You are on page 1of 9

MHS Change Log

Version 6.1 Pro (1:08 PM 12/5/2009) 1: Added support for Windows Vista Service Pack 2. Version 6.0 Pro (12:24 PM 11/18/2009) 1: Fixed the CallRemoteFunction() bug in the scripts. Version 5.9 Pro (10:11 PM 8/14/2009) 1: The Hex Editor no longer loses changes to files when the Helper window is disturbed (was caused by window messages overlapping). 2: Added the ATan2 function to the scripts. 3: Fixed the display of all lock types on float values in the Main Address list. 4: Fixed the display of the lock values on float values in the Modi fy Address dialog. Version 5.8 Pro (8:49 PM 6/4/2009) 1: Fixed the Modify Address freeze in the Hex Editor and RAM Watche r. 2: Added a second parameter to LoadProcess() (script API) to allow opening processes in Restricted Mode via scripts. 3: Added the GetProcessNameByPEproc() function to the scripts. 4: Fixed the alignment option in Expression Searches. Version 5.7 Pro (9:02 PM 5/7/2009) 1: Added the DrawBitmap function to the scripts. 2: Added the BrowseForFolder, GetPathFromIDList, and Execute functi ons to the scripts. 3: Fixed the displayed range of doubles in search dialog boxes. 4: Fixed the bug in the Auto-Assembler where DB, DW, DD, and DQ com mands could not correctly exceed 255 characters. 5: The C/C++/L. Spiro Script code printed in the Auto-Assembler dur ing preview now includes the length of the array. 6: Fixed the parsing of L"" Unicode strings in the Auto-Assembler. 7: Fixed that annoying search bug. You know the one. 8: Fixed the bugs related to showing message boxes (via scripts or DLL plug-ins) while MHS is detaching from the target process. Previously the sc ript functions or DLL functions would be called repeatedly while the message box was visible, often causing more message boxes to appear. 9: Added the DrawText function to the scripts. 10: The Hex Editor Helper Window now accepts all valid expressions f or input. 11: Fixed the bug in the Hex Editor that caused the data in the Help er to show the values from the first tab when clicking any address in any other tab. 12: Moving the cursor in the Hex Editor with the arrow keys while no t holding Shift now results in the selection being lost and the Helper window be ing updated with the current cursor position. 13: Fixed the Update button in the Modify tab of the Structure Edito r dialog. 14: Mapping templates containing pointers over RAM in the Hex Editor is now more stable. 15: Fixed Rotate Right and Rotate Left operations in the Hex Editor. Version 5.6 Pro (10:41 PM 12/28/2008)

15: The Disassembler now loads OllyDbg 2 UDD files for comments. 5: If there is no selection. allowing to mak e a new filter set from scratch. broken in MHS 5.5. Added Expression Search. 11: Nodes can now be deleted from loaded .lcf files in the Code Filt er. 3: Fixed the CallRemoteFunction() script function (previously alway s failed). 9: The NOP button in the Auto-Hack window no longer tries to NOP if no address is selected. 6: Added the Copy Address pop-up menu item to the Imports and Exports tabs in the Helper window of the Disassembler. 4: The arrow keys can now be used to change the selected item in th e Injection Manager window. 7: Fixed the bug where clicking the Go to Dis button in the Auto-Hac k window would always open in a new tab regardless of the check state.5 Pro (12:09 PM 11/23/2008) 1: Existing addresses in the Stored Address list are no longer over written when they have the same address as an item being added to the list. 9: The Disassembler no longer opens to address 0x00000000 if there is an error looking up module entry points. 4: Fixed an error related to setting breakpoints one address away f rom each other. 12: Added the File/New menu item to the Code Filter. 16: Fixed a bug in the scripts related to using floats as function p arameters. 4: 5: instead of ?. 14: The Disassembler now shows referenced addresses in more detail.1: Fixed the UDD Path option. 11: The Debugger now attempts to put the Disassembler in the foregro und when single-step breakpoints are hit.4 Pro 1: 2: 3: nter Searches. 5: Opening a process now falls back on weaker methods if the strong er methods fail. 2: The arrow keys can now be used to change the selected item in th e Auto-Hack window. 8: A major internal problem related to closing processes which has been there literally for years has been found and fixed. copy operations occur on the highlight ed address (the grey address) in the Disassembler. Version 5. (10:20 PM 9/18/2008) Fixed the Code Filter crash caused by not logging contexts. 13: Added the ability to supply registers when calling functions in the target process. 3: The arrow keys can now be used to change the selected item in th e DLL Injector window. 2: Search speed fixed on Windows® Vista®. Fixed the Copy Current Value in the Found Address list after Poi Added the ?: tertiary operator to the Expression Evaluator. Version 5. 6: Fixed a bug with the initialization of the UDD directory environ ment variable. 7: Restricted Mode no longer obtains the path and name of the proce ss. It generates these values instead. 10: Added the EnumWindows and EnumChildWindows functions to the scri pts. The Code Filter expression highlighter now uses ?? to highlight . 8: The Assemble button in the Auto-Hack window now works. 10: The module lists no longer waste time updating twice in a row wh en debugging begins.

018 (10:36 PM 5/17/2008) 1: The Go To dialog for the Disassembler has been fixed. Applies to the Auto-Assembler. 4: Fixed the version number. 7: Added SetProcessSpeed Hotkey. 2: Fixed the Assemble bug related to miscounting the number of inst ructions that need to be NOP ed when overwriting things. Bug was not related to A uto-Assemble nor the Injection Manager. efaults to treating and numbers as hexadecimal. ) bug in the scripts. 3: Fixed capitalization errors in function descriptions in the help file and Code Window.com/ 4: (9:55 PM 7/23/2008) The Sub Search dialog now allows all expressions as valid input. 6: The LockStoredAddresses Hotkey can now also be used to toggle lo cked/unlocked items. 5: Fixed a crash related to bad timing when closing other processes while MHS is closing. rary. CONSTANTVALUE.019 (11:15 AM 6/8/2008) 1: Variable view types added to the Context panel on the Code Filte r. LoadLibraryEx. Fixed a crash in the Code Filter Highlight by Expression feature r the [] operators. 3: The Delete item in the Hex Editor pop-up menu now works. and GetModuleHandle functions to the scripts. 2: The UDD path is now correctly reset when invalid upon loading of MHS. It is now possible to use one Hotkey to toggle locked item s on and off. 2: Added highlighting of functions that reference strings to the Co de Filter. 4: Fixed the Expression Evaluator bug related to placing a | direct ly after a number (previously treated the number as being in hexadecimal format) . 3: # prefix added to the Expression Evaluator to indicate a should be evaluated as a decimal number.rohitab.3 Pro (11:57 PM 8/19/2008) 1: The RAM Watcher can now be set on top of all other windows. Version 5. 4: Added the CaptureScreen function to the scripts. .Version 5. 5: Added the CallLocalFunction.2 Pro (7:40 PM 8/12/2008) 1: Added StructBuilder/Templates. LoadLibrary. Version 4. now cau opening number which d FreeLib Version 5. 2: Hex Editor now allows placing structures/templates over RAM/file s. 3: Fixed a bug related to the mapping of dynamic templates which ca used misalignment in nested dynamic arrays. Version 5. Thanks to Napalm of http://w for the EPROCESS definition. 5: Added highlighting of functions based on the evaluation of an ex pression. Added support for Windows® Vista® SP1. Fixed the for ( .1 Pro 1: 2: elated to using 3: ww. 2: The Code Filter is more stable while single-stepping and a process for debug. 3: Secret things changed.0 Pro (8:50 PM 7/13/2008) 1: Holding Shift while moving the caret with the arrow keys ses the selection to change in the Hex Editor. Version 4.

Previously unable to compile certain comma nds with multiple registers or produced incorrect machine code. Version 4.6: Fixed the assembler. SetCursorPos. 3: The Go To Target pop-up menu item in the Disassembler now allows going to the target in the current tab or a new tab. 3: The Anti-Anti-Cheat levels are now adjustable via the Options me nu. GetFuncHookHook. GetFuncHookTotalCalls. 7: Added Code Filter. 9: Fixed a security bug. 3: 4: All cases of Memory Hacking Software changed to MHS in the help file . Version 4.exe functions are now shown in the Disas sembler. and ClipCursor functions t o the scripts. 4: The entries to ntoskrnl. GetNtOsKrnlPath.0. CreateFuncHookInfo.0. 8: Postfixing octal numbers with U or L in the Expression Evaluator no longer results in 100% 0 values.0. DestroyHookInfo. GlobalDeAlloc(). 11: Functions in Hal. 5: Help file updated. 2: Secret things changed. GetProcAddress. CreateRemoteThreadAndGetReturn.016 (7:12 AM 3/6/2008) 1: The secret DLL files are no longer left on the hard drive if MHS is used to hack itself and the Disassembler or Hex Editor is opened. 6: Added the CreateHookInfo. 7: Added the CreateRemoteThread. 2: Functions exported by the HAL are now shown in the Kernel Functi ons tab. .15 (7:48 AM 3/4/2008) 1: LOCK is now highlighted in the Auto-Assembler editor. 7: Added RegisterSymbol() and UnregisterSymbol() to Auto-Assemble. 5: Added the GetCursorPos. GetNtOsKrnlName. 10: Fixed a security bug. and GlobalFree() added to Auto-A ssemble.14 (1:06 AM 2/12/2008) 1: The All list in the Open Process dialog now shows processes that have not been closed properly.dll are now shown in the Disassembler. 6: Added the AddAddress function to the scripts. an d CallRemoteFunction functions to the scripts. 2: The SDT table no longer takes a long time to load on Windows Vis ta. GetFuncHookTotalHooks.0. GetNtOsKrnlRange. 6: Bypasses more stuff. 9: The buttons on the Auto-Assemble dialog no longer remain distort ed after normalizing the window from a full-screen state. Version 4. GetHookI nfo.EXE extension is now added automatically if not supplied in the Modify Self dialog. GetFuncHookC all. Version 4. 13: Fixed the AddBreakpoint() script function.017 (3:17 PM 4/7/2008) 1: The crash caused by loading the Disassembler on Windows Vista is fixed. LOCK DEC instructions no longer cause problems being assembled. D estroyFuncHookInfo. 4: Added Restricted Mode. 12: The . and GetKernelProcAddress functions to the scripts. 2: GlobalAlloc(). 5: Group Searches now use epsilon as per the search options. GetFuncHookInfo. 8: Added the GetEproc function to the scripts.

13 (12:02 AM 1/21/2008) 1: Added the RegisterHotkey and UnregisterHotkey functions to the s cripts.12 (12:28 PM 12/28/2007) 1: Advanced Speed Hack to work on more games. 3: Added the OpenProcess function to the scripts. 15: Fixed Group Search when supplying floating-pointer numbers. 5: All processes opened after MHS now appear in the All listing of the Open Process dialog. 4: Fixed the OpenThread description in the help file. and other things. 17: All search-related dialogs accept any valid expression for all i nput fields. Hex Editor. wi ndow titles. 3: Modified the way Auto-Assembler scripts work when applied to Sto red Addresses. 12: MHS now remains open longer than other processes during system s hutdowns.0. and GetSd tTotalFuncs. 15: The Property header of the Info tab of the Helper dockable of th e Hex Editor is now wider by default. 19: Added the ability to view chunks in the Hex Editor or Disassembl er from the Properties dialog. GetCurrentSdtTableAddress. 26: Added the Assemble command to the Disassembler pop-up menu. 14: Filler instructions are lightened in the Disassembler. 16: The EPROCESS tab in the Properties page is now filled even when opening a hidden process. 13: MHS now shows <unknown> in the Open Process dialog only when proce sses are unnaturally hidden (very rarely). 11: Increased compatibility with Windows® Vista. 7: Added the ReadLocalMemory and WriteLocalMemory functions to the scripts to allow reading/writing of kernel RAM.0. 20: The Properties dialog now defaults to the Chunks tab. 17: Fixed a crash in the Disassembler related to trying to open a ta b to an invalid address and then later viewing a kernel address. GetSdtTableAddress.0. and Properties).0. Version 4. 23: Hotkeys added via scripts are no longer saved between sessions.14: Module-list processing stabilized when attached to processes tha t hook certain API functions to protect themselves (improves stability in the Di sassembler. . 21: The EPROCESS tab of the Properties dialog defaults to having a w ider header. 2: Added snippets to the Auto-Assembler. GetSdtFuncAddress. 9 Function/Enum/Struct/Typedef/Function database complete. 10: The EPROCESS tab in the Properties page is now filled on Windows Vista. 2: Added the LockScanForRead and UnlockScanForRead functions to the scripts. Version 4. 6: Code compiled with the Auto-Assembler is now smaller. 24: Added the GetSdtFuncIndex. 16: The Exports tab of the Disassembler now shows module addresses. 8: Added a self-modifier which allows MHS to change its CRC/MD5. 22: It is now possible to snap the search range to selected chunks o r selected modules via the Properties dialog. GetSdtFuncName. 25: MHS is now able to bypass all anti-cheat protections to open pro cesses and read their RAM. 4: Processes that are opened after MHS now have their EPROCESS addr esses shown in the Open Process dialog. functions to the scripts. Ge tCurrentSdtFuncAddress. 18: SO() and EO() operators added to the Expression Evaluator.

11: Fixed the token-replacing bug in the Auto-Assembler. 10: Fixed the Hex Editor crash related to modifying values with the Modify Value command. if left open). iretd. Set SF. 4: db commands in the Auto-Assembler are no longer restricted to on e type of data (string. Addition includes the [ENABLE].0. and dq are now highlighted in the Auto-Assembler editor. repz. popa. Version 4. 6: Single-stepping now highlights the current function. popf. Set AF. pusha. 5: Fixed a compilation bug in the scripts. 4: Added the ability to preprocess files as C (__cplusplus not defi ned). and dq added to the Auto-Assembler. Set PF. repe. 7: API Hook template added to the Auto-Assembler. 6: The Hex Editor no longer locks files while editing them.0. 3: Added the MHSAssembly page to the help file. DestroyDisObj. Version 4. 12: Registers can now be modified from the Disassembler. popfd. 3: Added Speed Hack. 8: Fixed a bug in the Assembler related to unary + and . . repnz. loop. Version 4.10 (10:52 PM 12/9/2007) 1: Auto-Assemble templates created with right-clicks in the Disasse mbler are now added to the already-open Auto-Assemble window (if it is open alre ady). 10: Added the Set CF. loope. and Set OF fun ctions to breakpoints. 3: Auto-Assembler parser is now more advanced and allows module:fun ction to be used anywhere. dd.11 (3:37 PM 12/17/2007) 1: Fixed the crash related to clicking an Auto-Hack entry while no Disassembler tabs are shown.5: The OpenThread script function is now memory-managed (the HANDLE returned will be cleaned up automatically when the script set is destroyed. repne. dw. [DISABLE]. popad. pushad. 5: Fixed the bug related to modifying Stored Values that do not hav e Auto-Assemble scripts.EXE file. 6: Fixed the loading of the Use Complex Address setting on Stored V alues. 4: Fixed the Predefined Enums page in the help file. 2: The Hex Editor now updates its status when MHS detaches. Set ZF. 2: Auto-Assemble added to Stored Addresses (values added to the mai n list). 9: Fixed the version of the .9 (12:34 PM 12/5/2007) 1: Kernel function addresses now shown in the Disassembler Helper t ab. 7: The Hex Editor now detects when files are modified externally an d prompts to reopen them.0. pushfd. and Disasm functions to t he scriptss. 2: Added the CreateDisObj. 11: Updated the help file regarding breakpoint features.0. dd.operators. and [GLOBAL] optional tags. 5: rep.0.0. 7: Added the ability to select functions. 9: The Disassembler now allows copying selected addresses as Auto-A ssembler strings. Unicode string. iret. 6: dw. db commands can now inc lude any mixture of any types of data and now including labels and module:functi on types. 8: Fixed the error message shown when attempting to use [ENABLE] or [DISABLE] in the main Auto-Assemble window. loopne. loopz. or hex string). db. loopn z. pushf.

14: The Chunks tab of the Properties window now allows changing acce ss rights.7 (11:56 PM 11/27/2007) 1: Added Auto-Assemble. 5: The help-file page regarding breakpoints has been broken into tw o parts to make it easier to read. 9: Added the EvaluateExpression and CastExpression functions to the scripts.0. 4: k Hotkey. 4: Fixed the allocation problems in the Auto-Assembler (closing the dialog would not free allocations made by previews. 8: Added an alternative way for searches to generate chunks for the scan. Fixed the Found Address List display after Hotkey searches are p Fixed the Same as Original sub search when performed with a quic Added the ability to pause and resume the target process with Ho . 8: The Disassembler can now show code in kernel RAM.0. 2: The Auto-Assembler is now accessible from the Disassembler. 5: The Properties window is now much faster to load. EnterSingleStep.6 1: es protected by 2: 3: erformed. FindModuleByRange. 11: Added the GetCurProcessPEproc function to the scripts. 13: The Group search is fixed. Version 4. 7: On_CloseProcess() script function now called before the process handle and ID are invalidated. This allows searches to bypass anti-cheat devices. AddBreakpoint.0. and they are now passed to the function. StopStepping.0. 12: Added the AutoAssemble function to the scripts. and FindModuleByName functions to the scripts. 3: Injection template added to the Auto-Assembler. and then previewing again would deallocate the code from the injection). 9: Fixed the SHL and POR bugs in the Disassembler. 5: (12:18 AM 11/17/2007) MHS can now write to the memory of more processes. especially on anti-cheats. 15: Added the On_DBG_* events to the scripts. RemoveBreakpoint. AttachDebugger. injecting. 6: The dialog prompting to attach the Debugger is no longer shown i f adding the breakpoint is canceled. Stored addresses can now be viewed in hex rather than decimal. 10: Added the ZLib entry to the Script Function Reference in the hel p file. and StepOver functions to the scripts. IsStepping. 7: The Expression Evaluator no longer treats some hex numbers as fl oats when input is meant to be hex by default.0. FindModuleByAddress. St epOnce. 10: Added the IsDebugging. 6: The Properties window now allows changing the properties of the chunks. 2: Software execute breakpoints now modify the page properties of t he target process in order to ensure they can be set. Version 4.8 (11:23 AM 12/1/2007) 1: Scrollbars added to the edit controls in the ASM Preview dialog. 3: Fixed an indirection bug with extern floats and doubles in the s cripts.0. DetachDebugger. and previewing. Version 4. 4: Added per-process breakpoint handlers (scripts). 16: Added the GetRemoteFuncAddress. 13: The Go To dialog in the Disassembler now allows any valid expres sion for addresses and offsets. DebugFile . InjectDll.12: The kernel ReadProcessMemory() and WriteProcessMemory() are now disabled by default on Windows® Vista.

16: The Hex Editor now modifies its viewport if Go To is used to go t o an address that is out of range of the current viewport.) 4: ASM hints are now applied to more instructions. 15: Kernel RAM can now be searched.tkeys. 12: There is no longer a problem displaying stored values set to Uni code when the value is Unobtainable . 9: Added a DLL Injection utility.5 (12:14 AM 10/29/2007) 1: Added a Memory Allocator.0. improving the response time when attaching the debugger while the Imports or Exports tabs are in view. 8: MHS can now read the memory of more processes. 5: Decreased rate of thread-list updating allowing for faster singl e-stepping. 6: Added icons to the thread list in the Disassembler Helper window to indicate threads that are running and threads that are currently in single-s tepping mode. 7: Added the ability to pause and view threads from the Disassemble r Helper window. Although the hi ts were tracked. etc. .and ++ bug in the scripts. 7: Reading the target process s memory is now approximately twice as fast. 13: The Open Process dialog is now resizable. 10: Added Go To /In Current Tab and Go To /In New Tab to the pop-up menu in the breakpoint list. the dialog would sometimes fail to update. 6: The Hex Editor no longer has a problem displaying addresses that wrap around from 0xFFFFFFFF to 0x00000000. 6: Fixed a -. Version 4. 4: Improved stability of kernel-mode ReadProcessMemory(). 3: Fixed a bug regarding detaching the Debugger which caused the au to-hack window s Start/Stop button to lose synchronization.0. 7: Fixed the Memory Allocator menu item.0.0. 13: TreeBox controls now destroy faster. giving the appearanc e that the auto-hack had stopped working. 12: Addresses of instructions are now shown in the Inject Code/Modif y Injection dialog. 8: Windows and dockables can now be moved to virtual monitors (seco ndary monitors). 2: Fixed a bug with the display of auto-hack hits.4 (5:27 PM 10/21/2007) 1: Top-level windows are now shown in the Open Process dialog. 9: Added the ZLib library to scripts. 11: Added the ability to call functions from injected DLL s. 14: The Disassembler now allows calling functions in the target proc ess by right-clicking them. 8: The Memory Allocator Close button now works. 14: Kernel RAM can now be read and modified. especially hidden ones. 10: Added menu a shortcut to the Injection Manager from the Disassem bler window. 5: Improved script speed slightly. 2: Fixed the SETNE (and similar) decoding in the Disassembler. 11: Added a Properties display that shows the properties of the curr ent process. 3: ASM hints now decode operands by size more accurately (previousl y it would decode some byte-sized operands as dwords. All theo retical issues are resolved. Version 4. 9: Added Remove Breakpoint to the pop-up menu in the Disassembler.

LBN_*. and >= operators added to the Expressi on Evaluator. a prompt is shown to attach it. and CBS_* listbox and combobox messages have been added as enumerations to the scriptss. the first time the helper wi ndows were docked they would have a 0 width/height so they could not be seen. CBN_*. 9: More specific error information is printed when Undeclared identi fier errors are reported in the scripts.0. 5: Added a toolbar to the Hex Editor. 8: LB_*. <=.0. option to the Hex Editor pop-up menu. 7: Updated the help file. 11: Added the option to display Stored Addresses with Unicode decodi ng (string types only).2 (10:11 PM 9/22/2007) 1: FILE objects in the script are no longer scoped by thread. Fixed the Attach Debugger? dialog shown when adding breakpoints. FILE objects could be closed automatically when the creating thread exit ed. 6: Added the Modify Value. Version 4. 13: Modified the help file.0. Prev iously.0. 4: Conditional breakpoints added.dll existed in the directory when M HS was started this control would fail to load. 3: 4: 5: t. CB_*.. 6: An option has been added to the Disassembler to always attach th e Debugger when breakpoints are added (without prompting).0 (11:34 PM 8/20/2007) Initial Release . Version 4. Version 4. 6: (5:43 PM 10/2/2007) Added the SetSearchRange function to the scripts API.0.15: The Imports and Exports pages in the Disassembler Helper window now allow remote calling of the functions they list. ==. 12: Added the OpenThread and TerminateThread functions to the script s API.1 (2:09 PM 9/5/2007) 1: &&. Added user tools to the Tools menu. <. LBS_*. 2: The Script Editor no longer fails to display the editor control in the tab view. ||. Fixed the issue where the Debugger attaches after each breakpoin Added the GetCrc fuction to the scripts API. 14: Added the Go to Nearest option in the Found Address pop-up menu after Pointer Searches. !=. 7: WS_* and WS_EX_* window styles have been added as enumerations t o the scripts. 2: Saved breakpoints can now be reloaded. Previously. 3: The Script Preprocessor no longer fails to operate when LS_PP. 97% compatibility with old breakpoint files. Version 4. 3: Old breakpoint files can now be loaded.3 1: 2: alog.0. if LS_SciLexer. 4: The Script Editor and Disassembler no longer allow retarded dock ing the first time the program is run.dl l exists in the directory when MHS is started.0. >. 10: Insert Address now allows manual adding of strings.. 5: If a breakpoint is added and the Debugger is not already attache d. Previously. changeable in the options di Fixed a bug with ReAlloc() in the scripts.0.