 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
iPromise
Grandmaster Cheater
![]() Reputation: -1
Joined: 27 Jun 2009
Posts: 529
Location: Canada
|
 Posted: Thu May 27, 2010 8:38 pm Post subject: Whats wrong with this |
 |
|
For some reason, it can't copy properly.
| Code: |
#include <Windows.h>
#include <TlHelp32.h>
#include <iostream>
#include <string>
#include <fstream>
using namespace std;
string Target = "Test.exe";
void Dump(MODULEENTRY32 ModuleEntry, DWORD ProcessID)
{
char CurrentDir[500] = {0};
GetCurrentDirectory(500, (LPSTR) CurrentDir);
string DumpedFileName;
DumpedFileName += "_";
DumpedFileName += ModuleEntry.szModule;
fstream File(DumpedFileName.c_str(), ios::in | ios::out | ios::binary | ios::trunc);
HANDLE Process = OpenProcess(PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_VM_WRITE, false, ProcessID);
if (!Process)
{
cout << "Process failed to create!" << endl;
}
DWORD lpflOldProtect;
VirtualProtectEx(Process, ModuleEntry.modBaseAddr, ModuleEntry.modBaseSize, PAGE_EXECUTE_READWRITE, &lpflOldProtect);
BYTE *Buffer;
Buffer = new BYTE[ModuleEntry.modBaseSize];
SIZE_T Read;
ReadProcessMemory(Process, ModuleEntry.modBaseAddr, Buffer, ModuleEntry.modBaseSize, &Read);
for (int i = 0; i < ModuleEntry.modBaseSize; i ++)
{
File << Buffer[i];
}
cout << "Done Dumping!" << endl;
File.close();
}
void main()
{
DWORD ProcessID = 0;
PROCESSENTRY32 ProcessEntry;
ProcessEntry.dwSize = sizeof(PROCESSENTRY32);
HANDLE Snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
Process32First(Snapshot, &ProcessEntry);
if (!strcmp(ProcessEntry.szExeFile, Target.c_str()))
{
ProcessID = ProcessEntry.th32ProcessID;
cout << "Process ID: " << ProcessID << endl;
}
while (Process32Next(Snapshot, &ProcessEntry))
{
if (!strcmp(ProcessEntry.szExeFile, Target.c_str()))
{
ProcessID = ProcessEntry.th32ProcessID;
cout << "Process ID: " << ProcessID << endl;
}
}
MODULEENTRY32 ModuleEntry;
ModuleEntry.dwSize = sizeof(MODULEENTRY32);
HANDLE Module = CreateToolhelp32Snapshot(TH32CS_SNAPALL, ProcessID);
Module32First(Module, &ModuleEntry);
Dump(ModuleEntry, ProcessID);
while (Module32Next(Module, &ModuleEntry))
{
Dump(ModuleEntry, ProcessID);
}
system("PAUSE");
}
|
I tried dumping my own process, but I after the dump is complete I try opening my dumped result of my process and I get the message:
| Quote: |
Only part of a ReadProcessMemory or WriteProcessMemory request was completed |
Ideas?
Last edited by iPromise on Thu May 27, 2010 9:10 pm; edited 2 times in total |
|
| Back to top |
|
 |
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Thu May 27, 2010 8:51 pm Post subject: |
|
|
oh my god.. what. loool
what are you even trying to do ? you realise dumping it still won't make it viewable in a text form from notepad, right ? if you 'dump' it like that the only thing that it does is to give a copy of the current state of the program. the same as if you just opened it in a hex editor for the most part. or ran it in a disassembler and checked out the hex dump
i see after all this time you still haven't learnt how to use virtualquery though
|
|
| Back to top |
|
|
iPromise
Grandmaster Cheater
![]() Reputation: -1
Joined: 27 Jun 2009
Posts: 529
Location: Canada
|
| Posted: Thu May 27, 2010 9:11 pm Post subject: |
|
|
| Sorry, I was told that this was the way to do it..
|
|
| Back to top |
|
|
hcavolsdsadgadsg
I'm a spammer
![]() Reputation: 26
Joined: 11 Jun 2007
Posts: 5801
|
| Posted: Thu May 27, 2010 9:28 pm Post subject: |
|
|
i would think you'd want to use write() instead of the << operator if you're writing a binary file.
also you leak memory
also the void main() is cute.
|
|
| Back to top |
|
|
iPromise
Grandmaster Cheater
![]() Reputation: -1
Joined: 27 Jun 2009
Posts: 529
Location: Canada
|
| Posted: Thu May 27, 2010 10:04 pm Post subject: |
|
|
Fixed all of the above, but same problem.
| Code: |
#include <Windows.h>
#include <TlHelp32.h>
#include <iostream>
#include <string>
#include <fstream>
using namespace std;
string Target = "Test.exe";
void Dump(MODULEENTRY32 ModuleEntry, DWORD ProcessID)
{
char CurrentDir[500] = {0};
GetCurrentDirectory(500, (LPSTR) CurrentDir);
string DumpedFileName;
DumpedFileName += "_";
DumpedFileName += ModuleEntry.szModule;
fstream File(DumpedFileName.c_str(), ios::in | ios::out | ios::binary | ios::trunc);
HANDLE Process = OpenProcess(PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_VM_WRITE, false, ProcessID);
if (!Process)
{
cout << "Process failed to create!" << endl;
}
DWORD lpflOldProtect;
VirtualProtectEx(Process, ModuleEntry.modBaseAddr, ModuleEntry.modBaseSize, PAGE_EXECUTE_READWRITE, &lpflOldProtect);
unsigned char *Buffer;
Buffer = new unsigned char[ModuleEntry.modBaseSize];
SIZE_T Read;
ReadProcessMemory(Process, ModuleEntry.modBaseAddr, Buffer, ModuleEntry.modBaseSize, &Read);
//for (int i = 0; i < ModuleEntry.modBaseSize; i ++)
//{
File.write((const char *) Buffer, ModuleEntry.modBaseSize);
//}
cout << "Done Dumping!" << endl;
File.close();
CloseHandle(Process);
}
void main()
{
DWORD ProcessID = 0;
PROCESSENTRY32 ProcessEntry;
ProcessEntry.dwSize = sizeof(PROCESSENTRY32);
HANDLE Snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
Process32First(Snapshot, &ProcessEntry);
if (!strcmp(ProcessEntry.szExeFile, Target.c_str()))
{
ProcessID = ProcessEntry.th32ProcessID;
cout << "Process ID: " << ProcessID << endl;
}
while (Process32Next(Snapshot, &ProcessEntry))
{
if (!strcmp(ProcessEntry.szExeFile, Target.c_str()))
{
ProcessID = ProcessEntry.th32ProcessID;
cout << "Process ID: " << ProcessID << endl;
}
}
MODULEENTRY32 ModuleEntry;
ModuleEntry.dwSize = sizeof(MODULEENTRY32);
HANDLE Module = CreateToolhelp32Snapshot(TH32CS_SNAPALL, ProcessID);
Module32First(Module, &ModuleEntry);
Dump(ModuleEntry, ProcessID);
while (Module32Next(Module, &ModuleEntry))
{
Dump(ModuleEntry, ProcessID);
}
system("PAUSE");
}
|
|
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Fri May 28, 2010 5:21 am Post subject: |
|
|
| did you know that vc++ comes with a debugger ?
|
|
| Back to top |
|
|
pkedpker
Master Cheater
![]() Reputation: 1
Joined: 11 Oct 2006
Posts: 412
|
| Posted: Fri May 28, 2010 5:49 am Post subject: |
|
|
if you want to dump a file you will obviously dump it only once right? you don't even need to program a tool whats the point of dumping it everytime when you can dump it once and save to your txt document or whatever u want dumped files obviously will not run.
want to dump a file? use ollydebugger dumper
run ollydebugger load up your exe go to dump plugin and dump to new file choose test.txt and you're done!
this will unpack your application too because it unpacks in memory but your application will not be runnable good for viewing assembly code.
_________________
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
