|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
Filipe_Br Master Cheater Reputation: 3
Joined: 07 Jan 2016 Posts: 272 Location: My house
|
Posted: Sun Feb 05, 2017 1:42 pm Post subject: CE Pointer in C++ |
|
|
If I have the following pointer:
Code: | "Tutorial-i386.exe"+1FC5D0
offset: 480 |
How can I get the address it is pointing in C ++.
I know how the pointers work, although I do not know how to get the module address.
_________________
... |
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Sun Feb 05, 2017 2:03 pm Post subject: |
|
|
Well, you knew exactly what you needed.
Couldn't go the extra step and use the search?
c++ module address
|
|
Back to top |
|
|
Filipe_Br Master Cheater Reputation: 3
Joined: 07 Jan 2016 Posts: 272 Location: My house
|
Posted: Sun Feb 05, 2017 2:30 pm Post subject: |
|
|
I think the bad translation, I did not understand exactly what you mean.
But what I want to know is the name of a function and its parameters.
I'm sure it would getModule ...
More has several "GetModule ..." could tell me what would be ideal, to get the address of the module contained in another process.
_________________
... |
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Sun Feb 05, 2017 2:39 pm Post subject: |
|
|
I'll use atom0s' canned answer. atom0s wrote: | You can find this information using:
- CreateToolhelp32Snapshot
- Process32First / Process32Next
- Module32First / Module32Next |
|
|
Back to top |
|
|
STN I post too much Reputation: 42
Joined: 09 Nov 2005 Posts: 2672
|
Posted: Sun Feb 05, 2017 8:14 pm Post subject: |
|
|
Use the CreateToolhelp32Snapshot APIs, in the MODULEENTRY32 structure, there will be base address. Grab that then add your offset to it.
If all of this seem hard, you can even search for c++ trainer templates, i had one but lost it somewhere but someone else out there must have it. Last i searched, i found several templates with FindWindow combination and Toolhelp combination of API.
If you're still clueless, do the basics right and learn a programnming language or stick to CE.
Mod edited to remove the off-topic attacks.
_________________
|
|
Back to top |
|
|
Thiago Newbie cheater Reputation: 0
Joined: 30 Jan 2017 Posts: 18
|
Posted: Wed Feb 08, 2017 10:11 am Post subject: |
|
|
Code: | // HS4L.cpp : Defines the entry point for the console application.
//
#include "stdafx.h"
#include <Windows.h>
#include <iostream>
#include <tlhelp32.h>
#include <cstdlib>
using namespace std;
// gets the main thread of given process
DWORD GetModuleBase(WCHAR* lpModuleName, DWORD dwProcessId)
{
MODULEENTRY32 lpModuleEntry = { 0 };
HANDLE hSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwProcessId);
if (!hSnapShot)
return NULL;
lpModuleEntry.dwSize = sizeof(lpModuleEntry);
BOOL bModule = Module32First(hSnapShot, &lpModuleEntry);
while (bModule)
{
if (!wcscmp(lpModuleEntry.szModule, lpModuleName))
{
CloseHandle(hSnapShot);
return (DWORD)lpModuleEntry.modBaseAddr;
}
bModule = Module32Next(hSnapShot, &lpModuleEntry);
}
CloseHandle(hSnapShot);
return NULL;
}
DWORD GetProcessID(WCHAR* szExeName)
{
PROCESSENTRY32 pe = { sizeof(PROCESSENTRY32) };
HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (Process32First(hSnapshot, &pe))
while (Process32Next(hSnapshot, &pe))
if (!wcscmp(pe.szExeFile, szExeName))
return pe.th32ProcessID;
return NULL;
}
int HS4LProcess(WCHAR* Process)
{
DWORD dwProcessID = 0;
while (dwProcessID == 0)
{
dwProcessID = GetProcessID(Process);
if (dwProcessID != 0)
Sleep(100);
}
return dwProcessID;
}
int FindPointer(int offset, HANDLE Process, int baseaddr, int offsets[])
{
int Address = baseaddr;
int total = offset;
for (int i = 0; i < total; i++) //Loop trough the offsets
{
ReadProcessMemory(Process, (LPCVOID)Address, &Address, 4, NULL);
Address += offsets[i];
}
return Address;
}
void HS4LWriteProcessMemory(WCHAR* Process, DWORD address, int value)
{
DWORD old;
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, HS4LProcess(Process));
VirtualProtect((PBYTE)address, 4, PAGE_EXECUTE_READWRITE, &old);
WriteProcessMemory(hProcess, (LPVOID)address, &value, sizeof(value), NULL);
VirtualProtect((PBYTE)address, 4, old, NULL);
}
void HS4LWriteProcessPointerOffset(WCHAR* Process, DWORD Address, int offsets[], DWORD NumerOffset, int value)
{
DWORD old;
DWORD Base = (DWORD)GetModuleBase(Process, HS4LProcess(Process));
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, HS4LProcess(Process));
int PointerOffset = FindPointer(NumerOffset, hProcess, (DWORD)Base + Address, offsets);//number of offsets, HANDLE, base address, offsets
VirtualProtect((PBYTE)PointerOffset, 4, PAGE_EXECUTE_READWRITE, &old);
WriteProcessMemory(hProcess, (LPVOID)PointerOffset, &value, sizeof(value), NULL);
VirtualProtect((PBYTE)PointerOffset, 4, old, NULL);
}
int main()
{
bool on = true;
ShowWindow(GetConsoleWindow(), SW_HIDE);
std::cout << "Abra o main.exe\n\n esperando...\n";
int offsets[] = { 0x4, 0xC0, 0x158 };
BYTE jnp[2] = { '\xEB', '\x22' };
DWORD JNPAddr = 0x0044DD8C;
// 0x0044DDB0
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, HS4LProcess(L"main.exe"));
DWORD old;
VirtualProtectEx(hProcess, (LPVOID)JNPAddr, 4, PAGE_EXECUTE_READWRITE, &old);
WriteProcessMemory(hProcess, (LPVOID)JNPAddr, &jnp, sizeof(jnp)-1, NULL);
VirtualProtectEx(hProcess, (LPVOID)JNPAddr, 4, old, NULL);
int i = 0;
while (1) {
if (GetAsyncKeyState(VK_F2) && on) {
HS4LWriteProcessPointerOffset(L"main.exe", (DWORD)0x0041D614, offsets, 3, (long)0);
on = !on;
} else if (GetAsyncKeyState(VK_F2) && !on) {
for (int i = 0; i < 10000; i++) {
HS4LWriteProcessPointerOffset(L"main.exe", (DWORD)0x0041D614, offsets, 3, (long)1109377941);
}
on = !on;
} else if (GetAsyncKeyState(VK_F5)) {
break;
}
}
//HS4LWriteProcessMemory(L"Tutorial-i386.exe", (DWORD)0x017BC138, (long)20);
std::cout << "Hacking\n";
system("pause");
system("taskkill /f /im cmd.exe");
return 0;
}
|
Does it help you?
_________________
I'm newbie ... |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|