Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Reading module address failed....

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
Dr.Disrespect
Grandmaster Cheater
Reputation: 3

Joined: 17 Feb 2016
Posts: 526

PostPosted: Tue Jun 06, 2017 10:53 pm    Post subject: Reading module address failed.... Reply with quote

Please take a look at the following code:
Code:

#include <windows.h>
#include <TlHelp32.h>
#include <iostream>

//function for string comparison
int strcompare(const wchar_t* One, const wchar_t* Two, bool CaseSensitive)
{
#if defined _WIN32 || defined _WIN64
   return CaseSensitive ? wcscmp(One, Two) : _wcsicmp(One, Two);
#else
   return CaseSensitive ? strcmp(One, Two) : strcasecmp(One, Two);
#endif
}

//Read module information..
MODULEENTRY32 GetModuleInfo(std::uint32_t ProcessID, const wchar_t* ModuleName)
{
   void* hSnap = nullptr;
   MODULEENTRY32 Mod32 = { 0 };

   if ((hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, ProcessID)) == INVALID_HANDLE_VALUE)
      return Mod32;

   Mod32.dwSize = sizeof(MODULEENTRY32);
   while (Module32Next(hSnap, &Mod32))
   {
      if (!strcompare(ModuleName, Mod32.szModule, false))
      {
         CloseHandle(hSnap);
         return Mod32;
      }
   }

   CloseHandle(hSnap);
   return{ 0 };
}

int main()
{
   //get process ID and the base module address
   HWND windowHandle = FindWindowW(NULL, L"calc.exe");
   DWORD processID;
   GetWindowThreadProcessId(windowHandle, &processID);

   BYTE* BaseAddr = GetModuleInfo(processID, L"calc.exe").modBaseAddr;
   int i = 0;
   std::cout << "BASE ADDRESS: " << (void*)BaseAddr << "\n";
   std::cin >> i;
   return 0;
}


However, the returned base address is always: "00000000".....

What went wrong?

_________________
**************

A simple example is better then ten links. Very Happy


Last edited by Dr.Disrespect on Fri Jun 09, 2017 3:49 pm; edited 1 time in total
Back to top
View user's profile Send private message
atom0s
Moderator
Reputation: 198

Joined: 25 Jan 2006
Posts: 8516
Location: 127.0.0.1

PostPosted: Wed Jun 07, 2017 5:53 pm    Post subject: Reply with quote

Walk through the code via debugging and see where it's failing at.

On another note, you shouldn't be returning a local variable of a function the way you are doing inside of the GetModuleInfo function. Doing this is not guaranteed to be valid and can lead to incorrect information and false assumptions on what it should be doing.

You should pass a pointer to a MODULEENTRY32 object and fill that instead upon finding the valid module you want.

_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
Dr.Disrespect
Grandmaster Cheater
Reputation: 3

Joined: 17 Feb 2016
Posts: 526

PostPosted: Thu Jun 08, 2017 3:12 pm    Post subject: Reply with quote

atom0s wrote:
Walk through the code via debugging and see where it's failing at.

On another note, you shouldn't be returning a local variable of a function the way you are doing inside of the GetModuleInfo function. Doing this is not guaranteed to be valid and can lead to incorrect information and false assumptions on what it should be doing.

You should pass a pointer to a MODULEENTRY32 object and fill that instead upon finding the valid module you want.


I changed the code a little bit, but this part always return 0:
Code:

HANDLE HSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, 0);
   PROCESSENTRY32 PE32;

   PE32.dwSize = sizeof(PROCESSENTRY32);
   if (Process32First(HSnap, &PE32) == 0) { <------ this condition is always met, which is not good.....
      CloseHandle(HSnap);
      return 0;
   }

_________________
**************

A simple example is better then ten links. Very Happy
Back to top
View user's profile Send private message
atom0s
Moderator
Reputation: 198

Joined: 25 Jan 2006
Posts: 8516
Location: 127.0.0.1

PostPosted: Thu Jun 08, 2017 3:26 pm    Post subject: Reply with quote

Are you compiling under the correct bit type for the project? 32bit processes cannot access 64bit process modules etc. You need to be sure that if your target is 64bit that you are compiling your program for 64bit as well.

Also you are trying to snapshot the module list of process 0, which in general cases you do not have proper permissions to. You sure you are wanting process 0's modules and that you didn't forget to pass it the proper process id instead?

_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
Dr.Disrespect
Grandmaster Cheater
Reputation: 3

Joined: 17 Feb 2016
Posts: 526

PostPosted: Thu Jun 08, 2017 3:40 pm    Post subject: Reply with quote

atom0s wrote:
Are you compiling under the correct bit type for the project? 32bit processes cannot access 64bit process modules etc. You need to be sure that if your target is 64bit that you are compiling your program for 64bit as well.

Also you are trying to snapshot the module list of process 0, which in general cases you do not have proper permissions to. You sure you are wanting process 0's modules and that you didn't forget to pass it the proper process id instead?


Thanks for the reply. I think I have compiled the right way.

I'm new to WINAPI, so I don't know how to answer your question about the process 0 issue.... I thought what this code did was to get all the module names and try to match them with the name given by me, and when it gets a hit, it returns the module base address ...

All I want to do is just read the module base address, and add an offset, and change the value at that offset. It seems so hard for me. Sad

_________________
**************

A simple example is better then ten links. Very Happy


Last edited by Dr.Disrespect on Fri Jun 09, 2017 3:49 pm; edited 1 time in total
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Thu Jun 08, 2017 5:20 pm    Post subject: Reply with quote

your original code is missing module32first

your second code uses TH32CS_SNAPMODULE while it probably needed to usa TH32CS_SNAPPROCESS

tip: google the individual API's you use and read their documentation

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Dr.Disrespect
Grandmaster Cheater
Reputation: 3

Joined: 17 Feb 2016
Posts: 526

PostPosted: Thu Jun 08, 2017 7:51 pm    Post subject: Reply with quote

Dark Byte wrote:
your original code is missing module32first

your second code uses TH32CS_SNAPMODULE while it probably needed to usa TH32CS_SNAPPROCESS

tip: google the individual API's you use and read their documentation


Thanks a lot, DB. I will follow your advice.

_________________
**************

A simple example is better then ten links. Very Happy
Back to top
View user's profile Send private message
atom0s
Moderator
Reputation: 198

Joined: 25 Jan 2006
Posts: 8516
Location: 127.0.0.1

PostPosted: Fri Jun 09, 2017 2:58 pm    Post subject: Reply with quote

Code:
__int64 GetModuleBaseAddr(LPCWSTR ProcessName, LPCWSTR ModuleName) {
   HANDLE HSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, 0);


The first line of your code here, TH32CS_SNAPMODULE is wrong. This should be TH32CS_SNAPPROCESS instead.

_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
Dr.Disrespect
Grandmaster Cheater
Reputation: 3

Joined: 17 Feb 2016
Posts: 526

PostPosted: Fri Jun 09, 2017 3:48 pm    Post subject: Reply with quote

atom0s wrote:
Code:
__int64 GetModuleBaseAddr(LPCWSTR ProcessName, LPCWSTR ModuleName) {
   HANDLE HSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, 0);


The first line of your code here, TH32CS_SNAPMODULE is wrong. This should be TH32CS_SNAPPROCESS instead.


Thanks to both of you, atom0s and Db, the problem is solved. Smile

BTW,atom0s, is QT a good IDE for C++ programming?

_________________
**************

A simple example is better then ten links. Very Happy
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites