Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


[Delphi] ReadProcessMemory and Pointer problem

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
gunminiho
Expert Cheater
Reputation: 0

Joined: 15 Dec 2008
Posts: 144
Location: peru
PostPosted: Thu May 21, 2009 11:57 am    Post subject: [Delphi] ReadProcessMemory and Pointer problem Reply with quote
Very Happy hi to everyone, i have an addy wich is dinamyc and i've got the pointer and offset and now i wanna get addy's value and show it on a TextBox, i've made my code and looks like this:


Code:
procedure TForm1.Button1Click(Sender: TObject);

const
   AddyCharX:dword =$00a88d28;
var
     CharX:dword;
     buf:pchar;
     temp:cardinal;

begin
/////usando Get
Pidhandle := GetProcHandle(process);
//ProcName := InputBox('Handle Search',
                        //'Enter an exename to search for a handle','');
  //ShowMessage('The handle for: ' + Procname + ' is: ' +
          //VarToStr(GetProcHandle(ProcName)));
Pid_v.Text := IntToStr(Pidhandle);
ProcessIdHandle := OpenProcess(PROCESS_ALL_ACCESS,False,Pidhandle);
PidHandle_v.Text := IntToStr(ProcessIdHandle);
getmem(buf,4);
if VirtualProtectEx(ProcessIdHandle,pointer (pdword(pdword($00a88d28)^+$EEC)^),4, PAGE_EXECUTE_READWRITE, nil)then
begin
readprocessmemory(ProcessIdHandle,ptr(pdword(pdword($00a88d28)^+$EEC)^),buf,4,temp);
showmessage(inttostr(integer(buf)));
CharXBox.Text := buf;//IntToStr(Int64(CharX));
FreeMem(buf);
  if ProcessIdHandle <> 0 then
    CloseHandle(ProcessIdHandle);
end;
end;


the problem i have is this ( see attached item )

i think its cause of protection of page, but :S i've called VirtualProctectEx before to change protection of page and seted to:read/write/execute :S, i think the problem is that im not changing the protection :S, please help! Shocked


also im not sure, how to access to that Address to Change Protection ( cause its dynamic)

i mean how to use

Code:
function VirtualProtectEx (hProcess : Integer;
    var lpAddress : Pointer;
    dwSize : Integer;
    flNewProtect : Integer;
    var lpflOldProtect : Integer) : Integer;
    stdcall; external 'kernel32' name 'VirtualProtectEx'



Quote:
var lpAddress : Pointer;
here i need to declare an addy and i have pointer and offset :S how do i do that :S

Edited:

i got the problem is that VirtualProtect isn't changing protection of pages >.<!

Dibujo.JPG
 Description:
 Filesize:  12.18 KB
 Viewed:  14265 Time(s)

Dibujo.JPG
Back to top
View user's profile Send private message
dnsi0
I post too much
Reputation: 0

Joined: 04 Jan 2007
Posts: 2674
PostPosted: Thu May 21, 2009 4:38 pm    Post subject: Re: [Delphi] ReadProcessMemory and Pointer problem Reply with quote
gunminiho wrote:
Very Happy hi to everyone, i have an addy wich is dinamyc and i've got the pointer and offset and now i wanna get addy's value and show it on a TextBox, i've made my code and looks like this:


Code:
procedure TForm1.Button1Click(Sender: TObject);

const
   AddyCharX:dword =$00a88d28;
var
     CharX:dword;
     buf:pchar;
     temp:cardinal;

begin
/////usando Get
Pidhandle := GetProcHandle(process);
//ProcName := InputBox('Handle Search',
                        //'Enter an exename to search for a handle','');
  //ShowMessage('The handle for: ' + Procname + ' is: ' +
          //VarToStr(GetProcHandle(ProcName)));
Pid_v.Text := IntToStr(Pidhandle);
ProcessIdHandle := OpenProcess(PROCESS_ALL_ACCESS,False,Pidhandle);
PidHandle_v.Text := IntToStr(ProcessIdHandle);
getmem(buf,4);
if VirtualProtectEx(ProcessIdHandle,pointer (pdword(pdword($00a88d28)^+$EEC)^),4, PAGE_EXECUTE_READWRITE, nil)then
begin
readprocessmemory(ProcessIdHandle,ptr(pdword(pdword($00a88d28)^+$EEC)^),buf,4,temp);
showmessage(inttostr(integer(buf)));
CharXBox.Text := buf;//IntToStr(Int64(CharX));
FreeMem(buf);
  if ProcessIdHandle <> 0 then
    CloseHandle(ProcessIdHandle);
end;
end;


the problem i have is this ( see attached item )

i think its cause of protection of page, but :S i've called VirtualProctectEx before to change protection of page and seted to:read/write/execute :S, i think the problem is that im not changing the protection :S, please help! Shocked


also im not sure, how to access to that Address to Change Protection ( cause its dynamic)

i mean how to use

Code:
function VirtualProtectEx (hProcess : Integer;
    var lpAddress : Pointer;
    dwSize : Integer;
    flNewProtect : Integer;
    var lpflOldProtect : Integer) : Integer;
    stdcall; external 'kernel32' name 'VirtualProtectEx'



Quote:
var lpAddress : Pointer;
here i need to declare an addy and i have pointer and offset :S how do i do that :S

Edited:

i got the problem is that VirtualProtect isn't changing protection of pages >.<!


I got to the pdword()^ part and I fell off of my chair laughing...

pdword()^ will access the memory in the current memory space NOT ms's memory space. You need to make the first part using readprocessmemory too.[/i]

When I stop laughing, I will make some code. Just wait awhile.
Back to top
View user's profile Send private message
gunminiho
Expert Cheater
Reputation: 0

Joined: 15 Dec 2008
Posts: 144
Location: peru
PostPosted: Thu May 21, 2009 5:25 pm    Post subject: Reply with quote
if you see i've made it with ReadProcessMemory, but i get same problem, and if you see:

Quote:
if VirtualProtectEx(ProcessIdHandle,pointer (pdword(pdword($00a88d28)^+$EEC)^),4, PAGE_EXECUTE_READWRITE, nil)


im using VirtualProtectEx, not VirtualProtect Rolling Eyes also im giving MS Pidhandle Rolling Eyes

=D by the way do u know how to put a form inside of a dll, like kitterz?
Back to top
View user's profile Send private message
dnsi0
I post too much
Reputation: 0

Joined: 04 Jan 2007
Posts: 2674
PostPosted: Thu May 21, 2009 5:41 pm    Post subject: Reply with quote
gunminiho wrote:
if you see i've made it with ReadProcessMemory, but i get same problem, and if you see:

Quote:
if VirtualProtectEx(ProcessIdHandle,pointer (pdword(pdword($00a88d28)^+$EEC)^),4, PAGE_EXECUTE_READWRITE, nil)


im using VirtualProtectEx, not VirtualProtect Rolling Eyes also im giving MS Pidhandle Rolling Eyes

=D by the way do u know how to put a form inside of a dll, like kitterz?


OMG... Your so stupid. pdword()^ is accessing memory in your own app NOT ms. How thick is your brain? You must use a seprate ReadProcessMemory to read the base pointer.

And yes I do. Just take a look at Kitterz's source.
Back to top
View user's profile Send private message
gunminiho
Expert Cheater
Reputation: 0

Joined: 15 Dec 2008
Posts: 144
Location: peru
PostPosted: Thu May 21, 2009 6:13 pm    Post subject: Reply with quote
dnsi0 wrote:
gunminiho wrote:
if you see i've made it with ReadProcessMemory, but i get same problem, and if you see:

Quote:
if VirtualProtectEx(ProcessIdHandle,pointer (pdword(pdword($00a88d28)^+$EEC)^),4, PAGE_EXECUTE_READWRITE, nil)


im using VirtualProtectEx, not VirtualProtect Rolling Eyes also im giving MS Pidhandle Rolling Eyes

=D by the way do u know how to put a form inside of a dll, like kitterz?


OMG... Your so stupid. pdword()^ is accessing memory in your own app NOT ms. How thick is your brain? You must use a seprate ReadProcessMemory to read the base pointer.

And yes I do. Just take a look at Kitterz's source.


hmm ok i will try it again ( cause i've already tried ), but one question, RPM asks me for a addy, what should i put there? my pointer+offset?

but Kitterz is in C++ Crying or Very sad

-----------------

^.^, now is working but... i have a type problem :S, how can i conver Pchar to String :S, im havnig this problem
Back to top
View user's profile Send private message
dnsi0
I post too much
Reputation: 0

Joined: 04 Jan 2007
Posts: 2674
PostPosted: Fri May 22, 2009 1:50 pm    Post subject: Reply with quote
gunminiho wrote:
dnsi0 wrote:
gunminiho wrote:
if you see i've made it with ReadProcessMemory, but i get same problem, and if you see:

Quote:
if VirtualProtectEx(ProcessIdHandle,pointer (pdword(pdword($00a88d28)^+$EEC)^),4, PAGE_EXECUTE_READWRITE, nil)


im using VirtualProtectEx, not VirtualProtect Rolling Eyes also im giving MS Pidhandle Rolling Eyes

=D by the way do u know how to put a form inside of a dll, like kitterz?


OMG... Your so stupid. pdword()^ is accessing memory in your own app NOT ms. How thick is your brain? You must use a seprate ReadProcessMemory to read the base pointer.

And yes I do. Just take a look at Kitterz's source.


hmm ok i will try it again ( cause i've already tried ), but one question, RPM asks me for a addy, what should i put there? my pointer+offset?

but Kitterz is in C++ Crying or Very sad

-----------------

^.^, now is working but... i have a type problem :S, how can i conver Pchar to String :S, im havnig this problem


Ok.

Heres what you do:
Call ReadProcessmemory with your base pointer. Now take the value in the buffer and add offset to it. Then Call ReadProcessMemory AGAIN with the added offset. Now buffer contains the value you want.

Well... String To PAnsiChar is just PAnsiChar(StringVar). Never needed to do this so I guess you can declare a type for PString=^String then PString(thepcharvar);
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites