 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Special11
Cheater
![]() Reputation: 0
Joined: 20 Dec 2009
Posts: 28
|
 Posted: Sun Feb 07, 2010 3:28 pm Post subject: [C++]Three-level Pointer |
 |
|
Hi all, can someone tell me what i'm doing wrong?
I'm reading value of pointer and adding offset to it three times but it doesn't work like this pointer in Cheat Engine.
| Code: |
DWORD oneLevel;
DWORD oneOffset;
DWORD twoLevel;
DWORD twoOffset;
DWORD threeLevel;
DWORD threeOffset;
DWORD BaseAddress = GetModuleBase("TLoader.exe",proc_id);
ReadProcessMemory(hProcess, (void*)(BaseAddress + 0x26767C), &oneLevel, sizeof(oneLevel), &bytes);
ReadProcessMemory(hProcess, (void*)(oneLevel + 0x598), &oneOffset, sizeof(oneOffset), &bytes);
ReadProcessMemory(hProcess, (void*)oneOffset, &twoLevel, sizeof(twoLevel), &bytes);
ReadProcessMemory(hProcess, (void*)(twoLevel + 0x1EC), &twoOffset, sizeof(twoOffset), &bytes);
ReadProcessMemory(hProcess, (void*)twoOffset, &threeLevel, sizeof(threeLevel), &bytes);
ReadProcessMemory(hProcess, (void*)(threeLevel + 0x9F2), &threeOffset, sizeof(threeOffset), &bytes);
WriteProcessMemory(hProcess, (void*)threeOffset, (LPCVOID)16550, sizeof(int), &bytes);
|
[/code]
| Description: |
| 3-Level Pointer in Cheat Engine |
|
| Filesize: |
35.3 KB |
| Viewed: |
15476 Time(s) |
|
|
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 474
Joined: 09 May 2003
Posts: 25953
Location: The netherlands
|
| Posted: Sun Feb 07, 2010 3:37 pm Post subject: |
|
|
you can actually do this in a lot less instructions
anyhow, quickly reading through your code I'd say "WriteProcessMemory(hProcess, (void*)threeOffset, (LPCVOID)16550, sizeof(int), &bytes); " is wrong
it means you're writing the value stored at address 16550 in your process to the address of the pointer.
I suggest giving the address of an initialized variable that holds the value instead
_________________
Tools give you results. Knowledge gives you control.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Special11
Cheater
![]() Reputation: 0
Joined: 20 Dec 2009
Posts: 28
|
| Posted: Sun Feb 07, 2010 3:59 pm Post subject: |
|
|
You mean this?
I don't understand what i need to do :/
| Code: |
unsigned int speed = 16550;
DWORD bytes;
DWORD oneLevel;
DWORD oneOffset;
DWORD twoLevel;
DWORD twoOffset;
DWORD threeLevel;
DWORD threeOffset;
DWORD BaseAddress = GetModuleBase("TLoader.exe",proc_id);
ReadProcessMemory(hProcess, (void*)(BaseAddress + 0x26767C), &oneLevel, sizeof(oneLevel), &bytes);
ReadProcessMemory(hProcess, (void*)(oneLevel + 0x598), &oneOffset, sizeof(oneOffset), &bytes);
ReadProcessMemory(hProcess, (void*)oneOffset, &twoLevel, sizeof(twoLevel), &bytes);
ReadProcessMemory(hProcess, (void*)(twoLevel + 0x1EC), &twoOffset, sizeof(twoOffset), &bytes);
ReadProcessMemory(hProcess, (void*)twoOffset, &threeLevel, sizeof(threeLevel), &bytes);
ReadProcessMemory(hProcess, (void*)(threeLevel + 0x9F2), &threeOffset, sizeof(threeOffset), &bytes);
WriteProcessMemory(hProcess, (void*)threeOffset, &speed, sizeof(speed), &bytes);
|
|
|
| Back to top |
|
|
zirak
Expert Cheater
![]() Reputation: 1
Joined: 15 Jun 2006
Posts: 121
Location: In the sewers
|
| Posted: Thu Feb 11, 2010 6:41 pm Post subject: |
|
|
Or you can do this
| Code: | DWORD thefirst = (DWORD)(*(DWORD*)0x0040014F + 0x1378);
DWORD thesecond = (DWORD)(*(DWORD*)thefirst + 0x18);
DWORD thethird = (DWORD)(*(DWORD*)thesecond + 0x974);
DWORD theresult = (DWORD)(*(DWORD*)thethird + 0x2B4C);
|
That's just an example, but that works too.
|
|
| Back to top |
|
|
FullyAwesome
I post too much
![]() Reputation: 0
Joined: 05 Apr 2007
Posts: 4438
Location: Land Down Under
|
| Posted: Thu Feb 11, 2010 11:40 pm Post subject: |
|
|
| zirak wrote: | Or you can do this
| Code: | DWORD thefirst = (DWORD)(*(DWORD*)0x0040014F + 0x1378);
DWORD thesecond = (DWORD)(*(DWORD*)thefirst + 0x18);
DWORD thethird = (DWORD)(*(DWORD*)thesecond + 0x974);
DWORD theresult = (DWORD)(*(DWORD*)thethird + 0x2B4C);
|
That's just an example, but that works too. |
that's assuming he's sharing the memory space of the other program. also, good bump. 
_________________
|
|
| Back to top |
|
|
Special11
Cheater
![]() Reputation: 0
Joined: 20 Dec 2009
Posts: 28
|
| Posted: Sun Feb 14, 2010 2:33 pm Post subject: |
|
|
I tried this code:
| Code: |
DWORD Base = GetModuleBase("TLoader.exe",proc_id);
DWORD thefirst = (DWORD)(*(DWORD*)Base + 0x26767C);
DWORD thesecond = (DWORD)(*(DWORD*)thefirst + 0x598);
DWORD thethird = (DWORD)(*(DWORD*)thesecond + 0x1EC);
DWORD theresult = (DWORD)(*(DWORD*)thethird + 0x9F2);
|
But when i'm writing memory application just crashes ;/
| Code: |
WriteProcessMemory(hProcess, (void*)theresult, (LPCVOID)16550, sizeof(int), NULL);
|
Or this, both crashes application:
| Code: |
unsigned long superspeed = 16550;
WriteProcessMemory(hProcess, (void*)theresult, &superspeed, sizeof(superspeed), NULL);
|
Can someone show me working code, or tell me what's wrong, please?
|
|
| Back to top |
|
|
Anden100
Grandmaster Cheater
![]() Reputation: 0
Joined: 20 Apr 2007
Posts: 668
|
| Posted: Wed Feb 17, 2010 4:16 pm Post subject: |
|
|
I think you have quite a lot ReadProcessMemory calls, 3 should be enough i belive?
| Code: | unsigned long superspeed = 16550;
DWORD buffer;
ReadProcessMemory(hProcess, (LPCVOID)(BaseAddress+0x26767C), &buffer, sizeof(buffer), NULL);
ReadProcessMemory(hProcess, (LPCVOID)(buffer+0x598), &buffer, sizeof(buffer), NULL);
ReadProcessMemory(hProcess, (LPCVOID)(buffer+0x1EC), &buffer, sizeof(buffer), NULL);
buffer+= 0x9F2;
WriteProcessMemory(hProcess, (LPCVOID)buffer, &superspeed, sizeof(superspeed), NULL); |
If this doesen't work, try reading this:
http://forum.cheatengine.org/viewtopic.php?t=422516
|
|
| Back to top |
|
|
zirak
Expert Cheater
![]() Reputation: 1
Joined: 15 Jun 2006
Posts: 121
Location: In the sewers
|
| Posted: Thu Feb 18, 2010 12:07 am Post subject: |
|
|
| Special11 wrote: | I tried this code:
| Code: |
DWORD Base = GetModuleBase("TLoader.exe",proc_id);
DWORD thefirst = (DWORD)(*(DWORD*)Base + 0x26767C);
DWORD thesecond = (DWORD)(*(DWORD*)thefirst + 0x598);
DWORD thethird = (DWORD)(*(DWORD*)thesecond + 0x1EC);
DWORD theresult = (DWORD)(*(DWORD*)thethird + 0x9F2);
|
But when i'm writing memory application just crashes ;/
| Code: |
WriteProcessMemory(hProcess, (void*)theresult, (LPCVOID)16550, sizeof(int), NULL);
|
Or this, both crashes application:
| Code: |
unsigned long superspeed = 16550;
WriteProcessMemory(hProcess, (void*)theresult, &superspeed, sizeof(superspeed), NULL);
|
Can someone show me working code, or tell me what's wrong, please? |
I just realized you're using hProcess? In any case is your trainer not a DLL? If it's not then that wouldn't work for you. I personally make DLL-based Trainers makes things easier for me 
Edit:
Nvm, that should work for you... dunno why it won't work considering you're telling it's the right exe. Try using CheatEngine to tell if that Multi-level pointer is actually valid. And if it exists when you're trying to write it to that pointer (by adding some extra checks)
|
|
| Back to top |
|
|
Special11
Cheater
![]() Reputation: 0
Joined: 20 Dec 2009
Posts: 28
|
| Posted: Sat Feb 20, 2010 9:24 am Post subject: |
|
|
| Already found a solution. Thx anyway
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
