Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


c# adress and offsets...

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
itapi
How do I cheat?
Reputation: 0

Joined: 15 Feb 2015
Posts: 9

PostPosted: Sun Feb 15, 2015 3:02 pm    Post subject: c# adress and offsets... Reply with quote

hey everybody! im pretty new to those stuff but i've searched for my problem around this forum.. didnt realy find goood answer Very Happy

so im trying to read a value from pointer with 5 offsets...
Code:

  IntPtr bace = process.MainModule.BaseAddress + 0X01DF4EE4;
           
           int bytesRead;

           byte[] value = ReadMemory(process,bace.ToInt32(), 10, out bytesRead); 

My offsets are.. 0X40,0X118.0Xd4,0x54c,0x100...

i saw some posts in the forums about that.. but it didnt really help me....
how should i add this offstes... i tried for loop.... or just manually but didnt realyl work..
can someone help please im breaking my head for the whole week SadSad[/quote]
Back to top
View user's profile Send private message
hollow87
Cheater
Reputation: 0

Joined: 07 Feb 2015
Posts: 28

PostPosted: Sun Feb 15, 2015 4:04 pm    Post subject: Reply with quote

You will need a loop. Pointers in 32bit mode are nearly always 4 bytes long. and in 8 bytes in 64bit. (8 bits in a byte so 32/8 is 4 and 64/8 is 8)
So you read the memory do the math on it and keep looping until you reach the address you want. I have some code from a C# Framework for trainers I'm developing I can't post links yet but here is the code I use for the Reading and writing to pointers.
Code:
public byte[] ReadMemory(IntPtr address, int length)
{
   byte[] buffer = new byte[length];

   bool ret = Win32Api.Kernel32.ReadProcessMemory(
      Process.TargetProcessHandle,
      address,
      buffer,
      length,
      IntPtr.Zero);

   if (!ret)
      throw new Exception("TODO: Error reading process memory");

   return buffer;
}

public byte[] ReadMemory(IntPtr address, int length, params int[] offsets)
{
   int pointerCount = offsets.Length - 1;

   if (offsets.Length > 0)
   {
      IntPtr pointer = ReadPointer(address);
      for (var i = 0; i < pointerCount; i++)
      {
         pointer = IntPtr.Add(pointer, offsets[i]);
         pointer = ReadPointer(pointer);
      }
      address = IntPtr.Add(pointer, offsets[pointerCount]);
   }

   return ReadMemory(address, length);
}

public IntPtr ReadPointer(IntPtr address)
{
   int length = Process.Is64Bit ? 8 : 4;

   byte[] pointer = ReadMemory(address, length);

   if (Process.Is64Bit)
      return new IntPtr(BitConverter.ToInt64(pointer, 0));

   return new IntPtr(BitConverter.ToInt32(pointer, 0));

}

public void WriteMemory(IntPtr address, byte[] data)
{
   bool ret = Win32Api.Kernel32.WriteProcessMemory(
      Process.TargetProcessHandle,
      address,
      data,
      data.Length,
      IntPtr.Zero);

   if (!ret)
      throw new Exception("TODO: Error writing process memory");
}

public void WriteMemory(IntPtr address, byte[] data, params int[] offsets)
{
   int pointerCount = offsets.Length - 1;

   if (offsets.Length > 0)
   {
      IntPtr pointer = ReadPointer(address);
      for (var i = 0; i < pointerCount; i++)
      {
         pointer = IntPtr.Add(pointer, offsets[i]);
         pointer = ReadPointer(pointer);
      }
      address = IntPtr.Add(pointer, offsets[pointerCount]);
   }

   WriteMemory(address, data);
}


Hope that helps.
Back to top
View user's profile Send private message
itapi
How do I cheat?
Reputation: 0

Joined: 15 Feb 2015
Posts: 9

PostPosted: Sun Feb 15, 2015 4:47 pm    Post subject: Reply with quote

hollow87 wrote:
You will need a loop. Pointers in 32bit mode are nearly always 4 bytes long. and in 8 bytes in 64bit. (8 bits in a byte so 32/8 is 4 and 64/8 is Cool
So you read the memory do the math on it and keep looping until you reach the address you want. I have some code from a C# Framework for trainers I'm developing I can't post links yet but here is the code I use for the Reading and writing to pointers.
Code:
public byte[] ReadMemory(IntPtr address, int length)
{
   byte[] buffer = new byte[length];

   bool ret = Win32Api.Kernel32.ReadProcessMemory(
      Process.TargetProcessHandle,
      address,
      buffer,
      length,
      IntPtr.Zero);

   if (!ret)
      throw new Exception("TODO: Error reading process memory");

   return buffer;
}

public byte[] ReadMemory(IntPtr address, int length, params int[] offsets)
{
   int pointerCount = offsets.Length - 1;

   if (offsets.Length > 0)
   {
      IntPtr pointer = ReadPointer(address);
      for (var i = 0; i < pointerCount; i++)
      {
         pointer = IntPtr.Add(pointer, offsets[i]);
         pointer = ReadPointer(pointer);
      }
      address = IntPtr.Add(pointer, offsets[pointerCount]);
   }

   return ReadMemory(address, length);
}

public IntPtr ReadPointer(IntPtr address)
{
   int length = Process.Is64Bit ? 8 : 4;

   byte[] pointer = ReadMemory(address, length);

   if (Process.Is64Bit)
      return new IntPtr(BitConverter.ToInt64(pointer, 0));

   return new IntPtr(BitConverter.ToInt32(pointer, 0));

}

public void WriteMemory(IntPtr address, byte[] data)
{
   bool ret = Win32Api.Kernel32.WriteProcessMemory(
      Process.TargetProcessHandle,
      address,
      data,
      data.Length,
      IntPtr.Zero);

   if (!ret)
      throw new Exception("TODO: Error writing process memory");
}

public void WriteMemory(IntPtr address, byte[] data, params int[] offsets)
{
   int pointerCount = offsets.Length - 1;

   if (offsets.Length > 0)
   {
      IntPtr pointer = ReadPointer(address);
      for (var i = 0; i < pointerCount; i++)
      {
         pointer = IntPtr.Add(pointer, offsets[i]);
         pointer = ReadPointer(pointer);
      }
      address = IntPtr.Add(pointer, offsets[pointerCount]);
   }

   WriteMemory(address, data);
}


Hope that helps.


ty bro but win32api is marked as red.. i guess i have to add any refrence.. i cant find what refrence... help plase?
Back to top
View user's profile Send private message
hollow87
Cheater
Reputation: 0

Joined: 07 Feb 2015
Posts: 28

PostPosted: Sun Feb 15, 2015 5:10 pm    Post subject: Reply with quote

That code is not meant to be copy and pasted. You will need to add the P/Invoke and modify it a bit to get it to work with your code. I happened to put all my P/Invoke based stuff in the Win32Api namespace within my program

Idea was to help you understand how to do the offsets to multiple pointers using a loop.

The basic idea is to do the following
    Read 4/8 bytes from address (based on 32 or 64bit)
    Add Offset to the value read from that address
    Repeat until you run out of offsets
    Read/Write to address you have.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites