Changing Client Side Memory Values Using TSearch

A short introduction

Though most people who will be reading this have programming experience and will therefore understand most things covered in this tutorial fairly easily, I will briefly describe first exactly what we will be doing and what it means.

Nearly all programs use variables to store values in places known as memory addresses. These memory addresses hold the values for as long as the program needs it to. Then the value is changed to whatever is specified by the user's input or the program's instructions.

An example would be a character's health in a video game. That health is stored to one, or several, memory values. When that character is damaged, or healed, the memory value increases or decreases.

These memory addresses can be changed by third-party programs. Some more obvious examples of why you would want to do this are changing a player's health to 99999. If this seems trivial, many other things are stored in memory addresses: including access permissions in security programs.

One third-party program capable of changing these memory addresses is TSearch, which is what we will be using here.

Download TSearch here.

Using TSearch

To start, open up Minesweeper (sorry, Linux users; as of yet, TSearch is a Windows-only program). Open up TSearch (which you can download from the link above). Now, at the top left corner of TSearch is a button that says Open Process. Click the button and choose Minesweeper(winmine.exe).

Now, click the magnifying glass near the top left, right under the open button. Change the value type to 2 bytes (it will become evident why in the future) and search for 0. Why search for 0? Well, as an experiment, I have decided to freeze the time in minesweeper. As it can be seen, the current time in minesweeper is 0. So, we search for 0.

Roughly 300,000 results should have come up. This is way too many to process, so what we are going to do is start the timer in minesweeper. So, click one of the gray squares. See the timer going up? Good. Now, go back to TSearch and click the search next button (the magnifying glass followed by three dots). Since the time is moving too fast for us to search for exact values, we will change the top value to Has Increased, because the value is constantly increasing. Leave everything else the same and click the search button. Doing so will bring us down to about 200 results: a lot less, but still too many.

So, we will perform the same step again: search next, has increased. In my case this brought it down to 10 results. If this is not what happened in your case, keep searching down to a managable number.

Now, we will look at our now-managable list for the value(s) that is incrementing by 1 every second. In my case, that value is 100579C. Understand that this will not always be the case. Now, select that value and click the green cross icon above the results (the one by itself; not in the box). This will copy the value to the area on the right.

Here is where it gets interesting. Try clicking the checkbox to the left of the value. See what happens? It makes the number stop incrementing and freezes it where it is. Check the Minesweeper game. Notice that here, too, the value is frozen.

You can also double-click the value in TSearch, allowing you to edit it to whatever you want. Try changing the Minesweeper time to 10, and then freezing it. Congratulations -- you are the first person ever to beat Minesweeper in ten seconds.

Obviously, Minesweeper is not the only thing that this can be useful in. TSearch is a flexible program that can be used to change values in any program imaginable.

One quick note: TSearch changes only client-side memory values. This means that no, you cannot use it to change the number on a counter on a website, or change the number of posts that you have on a forum. This is where it is limited. To make server-side changes requires a packet editor. Who knows; maybe I'll write a tutorial on that too. I hope that this tutorial was helpful; have fun!