| View previous topic :: View next topic |
| Author |
Message |
iPromise
Grandmaster Cheater
![]() Reputation: -1
Joined: 27 Jun 2009
Posts: 529
Location: Canada
|
 Posted: Fri Nov 20, 2009 3:57 pm Post subject: |
 |
|
| Tvirusx1 wrote: | | iPromise wrote: | Your confused, what i'm doing is for example, if I want to edit the address 0x00400000, and lets stay its a 16-bit address, and I wanted its value to be one.
| Code: |
DWORD Protect;
VirtualProtectX((LPVOID) 0x00400000, 4, PAGE_EXECUTE_READWRITE, &Protect);
// To protect the address in order for us to edit it now..
*(WORD*) 0x00400000 = 1;
// What i'm doing is dereferencing the address with the * and typecasting it to a WORD (which is 16-bits) then making it equal to the value 1. This works 100% when I tried it. |
|
Well I don't need to write to an Address, I just need to read from it  .
(As the Title of the Thread/Topic says)
Anyways thank you for your Post.
I'll need this some time  . |
Then instead of:
| Code: |
*(WORD*) 0x00400000 = 1;
|
Do:
| Code: |
WORD ReadAddress = *(WORD*) 0x00400000;
|
|
|
| Back to top |
|
 |
A_jj74
Cheater
![]() Reputation: 0
Joined: 14 Nov 2009
Posts: 41
|
| Posted: Sat Nov 21, 2009 4:57 am Post subject: |
|
|
| Thank you |
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Sat Nov 21, 2009 6:30 am Post subject: |
|
|
| iPromise wrote: | Your confused, what i'm doing is for example, if I want to edit the address 0x00400000, and lets stay its a 16-bit address, and I wanted its value to be one.
| Code: |
DWORD Protect;
VirtualProtectX((LPVOID) 0x00400000, 4, PAGE_EXECUTE_READWRITE, &Protect);
// To protect the address in order for us to edit it now..
*(WORD*) 0x00400000 = 1;
// What i'm doing is dereferencing the address with the * and typecasting it to a WORD (which is 16-bits) then making it equal to the value 1. This works 100% when I tried it. |
|
lmfao, no I am not confused..
As he said he wants to read, not write so VP is not necessary at all. And if you were editing a word, I have no idea why you're changing protection for 2 bytes. Even though actually since the corresponding DWORD is almost definitely on the same page, that would not matter.
Also the typecast is to pointer to WORD, not just WORD
Thanks for testing that method.. glad to hear it works 100% |
|
| Back to top |
|
|
iPromise
Grandmaster Cheater
![]() Reputation: -1
Joined: 27 Jun 2009
Posts: 529
Location: Canada
|
| Posted: Sat Nov 21, 2009 11:02 am Post subject: |
|
|
I protect it because the last time I tried to read and write from a Address the game crashes.
I assumed that the protection constant of the address isn't set to something we can read, so I protected it myself.
Your saying we dont need to protect it because we can read from it just by doing:
| Code: |
WORD Read = *(WORD*) 0x00400000;
|
How do we know the default memory protect constant isn't
PAGE_EXECUTE_READ?
Because it has to be set to that to read it.
| Quote: | | Enables execute or read-only access to the committed region of pages. An attempt to write to the committed region results in an access violation. |
- MSDN (PAGE_EXECUTE_READ)
Instead of taking that risk just change it up to:
PAGE_EXECUTE_READWRITE
So we can read and also write from it, it works 100% and makes it safer.
| Quote: | | Enables execute, read-only, or read/write access to the committed region of pages. |
- MSDN (PAGE_EXECUTE_READWRITE)
So we have the ability to read and write from it. |
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Sat Nov 21, 2009 1:54 pm Post subject: |
|
|
| iPromise wrote: | I protect it because the last time I tried to read and write from a Address the game crashes.
I assumed that the protection constant of the address isn't set to something we can read, so I protected it myself.
Your saying we dont need to protect it because we can read from it just by doing:
| Code: |
WORD Read = *(WORD*) 0x00400000;
|
How do we know the default memory protect constant isn't
PAGE_EXECUTE_READ?
Because it has to be set to that to read it.
| Quote: | | Enables execute or read-only access to the committed region of pages. An attempt to write to the committed region results in an access violation. |
- MSDN (PAGE_EXECUTE_READ)
Instead of taking that risk just change it up to:
PAGE_EXECUTE_READWRITE
So we can read and also write from it, it works 100% and makes it safer.
| Quote: | | Enables execute, read-only, or read/write access to the committed region of pages. |
- MSDN (PAGE_EXECUTE_READWRITE)
So we have the ability to read and write from it. |
Oh god. Learn to read. And PAGE_EXECUTE_READ is clearly readable from..
THE GUY DOES NOT WANT TO WRITE |
|
| Back to top |
|
|
iPromise
Grandmaster Cheater
![]() Reputation: -1
Joined: 27 Jun 2009
Posts: 529
Location: Canada
|
| Posted: Sat Nov 21, 2009 2:23 pm Post subject: |
|
|
| Slugsnack wrote: | | iPromise wrote: | I protect it because the last time I tried to read and write from a Address the game crashes.
I assumed that the protection constant of the address isn't set to something we can read, so I protected it myself.
Your saying we dont need to protect it because we can read from it just by doing:
| Code: |
WORD Read = *(WORD*) 0x00400000;
|
How do we know the default memory protect constant isn't
PAGE_EXECUTE_READ?
Because it has to be set to that to read it.
| Quote: | | Enables execute or read-only access to the committed region of pages. An attempt to write to the committed region results in an access violation. |
- MSDN (PAGE_EXECUTE_READ)
Instead of taking that risk just change it up to:
PAGE_EXECUTE_READWRITE
So we can read and also write from it, it works 100% and makes it safer.
| Quote: | | Enables execute, read-only, or read/write access to the committed region of pages. |
- MSDN (PAGE_EXECUTE_READWRITE)
So we have the ability to read and write from it. |
Oh god. Learn to read. And PAGE_EXECUTE_READ is clearly readable from..
THE GUY DOES NOT WANT TO WRITE |
I know he wants to read. But just incase he wants to read + write he could change it to:
| Code: |
PAGE_EXECUTE_READWRITE
|
| Quote: | And PAGE_EXECUTE_READ is clearly readable from..
|
I know it is.
My question to YOU is, how do you know the default memory protection constant for the specified address is not set to something readable such as PAGE_EXECUTE_READ?
Thats why we protect it, we cant take a risk, if it turns out not to be a memory protection constant that doesn't give you access to read, the game crashes which is NOT what we want. |
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Sat Nov 21, 2009 2:35 pm Post subject: |
|
|
| iPromise wrote: | | Slugsnack wrote: | | iPromise wrote: | I protect it because the last time I tried to read and write from a Address the game crashes.
I assumed that the protection constant of the address isn't set to something we can read, so I protected it myself.
Your saying we dont need to protect it because we can read from it just by doing:
| Code: |
WORD Read = *(WORD*) 0x00400000;
|
How do we know the default memory protect constant isn't
PAGE_EXECUTE_READ?
Because it has to be set to that to read it.
| Quote: | | Enables execute or read-only access to the committed region of pages. An attempt to write to the committed region results in an access violation. |
- MSDN (PAGE_EXECUTE_READ)
Instead of taking that risk just change it up to:
PAGE_EXECUTE_READWRITE
So we can read and also write from it, it works 100% and makes it safer.
| Quote: | | Enables execute, read-only, or read/write access to the committed region of pages. |
- MSDN (PAGE_EXECUTE_READWRITE)
So we have the ability to read and write from it. |
Oh god. Learn to read. And PAGE_EXECUTE_READ is clearly readable from..
THE GUY DOES NOT WANT TO WRITE |
I know he wants to read. But just incase he wants to read + write he could change it to:
| Code: |
PAGE_EXECUTE_READWRITE
|
| Quote: | And PAGE_EXECUTE_READ is clearly readable from..
|
I know it is.
My question to YOU is, how do you know the default memory protection constant for the specified address is not set to something readable such as PAGE_EXECUTE_READ?
Thats why we protect it, we cant take a risk, if it turns out not to be a memory protection constant that doesn't give you access to read, the game crashes which is NOT what we want. |
Well let's see. In a trainer we are likely to be reading from a variable. Which is obviously held in readable memory. Unless you think the game reprotects the memory per access.
That's why we don't protect it, because it's OBVIOUS if we want to read from it then it must be readable. I can not think of a circumstance you'd want to read from an address which the game itself can not even read from
And this is the exact same logic I used when making my first post in this topic.. |
|
| Back to top |
|
|
iPromise
Grandmaster Cheater
![]() Reputation: -1
Joined: 27 Jun 2009
Posts: 529
Location: Canada
|
| Posted: Sat Nov 21, 2009 4:21 pm Post subject: |
|
|
I'm guessing the Game I was hacking reprotects the memory per access because the last time I tried to read from an address, it crashed.
So I decided from now on to protect each address I read or write from.
Last edited by iPromise on Sat Nov 21, 2009 5:12 pm; edited 1 time in total |
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Sat Nov 21, 2009 4:37 pm Post subject: |
|
|
| iPromise wrote: | I'm guessing the Game reprotects the memory per access because the last time I tried to read from an allocated address, it crashed on me, however when I protected it myself it read perfectly.
Although, your right. But we dont know if the Game does or doesn't protect the address per access because it is a good idea for anti - hacking. |
LMFAO |
|
| Back to top |
|
|
Dark Byte
Site Admin
 Reputation: 474
Joined: 09 May 2003
Posts: 25952
Location: The netherlands
|
| Posted: Sat Nov 21, 2009 4:55 pm Post subject: |
|
|
just a completely unrelated tip that has nothing to do with anything of this:
Other threads can allocate and free memory even while the memory regions are being read by other threads
_________________
Tools give you results. Knowledge gives you control.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
