windows – How are games and software executables injected with custom code & without breaking offset?

Introduction – Context

Everyone has seen so called “Injectors” or “Cracks” for certain programs & games at some point in their life.
These applications inject their own code into game (or application) to extend custom functionality (for example, opening up a cheating menu or overwrite a timer function).


Body – Main question

The question is not only restricted to games but programs and security in general, how do these people inject their own code…

  • …to overwrite the functionality of a function in the code, like a timer (just name roughly what technique is used) ?

  • …without breaking offsets of the inital program ?

I am not an expert in this field but for the purposes of building a better understanding, let’s excludde the use of specilised big name IDE’s like IDA Pro, Ghidra or Cheat Engine which can automatically inject assembler code.


Own approach – Thought

My inital guess was that piece of reverse engineering software would be used simply to look at the code and find the addresses that contain checks and values of interest.
After writing down addresses, one would write C++ Programm that overwrite at those addresses the code to something else.

So to sum my thought up, the first step would be reconnaissance (gathering information/addresses and what those statements do), secondly one would write a C++ Program that makes use of the MemoryWrite Function to overwrite the executables code with ones own, lastly test it out / run the C++ program?

For the sake of simplicity let’s say we are in a windows (10) environment and the architecture / CPU doesn’t matter. Additionally the languages used to overwrite will be C++.

Disclaimer

I think I am legally forced to note that this question is for educational purposes and I do not advise/recommend/intend anyone incl myself to circument/overwrite software. I just don’t want to get banned. This question is simply asking for the techniques and clever tricks used, not for code or attempt to breach application protections.