How can I find the data structure that represents mine layout of Minesweeper in memory?

Question

I\'m trying to learn about reverse engineering, using Minesweeper as a sample application. I\'ve found this MSDN article on a simple WinDbg command that reveals all the mines b

Answer 1

This website might be more helpful:

http://www.subversity.net/reversing/hacking-minesweeper

The general way to go about doing this is:

1. Somehow get source code.
2. Disassemble and hope leftover symbols can help you.
3. Guess the data type and try to manipulate it and use a memory scanner to limit the possibilities.

In response to Bounty

Well, on a second reading, it appears as though you wanted a guide on how to use a debugger like WinDBG rather than the usual question of how to reverse engineer. I've already shown you the website that tells you the values you need to search for, so the question is, how do you search for it?

I am using Notepad in this example because I do not have Minesweeper installed. But the idea is the same.

You type

s    

Press "? " and then "s " to see the help.

Once you've found the memory pattern you want, you can then press alt+5 to bring up the memory viewer for a nice display.

WinDBG takes some getting used to, but it is as good as any other debugger out there.