft. The code below that, will find Starcraft for you, and if it cannot find Brood War, will look for Starcraft itself. This code right here was taken directly from Logos' CD Key grabber which you can also find here.

Code:

'Writes your name to Starcraft's Memory
ret = modMemoryDP.PokeString(hwnd, &H19044EE8, Text1.Text & vbNullChar)

This block of code is rather self explanatory, it is the line that actually writes to Starcraft's memory allowing you to spoof. If you have not touched anything, it should write "Text1" as your name because the textbox is created with the text "Text1" by default.
The "ret" variable allows you to put debugging processes into your program, such as notifying you if it successfully wrote to Starcraft's memory, without having to actually check in Starcraft.
"&H19044EE8" is the offset to write to. It can be copy pasted from the offset we found in the Artmoney table. "&H" preceding a number in VB6 means a hexadecimal number.
"Text1.Text & vbNullChar" Is the place your spoof is stored in. The "vbNullChar" is an automatic variable in Visual Basic that you do not need to initialize. It's hexadecimal and deximal value in the ASCII character chart is a plain and simple 0x00, or null as it's name implies. It's simply zeroed out memory that Starcraft looks for to let it know that it has reached the end of your name.
All GUI features in VB6 have a name, for our textbox, that name is "Text1" you can change it's name in the Properties form below.


And all objects have many sub-object properties that fall under them. the ".Text" that is after "Text1" is an example of this. The Properties form displays a bunch of sub-object properties that you may alter, such as the textbox's height and width, it's position on your form, what text it may already contain by default, whether it's going to handle numbers, if it's going to be editable, or if it has a maximum character count. By modifying these, your able to customize your GUI to make it look like anything you can imagine.

Another important subject that arose from sub-object properties that has arisen is the actual amount of characters your able to use in a name. The default maximum is 15. However by spoofing, your able to obtain a maximum of 23 actual characters. We'll cover how to exceed this default without being disconnected later in this tutorial. So just to be safe, for now change the "MaxLength" property of the TextBox to 15.


You now have a standalone Name Spoofer. You may continue on if you want to learn how to make your name spoofer accept hotkeys as well as provide temp ban protection for adding in colors or spoofing to more than the default 15 characters.

This concludes Part 1 of this Tutorial

Credits:
Many Thanks to LCSBSSRHXXX for his initial Name Spoofing help back in 2007.
Thanks to Logos for bettering the Visual Basic Module for writing to Memory.
And to Zonemikel for making me wanna make a tut ^^

[homegrownpeas]

this is very nice viper thankyou for making this.

[Phrostbite]

Thanks for writing this. You make it look so simple and you explain how you do it each and every step. A+

[ViperSRT3g]

Thanks! ^^ I hope this will help benefit many people in the future.

[gHz]

Hey Viper i followed exactly your tutorial. Downloaded Artmoney and all that stuff. So i opened starcraft, and logged into my battle.net account. After i did that i minimized Starcraft and opened ArtMoney. BUT!! when i Select Starcraft Process i get this "Unable to open this process. Try to use PRO edition" but does'nt Pro edition cost money? or can i get a crack out there? ive been trying to look on youtube, but found nothing helpfull.
- Please reply i really need someones help in here


- gHz

[Dyndrilliac]

Are you running Vista? You may need to run Artmoney with administrator privileges. It's possible Artmoney Basic doesn't retrieve Debug privileges which is keeping it from retrieving a process handle, and explains why it suggests upgrading. IMHO, I never liked Artmoney - I suggest using L Spiro's MHS instead.

L. Spiro's Memory Hacking Software

[Frager]

problem , VB6 can't seem to find Brood War , i tryed other module the same , i can only change name from Cheat Engine :(

[ViperSRT3g]

This bit is where it finds Brood War. If this does not work, then please PM your source coding and I can help you further.

Code:

hwnd = modMemoryDP.FindWindow("SWarClass", "Brood War")