Frida script to hack Minesweeper on Windows 7 32bit
Run the script with the command: frida -f MineSweeper.exe -l minesweeper_32.js --no-pause
The Minesweeper on Windows 7 generates the mines only after the first click is done to prevent users from exploding mine on their first attempt.
Whenever the first cell is clicked, PlaceMine function is called. This function first generates valid mine locations and then selects randomly 10 locations to place mine by calling GetRandom function.
So our Frida script hooks into PlaceMine and GetRandom. Note that the offsets of the functions may vary in a different version of Minesweeper, so that might need to be changed.
As the first cell is clicked, PlaceMine is called. The co-ordinates of the clicked cell are stored for later use.
Then GetRandom is called which is caught by our Frida hook. The random number generated by the function are pushed into an array in the onLeave section of the hook. And after all of this is finished, in the onLeave section of PlaceMine, we call our function which prints out the minefield based on the random numbers generated.
This script works only for the 9x9 grid. Feel free to modify this to work for bigger grids. PRs welcome!
Let me know if there are any issues running the script or detailed information about reversing Minesweeper is needed.