CHAPTER 76. MINESWEEPER (WINDOWS XP) CHAPTER 76. MINESWEEPER (WINDOWS XP)
What is interesting is that we can modify the array right in OllyDbg. We can remove all mines by changing all 0x8F bytes by
0x0F, and here is what we’ll get in Minesweeper:
Figure 76.2:All mines are removed in debuggerWe can also move all of them to the first line:
Figure 76.3:Mines set in debuggerWell, the debugger is not very convenient for eavesdropping (which was our goal anyway), so we’ll write a small utility to
dump the contents of the board:
// Windows XP MineSweeper cheater
// written by dennis(a)yurichev.com for http://beginners.re/ book
#include <windows.h>
#include <assert.h>
#include <stdio.h>
int main (int argc, char * argv[])
{
int i, j;
HANDLE h;
DWORD PID, address, rd;
BYTE board[27][32];
if (argc!=3)
{
printf ("Usage: %s <PID> <address>\n", argv[0]);
return 0;
};assert (argv[1]!=NULL);
assert (argv[2]!=NULL);assert (sscanf (argv[1], "%d", &PID)==1);
assert (sscanf (argv[2], "%x", &address)==1);