muse4665 How do I cheat? Reputation: 0
Joined: 18 Feb 2018 Posts: 4
|
Posted: Mon Feb 19, 2018 10:25 am Post subject: VirtualAllocEx Problems |
|
|
Hello,
I'm trying to alloc memory in c# in a similar manner that cheats engine does. My current goal is to use VirtualAllocEx to allocate 4096 bytes of memory at the base address of the game - 0x10000. I will then write to this memory for an injection/hook(I'm kinda new, don't quite know the terminology yet).
So here is what I have been doing.
1) use cheat engine to alloc() memory that I can use in step 2
2) Write memory to 2 places to do desired function.
here is the auto assembly I have been using for step 1.
Code: |
[ENABLE]
alloc(newmem,$1000,"theHunterCotW_F . exe")
newmem:
[DISABLE]
dealloc(newmem)
|
Cheat engine puts that newly allocated memory at (the base address of the game - 0x10000)
Here is the c# code that writes to the memory
Code: |
// Every thing in here works as intended
private void button2_Click(object sender, EventArgs e)
{
// part that finds a pattern and replaces some stuff
PatternScanner patternscanner = new PatternScanner(hProcess);
patternscanner . SelectModule(gameProcess . MainModule);
long timetookms;
ulong offset = patternscanner . FindPattern("F3 0F 11 84 8B 68 05 00 00 F3 41 0F 10 00 0F 2F C2", out timetookms); // The pattern scanner works good and finds correct place
WriteByteArray((IntPtr)offset, new byte[] { 0xE9, 0xE9, 0xDB, 0xBB, 0xFF, 0x90, 0x90, 0x90, 0x90 }); // The memory class works too
// part that writes to the blank memory from cheat engine
IntPtr lpAddress = baseaddress - 0x10000;
WriteByteArray(lpAddress, new byte[] { 0xC7, 0x84, 0x8B, 0x68, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xE9, 0x0B, 0x24, 0x44, 0x00, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90 });
}
|
This whole dance above works a treat, but I don't want to use cheat engine to allocate this memory.
So I tried not doing step 1 with cheat engine but rather doing it with VirtualAllocEx.
Here is the code I used for that
Code: | // Alloc doesn't work
private void withVirtAlloc()
{
// part that finds a pattern and replaces some stuff
PatternScanner patternscanner = new PatternScanner(hProcess);
patternscanner . SelectModule(gameProcess.MainModule);
long timetookms;
ulong offset = patternscanner . FindPattern("F3 0F 11 84 8B 68 05 00 00 F3 41 0F 10 00 0F 2F C2", out timetookms); // The pattern scanner works good and finds correct place
WriteByteArray((IntPtr)offset, new byte[] { 0xE9, 0xE9, 0xDB, 0xBB, 0xFF, 0x90, 0x90, 0x90, 0x90 }); // The memory class works too
// part that writes to the blank memory from cheat engine
IntPtr lpAddress = baseaddress - 0x10000;
// AllocationType . Commit = 0x1000; VirtualMemoryProtection . PAGE_EXECUTE_READWRITE = 0x40
IntPtr thing = VirtualAllocEx(hProcess, lpAddress, 4096, (uint)AllocationType . Commit, (uint)VirtualMemoryProtection . PAGE_EXECUTE_READWRITE);
MessageBox . Show(thing . ToString() + " | " + Marshal . GetLastWin32Error()); // Show 0 | 487
WriteByteArray(lpAddress, new byte[] { 0xC7, 0x84, 0x8B, 0x68, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xE9, 0x0B, 0x24, 0x44, 0x00, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90 });
} |
This code doesn't work because of the VirtualAllocEx's 487 error. From what i've read the 487 could mean invaild address, but I set a breakpoint and the address is the same place where cheat engine would have put it.
I've been stuck on this one for the past couple of days and I would love some advice on where to go from here. Maybe I have to use a VirtualProtectEx.
I had to put spaces betweeen all the periods
|
|