Cheat Engine

[Pasukaru]

Hello!
I'm experimenting with reading/writing memory of a program and having trouble finding a specific address based on the program's entry point.
(My test program is Windows 7's Solitaire)
In CE the address pointer looks like this: solitaire.exe+97074 offset: 2C
How do I realize this with C++ code?

I have no problems finding values and static addresses with other programs/games I used, but in this case I have to use the module name because even static(green) addresses are changing.

So, what I need is something like this:

[atom0s]

You can find this information using:
- CreateToolhelp32Snapshot
- Process32First / Process32Next
- Module32First / Module32Next

[Pasukaru]

Thanks Wiccaan!

I tried to find the BaseAddress using the CreateToolhelp32Snapshot.

Here is what I got so far:

[atom0s]

CE is reading the solitare.exe+97074 as a pointer. Then adding 0x2c to the result. Then reading that new address as a pointer, then adding 0x10 to that for the final address.

when you have the correct module base (The first one returned should be the .exe) use the base from that and add 97074 to it and read that address as a DWORD value.

So in summary:
- Get solitare.exe base from Module32First when you have the procid.
- ReadProcessMemory solitare.exe+0x97074 as a DWORD
- Add 0x2c to the result.
- ReadProcessMemory again using the result as the address.
- Add 0x10 to the new result.

And you should have your address. Read/Write to it then.

[Pasukaru]

Thanks a bunch!
I tried that, just had a little error, I used 97074 as static offset, instead of 0x97074 (stupid me!).

I got it working now.
Here's the complete code, maybe someone else will find it useful.

I copied the first function from a thread on this forum. Couldn't find it again, sorry. :/
It does pretty much the same as my code, just with an added check to make sure you find the correct address.

[NullBy7e]

_tscmp is undefined for me, what do I do?

[atom0s]

[NullBy7e]

I've got a similar issue, I find the base address but in cheat engine its a different address.

Some code:

[atom0s]

Be sure that Cheat Engine is using that same module (the executable) as the base address and not something else.

[NullBy7e]

I think that it is?
I open the process and it shows an address next to the name, I assume that it's the module base address.
Odd thing is that when I read a pointer it returns 0 instead of a char* when using printf.
It shouldnt return a zero because the pointer and offsets i'm using work with my C# version.

Something else must be wrong..

[Dark Byte]

[NullBy7e]

Ive taken a look at that topic and I think that I understand it now.
Something like this?

I probably have to convert the buffer before using it as an address everytime?

[Dark Byte]

instead of using buffer, use an type that can hold an pointersize object without the need to convert e.g UINT_PTR, or just int if it's 32-bit

[NullBy7e]

Is this code correct?
Its not returning what I want, which is a string, instead it returns nothing.

Sorry for all my noob questions, im just the type of person who learns by getting direct answers to questions.

Tutorials and guides often do me no good, except for that one thread you posted.

FYI: base address is 0x00400000 but CheatEngine shows something else.

EDIT2: I searched for the address with CE by adding the pointer to the table of CE and I still get an access violation, with or without SE_DEBUG (vs is ran as admin aswell).

[NullBy7e]

Anyone?