Skip to content

A series of programs demonstrating the basics of Memory Scanning, Api Hooking and DLL Injection. The high point is using Notepad.exe as a render target, and playing snake in a notepad window

License

Notifications You must be signed in to change notification settings

khalladay/render-with-notepad

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Let's Turn Notepad.exe into a Game Platform

This is a collection of proof of concept applications for using Memory Scanning, API Hooking, and DLL Injection to allow you to write real time games that draw in Notepad at 30 fps (or more) and allow you to intercept user input sent to a Notepad window to allow your game to be driven via keyboard controls.

The end result is a game that seems to live entirely inside an instance of stock Notepad.exe.

Included Projects

There are a number of projects included as part of the render-in-notepad solution (located inside the Render-In-Notepad directory). They are as follows:

RayTracer

A simple real time ray tracer which renders a 3D scene in Notepad, using memory scanning to get the address of Notepad's text buffer Requires you pass the path to Notepad.exe as a command line argument Link

It looks better when full size, but here's a low quality gif of what this looks like (a full size gif was really obnoxious in the readme)

This isn't a super bulletproof project, and it assumes a lot about your notepad defaults. In order for it to run properly, you should have your default font set to Consolas 11pt, and word wrap defaulted to on.

gif of ray tracer

Snake

A snake game which is played entirely in Notepad.exe. Uses memory scanning to get access to Notepad's text buffer, and uses the Inject_Payload_HookKeyboard dll to install a hook which redirects output from that Notepad instance to the Snake process so it can be used as game input. Requires the path to notepad.exe and the path to Inject_Payload_HookKeyboard's dll on the command line. Link

It looks better when full size, but here's a low quality gif of what this looks like (a full size gif was really obnoxious in the readme)

Just like the ray tracer, this requires that your default Notepad font is set to Consolas 11pt, and that word wrap is defaulted to on.

gif of snake

MemoryScanner

A quick and dirty memory scanning app which searches a target process' address space for a chosen byte pattern and prints that address to stdout. Requires the name of the (already running) process you wish to scan, and a string "byte pattern" as command line args. Link

FakeKeyboardInputToNotepad

This program finds a running Notepad process and sends a WM_CHAR message to its edit control to print the letter 'E.' Requires that you already have notepad running. Link

Inject_Payload_Messagebox

This is a dll payload that can be injected into a running process to trigger a system message box popup. Requires a different program to actually inject the dll. Link

LoadLibrary_Injector

A simple dll injector which uses LoadLibrary as its injection mechanism. Intended to be used with the Inject_Payload_Messagebox payload.

Inject_Payload_DisableKeyInput

A dll containing a dummy KeyboardProc callback, intended to be used with SetWindowsHook to prevent a Win32 window from receiving keyboard input. Requires a different program to actually install this hook. Link

Inject_Payload_HookKeyboard

A dll payload containing a KeyboardProc callback that opens a socket on localhost and redirects keyboard output to that socket. Requires a different program to actually install this hook. Link

HookKeyboard_Injector

Installs a WH_KEYBOARD hook into an already running instance of notepad. Can be used with both hook payloads described above. If used with Inject_Payload_HookKeyboard, this program will first start a listen socket, and will receive (and print) the keyboard events sent by the installed hook function. Requires you pass the path to the dll containing your desired hook function on the command line. Link

About

A series of programs demonstrating the basics of Memory Scanning, Api Hooking and DLL Injection. The high point is using Notepad.exe as a render target, and playing snake in a notepad window

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published