https://samsclass.info/126/proj/minesam.exe.zip
Right-click the zipped file and click "Extract All...", Extract.
Right-click the minesam.exe file and click Properties.
In the Properties sheet, at the bottom, click Unblock, as shown below. Click OK.
Double-click the minesam.exe file to launch Minesweeper.
The game launches. Click Game, Beginner to see the small gameboard shown below.
Click a cell. Some of the cells appear empty, and others are revealed with numbers in them, as shown below.
On your desktop, right-click the Immunity icon and click "Run as Administrator".
In the User Account Control box, click Yes.
From the Immunity menu bar, click File, Attach. In the "Select process to attach" box, click minesam. Click the Attach button.
The program loads and pauses, as shown below.
Troubleshooting
If the font is too small, adjust it this way:
- From the Immunity menu bar, click Options, Appearance.
- Click the Fonts tab.
- Click Rename and enter a new name of BIG
- Click on Change and set the settings you wish
- Click the Defaults tab and set the Default font to be BIG
The memory segments are shown, as shown below.
Right-click the minesam .data line and click Dump, as shown below.
In the Dump window, scroll down to show
memory near 01005340
.
Data is visible, consisting of 0F and 10 bytes, as shown below.
From the Immunity menu bar, click Debug, Run to resume the game.
Click the Minesweeper button on the taskbar to bring it to the front. Click a cell to change the display.
Compare the Minesweeper gameboard with the Dump window, as explained below.
Notice the two lines of cells outlined in red in the image below:
BLANK BLANK BLANK 1
BLANK BLANK BLANK 1 2
Now look at the RAM dump shown below. Look at the right side, displaying the ASCII values.
You can see matching sequences, outlined in red in the image below:
@@@A
@@@AB
The gameboard is stored in RAM,
using an "@" for an empty cell,
"A" for "1", and a "B" for "2",
etc.
If we can read the RAM, we can cheat at the game.
Notice the region of 8 bytes highlighted in light green in the image above. If we can find this sequence of bytes in RAM, we can find the gameboard in a memory dump.
https://docs.microsoft.com/en-us/sysinternals/downloads/procdump
Download Procdump.zip, and put it in your Downloads folder.
Click Start, Computer. Navigate to your Download folder.
Right-click Procdump.zip and click "Extract All...", Extract.
Double-click minesam.exe to run Minesweeper again.
Click the Start button. Type cmd. When cmd is found, double-click it to open a normal Command Prompt window (not an Administrator Command Prompt window).
Execute these commands:
cd %USERPROFILE%
cd Downloads\Procdump
procdump -ma minesam.exe mine
A box pops up, titled
ProcDump License Agreement. Click
Agree.
Procdump makes a dump file, as shown below.
In Internet Explorer, go to:
Scroll to the lower portion of the page and find the current version, as shown below. Click the "Download page" link.
On the Downloads page, in the "English" line, click the "Download per HTTPS" link, as shown below. Save the HDSetup.zip file in your Downloads folder.
At the lower left of the desktop, click the yellow folder to open File Explorer. Navigate to the Downloads folder. Right-click the HDSetup.zip file and click "Extract All...", Extract.
Double-click the HDSetup icon and install the software with the default options.
Navigate to your Downloads folder. Open the Procdump folder and double-click the mine.dmp file.
From the HxD menu bar, click Search, Find.
In the "Find" box, click the Hex-values tab.
In the "Search for" field, enter this text, as shown below.
10 10 10 10 0F 0F 0F 0F
In the "Find" box, click OK.
It finds the gameboard data, as shown below.
cd C:\Users\Administrator\Downloads\Procdump
notepad cheat.py
A box pops up, saying
"Do you want to create a ne file...?".
Click Yes.
Paste in this code, as shown below.
(Note: to make the program simpler, it searches for the sequence
10 10 10 0F 0F 0F 0F 0F
which starts on an 8-byte boundary.)
import os
# Dump memory
cmd = "del mine.dmp"
os.system(cmd)
cmd = "procdump -ma minesam.exe mine"
os.system(cmd)
# Find gameboard
mark ='\x10\x10\x10\x0F\x0F\x0F\x0F\x0F'
nread = 8
boardfound = 0
gameboard = []
with open("mine.dmp", "rb") as f:
line = f.read(8)
while (boardfound == 0):
c = f.read(1)
if c == "":
print "File ended, but gameboard not found!"
exit()
line = line[1:] + c
nread += 1
if nread % 0x100000 == 0:
print "Looking at byte", hex(nread), nread
if line == mark:
print "Gameboard found at ", hex(nread)
boardfound = 1
for i in range(4):
gameboard.append('\x10')
for i in range(500):
gameboard.append(f.read(1))
# Print Gameboard
l = len(gameboard)
m = 32 # items per line
for i in range(0, l-m, m):
line = ""
for j in range(m):
g = gameboard[i+j]
# print i, j, ord(g)
if g == '\x10':
c = "-"
elif g == '\x0f':
c = " "
elif g == '\x8f':
c = "*"
elif g == '\x00':
c = " "
else:
c = chr( ord(g) - 16 )
line += c
print line
In the Notepad window, click File, Save.
In the Command Prompt window, execute this command:
python cheat.py
The program shows the location of the
mines. With this information, you
should easily be able to click all the
squares without mines,
as shown below.
When you win the game, a secret word will appear, which is covered by a green box in the image below.
Create a cheating tool that works for this level and win the game, as shown below.
Hint: Search for 10 10 10 10 to find the gameboard.
Use the form below to record your success!
Find the secret word for the Expert level.
Hint: use BinText; don't play the game. Download it here:
b2b-download.mcafee.com/products/tools/foundstone/bintext303.zip
Use the form below to record your success!
Posted 12-31-18