| View previous topic :: View next topic |
| Author |
Message |
rooski
Master Cheater
![]() Reputation: 0
Joined: 31 Oct 2007
Posts: 340
Location: Siberia
|
 Posted: Wed Jan 27, 2010 11:31 am Post subject: ReadProcessMemory |
 |
|
Just looking into this , probably missing something but ill ask anyway .
ok im trying to read the value of the address 0x80d0358 , but every time i run it outputs 0. ive done error checking to see if the window is found or if ReadProccessMemory failed , but they dont.
so what did i do wrong??
| Code: | #include <iostream>
#include <windows.h>
using namespace std;
int ReadMyAddress()
{
int MyBuffer = 0;
unsigned long Address = 0x80d0358;
HANDLE hProc = FindWindow(NULL, "snes9x v1.52 for windows");
VirtualProtectEx(hProc, (LPVOID)Address, 256, PAGE_EXECUTE_READWRITE, NULL);
ReadProcessMemory(hProc, ULongToPtr(Address), &MyBuffer, sizeof(MyBuffer), NULL);
return MyBuffer;
}
int main(int argc, char * argv[])
{
int buffer = ReadMyAddress();
cout << buffer;
system ("pause");
return 0;
} |
|
|
| Back to top |
|
 |
Haxory'
Grandmaster Cheater Supreme
 Reputation: 92
Joined: 30 Jul 2007
Posts: 1900
|
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Wed Jan 27, 2010 1:58 pm Post subject: |
|
|
| window handle is not the same as a process handle
|
|
| Back to top |
|
|
Haxory'
Grandmaster Cheater Supreme
Reputation: 92
Joined: 30 Jul 2007
Posts: 1900
|
| Posted: Wed Jan 27, 2010 2:36 pm Post subject: |
|
|
This works.
| Code: | #include "stdafx.h"
#include <iostream>
#include <windows.h>
using namespace std;
int ReadMyAddress()
{
int MyBuffer = 0;
unsigned long Address = 0xDEADBEEF;
HANDLE hProcess = 0;
HWND hWindow;
DWORD pid = 0;
hWindow = FindWindow(NULL, L"InjecTOR v.1.1");
if (hWindow){
GetWindowThreadProcessId(hWindow, &pid);
}
hProcess = OpenProcess(PROCESS_ALL_ACCESS, 0, pid);
ReadProcessMemory(hProcess, ULongToPtr(Address), &MyBuffer, sizeof(MyBuffer), NULL);
return MyBuffer;
}
int main(int argc, char * argv[])
{
int buffer = ReadMyAddress();
cout << buffer;
cout << "\n";
system ("pause");
return 0;
} |
_________________
you and me baby ain't nothing but mammals so lets do it like they do on the discovery channel |
|
| Back to top |
|
|
rooski
Master Cheater
![]() Reputation: 0
Joined: 31 Oct 2007
Posts: 340
Location: Siberia
|
| Posted: Wed Jan 27, 2010 2:49 pm Post subject: |
|
|
i was missing this whole bit
| Code: | if (hWindow){
GetWindowThreadProcessId(hWindow, &pid);
}
hProcess = OpenProcess(PROCESS_ALL_ACCESS, 0, pid); |
got it working now , thanks for the help
EDIT_____________________________________
quick question , how do i convert a 4 byte value to byte?
(google turned up absolutely nothing)
|
|
| Back to top |
|
|
Dark Byte
Site Admin
 Reputation: 474
Joined: 09 May 2003
Posts: 25952
Location: The netherlands
|
| Posted: Wed Jan 27, 2010 3:41 pm Post subject: |
|
|
you could also use "unsigned char mybuffer;"
that way "ReadProcessMemory(hProcess, ULongToPtr(Address), &MyBuffer, sizeof(MyBuffer), NULL); " will only read the 1 byte at the specified address
as for converting a 4 byte to a byte:
| Code: |
BYTE mybyte;
DWORD my4bytevalue;
my4bytevalue=112;
mybyte=my4bytevalue;
|
now if my4bytevalue is bigger than 255 then the higher bits will be lost
_________________
Tools give you results. Knowledge gives you control.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
rooski
Master Cheater
![]() Reputation: 0
Joined: 31 Oct 2007
Posts: 340
Location: Siberia
|
| Posted: Wed Jan 27, 2010 4:13 pm Post subject: |
|
|
your way worked
thanks again for all the help , really nice to know i can get quick help from somewhere  .
Last edited by rooski on Wed Jan 27, 2010 11:11 pm; edited 1 time in total |
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Wed Jan 27, 2010 5:37 pm Post subject: |
|
|
| remember to close the process handle you obtained
|
|
| Back to top |
|
|
iPromise
Grandmaster Cheater
![]() Reputation: -1
Joined: 27 Jun 2009
Posts: 529
Location: Canada
|
| Posted: Wed Jan 27, 2010 8:30 pm Post subject: |
|
|
| @Slugsnack To elaborate, after you read from the process close the handle to prevent memory leaks.
|
|
| Back to top |
|
|
rooski
Master Cheater
![]() Reputation: 0
Joined: 31 Oct 2007
Posts: 340
Location: Siberia
|
| Posted: Wed Jan 27, 2010 10:49 pm Post subject: |
|
|
I have another question , using the pointer scanner i get
| Code: | | [[snes9x.exe+0031BF38]+e8] |
how do i express this in c++ so i can get its value 
as i understand it snes9x.exe is the EP and then i just go from there , so how do i find a process's EP?
|
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Thu Jan 28, 2010 2:16 am Post subject: |
|
|
| snes9x is not the EP, it is the base of that module. you can get the address with GetModuleHandle(). add 0x0031BF38 to the returned address. dereference that new address, ie. get the 4 bytes there. treat that 4 bytes as a new pointer which you add 0xe8 to.
|
|
| Back to top |
|
|
AtheistCrusader
Grandmaster Cheater
![]() Reputation: 6
Joined: 23 Sep 2006
Posts: 681
|
| Posted: Thu Jan 28, 2010 3:55 am Post subject: |
|
|
| rooski wrote: | I have another question , using the pointer scanner i get
| Code: | | [[snes9x.exe+0031BF38]+e8] |
how do i express this in c++ so i can get its value
as i understand it snes9x.exe is the EP and then i just go from there , so how do i find a process's EP? |
[TheValueOf(snes9x.exe+0031BF38)]+e8 = the address you need
|
|
| Back to top |
|
|
rooski
Master Cheater
![]() Reputation: 0
Joined: 31 Oct 2007
Posts: 340
Location: Siberia
|
| Posted: Thu Jan 28, 2010 12:45 pm Post subject: |
|
|
@vision , yes i understand that i just didnt know how to get the base address(snes9x.exe) , but like Slugsnack said , just use GetModuleHandle().
thanks again for the quick reply .
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
