 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
rawgreaze
Expert Cheater
 Reputation: 0
Joined: 23 May 2009
Posts: 108
Location: United Kingdom
|
 Posted: Wed May 13, 2015 4:43 pm Post subject: [C++] Pointers, what? |
 |
|
0x645300 is the pointer. Yes, it's the tutorial.
+480 is the offset.
I'd imagine that 0x645300+0x480 is the code I need in WriteProcessMemory, yet it doesn't work.
If I manually add 0x645300+0x480 and get 0x645780 and use that in my code instead, it doesn't change the actual value, but it does actually change 0x645780, if I check in CE.
So, CEF. What the fuck?
| Code: |
#include <iostream>
#include <Windows.h>
using namespace std;
int main() {
int newValue = 1000;
HWND hWnd = FindWindow(0, "Tutorial-i386");
if(hWnd == 0) {
cerr << "Cannot find window." << endl;
} else {
DWORD pId;
GetWindowThreadProcessId(hWnd, &pId);
HANDLE hProc = OpenProcess(PROCESS_ALL_ACCESS, false, pId);
if (!hProc) {
cerr << "Cannot open process." << endl;
} else {
int isSuccessful = WriteProcessMemory(hProc, (LPVOID)(0x645300+0x480), &newValue, sizeof(newValue), NULL);
if(isSuccessful > 0) {
clog << "Memory edited" << endl;
} else {
cerr << "Cannot write memory" << endl;
}
CloseHandle(hProc);
}
}
return 0;
}
|
_________________
Do not ask Dark Byte about online cheats. He doesn't know any and wont help finding them.[center]
 [/center] |
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 470
Joined: 09 May 2003
Posts: 25812
Location: The netherlands
|
| Posted: Wed May 13, 2015 5:16 pm Post subject: |
|
|
this topic might explain it:
http://forum.cheatengine.org/viewtopic.php?t=422516
(it's not 0x645300+0x480 but [0x645300]+0x480 )
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
rawgreaze
Expert Cheater
Reputation: 0
Joined: 23 May 2009
Posts: 108
Location: United Kingdom
|
| Posted: Wed May 13, 2015 5:20 pm Post subject: |
|
|
| Code: | | ReadProcessMemory(hProc, (LPVOID)[Step1Addr]+0x480, &newValue, sizeof(newValue), NULL); |
gives me "C:\Users\***\Documents\C++\Projects\CETutorialTrainer\CETutorialTrainer\main.cpp|22|error: expected primary-expression before ')' token|"
| Code: | | ReadProcessMemory(hProc, (LPVOID)(Step1Addr)+0x480, &newValue, sizeof(newValue), NULL); |
gives me ReadProcessMemory Returned: 1963524096
EDIT: And I read that topic about 3-4 times but I still find it difficult to understand what you mean :l
_________________
Do not ask Dark Byte about online cheats. He doesn't know any and wont help finding them.[center]
[/center] |
|
| Back to top |
|
|
ulysse31
Master Cheater
![]() Reputation: 2
Joined: 19 Mar 2015
Posts: 324
Location: Paris
|
| Posted: Wed May 13, 2015 5:36 pm Post subject: |
|
|
I had to include pointer finding to my c++ code today and i made this :
| Code: |
void getPointedAddress(int basePointerAddress, DWORD addressConcerned, char offsetNumber, int offset0, int offset1, int offset2, int offset3, int offset4)
{
int valuePointedBuffer(0);
int holdValue(0);
switch (offsetNumber)
{//Dont need to take case 0 into account
case '1':
ReadProcessMemory(hProc, (LPCVOID)basePointerAddress, &valuePointedBuffer, (DWORD)sizeof(readValueX), NULL);
holdValue = valuePointedBuffer + offset0;
break;
case '2':
ReadProcessMemory(hProc, (LPCVOID)basePointerAddress, &valuePointedBuffer, (DWORD)sizeof(readValueX), NULL);
holdValue = valuePointedBuffer + offset0;
ReadProcessMemory(hProc, (LPCVOID)holdValue, &valuePointedBuffer, (DWORD)sizeof(readValueX), NULL);
holdValue = valuePointedBuffer + offset1;
break;
case '3':
ReadProcessMemory(hProc, (LPCVOID)basePointerAddress, &valuePointedBuffer, (DWORD)sizeof(readValueX), NULL);
holdValue = valuePointedBuffer + offset0;
ReadProcessMemory(hProc, (LPCVOID)holdValue, &valuePointedBuffer, (DWORD)sizeof(readValueX), NULL);
holdValue = valuePointedBuffer + offset1;
ReadProcessMemory(hProc, (LPCVOID)holdValue, &valuePointedBuffer, (DWORD)sizeof(readValueX), NULL);
holdValue = valuePointedBuffer + offset2;
break;
case '4':
ReadProcessMemory(hProc, (LPCVOID)basePointerAddress, &valuePointedBuffer, (DWORD)sizeof(readValueX), NULL);
holdValue = valuePointedBuffer + offset0;
ReadProcessMemory(hProc, (LPCVOID)holdValue, &valuePointedBuffer, (DWORD)sizeof(readValueX), NULL);
holdValue = valuePointedBuffer + offset1;
ReadProcessMemory(hProc, (LPCVOID)holdValue, &valuePointedBuffer, (DWORD)sizeof(readValueX), NULL);
holdValue = valuePointedBuffer + offset2;
ReadProcessMemory(hProc, (LPCVOID)holdValue, &valuePointedBuffer, (DWORD)sizeof(readValueX), NULL);
holdValue = valuePointedBuffer + offset3;
//cout << "the adress containing your data is :" << hex << holdValue << endl;
break;
case '5':
ReadProcessMemory(hProc, (LPCVOID)basePointerAddress, &valuePointedBuffer, (DWORD)sizeof(readValueX), NULL);
holdValue = valuePointedBuffer + offset0;
ReadProcessMemory(hProc, (LPCVOID)holdValue, &valuePointedBuffer, (DWORD)sizeof(readValueX), NULL);
holdValue = valuePointedBuffer + offset1;
ReadProcessMemory(hProc, (LPCVOID)holdValue, &valuePointedBuffer, (DWORD)sizeof(readValueX), NULL);
holdValue = valuePointedBuffer + offset2;
ReadProcessMemory(hProc, (LPCVOID)holdValue, &valuePointedBuffer, (DWORD)sizeof(readValueX), NULL);
holdValue = valuePointedBuffer + offset3;
ReadProcessMemory(hProc, (LPCVOID)holdValue, &valuePointedBuffer, (DWORD)sizeof(readValueX), NULL);
holdValue = valuePointedBuffer + offset4;
break;
}
bufferAddress = holdValue;
} |
I am guessing what you're trying is very similar ?
Hope that can help (readValueX is just a 4 bytes variable)
edit :
this will store in bufferAddress the address which holds the value you want.
Code isn't optimised at all but it does the job, also u call it like this :
| Code: | getPointedAddress(0x02174CC8, hpValueAddress, '4', 0x14, 0x40, 0x10, 0x48, 0x0);
hpValueAddress = bufferAddress; |
Last edited by ulysse31 on Wed May 13, 2015 5:41 pm; edited 1 time in total |
|
| Back to top |
|
|
rawgreaze
Expert Cheater
Reputation: 0
Joined: 23 May 2009
Posts: 108
Location: United Kingdom
|
| Posted: Wed May 13, 2015 5:40 pm Post subject: |
|
|
| ulysse3131 wrote: | I had to include pointer finding to my c++ code today and i made this :
-snip- |
I appreciate it, but I'd rather do it manually as I'm trying to learn C++ and ripping code won't really help me understand it.
But what I saw from that is that I must read, and use (for me) newValue + BaseAddress or what to get pointer?
_________________
Do not ask Dark Byte about online cheats. He doesn't know any and wont help finding them.[center]
[/center] |
|
| Back to top |
|
|
ulysse31
Master Cheater
![]() Reputation: 2
Joined: 19 Mar 2015
Posts: 324
Location: Paris
|
| Posted: Wed May 13, 2015 5:45 pm Post subject: |
|
|
| bfoster15no2 wrote: | | ulysse3131 wrote: | I had to include pointer finding to my c++ code today and i made this :
-snip- |
I appreciate it, but I'd rather do it manually as I'm trying to learn C++ and ripping code won't really help me understand it.
But what I saw from that is that I must read, and use (for me) newValue + BaseAddress or what to get pointer? |
you said :
"0x645300 is the pointer. Yes, it's the tutorial.
+480 is the offset. "
So here :
baseAddress = 0x00645300;
offset1 = 0x480;
What you wanna do :
You want to read base address 0x00645300 and the value it holds you take it and you add 0x480 to it.
So if base address holds 0x0204c4e5, this would mean now you are interested in :
0x0204c4e5 + 0x480 = 0x204C965 |
|
| Back to top |
|
|
rawgreaze
Expert Cheater
Reputation: 0
Joined: 23 May 2009
Posts: 108
Location: United Kingdom
|
| Posted: Wed May 13, 2015 5:48 pm Post subject: |
|
|
| ulysse3131 wrote: | | bfoster15no2 wrote: | | ulysse3131 wrote: | I had to include pointer finding to my c++ code today and i made this :
-snip- |
I appreciate it, but I'd rather do it manually as I'm trying to learn C++ and ripping code won't really help me understand it.
But what I saw from that is that I must read, and use (for me) newValue + BaseAddress or what to get pointer? |
you said :
"0x645300 is the pointer. Yes, it's the tutorial.
+480 is the offset. "
So here :
baseAddress = 0x00645300;
offset1 = 0x480;
What you wanna do :
You want to read base address 0x00645300 and the value it holds you take it and you add 0x480 to it.
So if base address holds 0x0204c4e5, this would mean now you are interested in :
0x0204c4e5 + 0x480 = 0x204C965 |
I did this, but value was 1000 :L
_________________
Do not ask Dark Byte about online cheats. He doesn't know any and wont help finding them.[center]
[/center] |
|
| Back to top |
|
|
ulysse31
Master Cheater
![]() Reputation: 2
Joined: 19 Mar 2015
Posts: 324
Location: Paris
|
| Posted: Wed May 13, 2015 5:57 pm Post subject: |
|
|
Maybe because you chose wrong baseAdress / offset ?
if your scantable gave you more than 1 result and the first one does not work make sure to check the other ones, unlike what tutorial text says it's quite often not the first displayed result which works |
|
| Back to top |
|
|
rawgreaze
Expert Cheater
Reputation: 0
Joined: 23 May 2009
Posts: 108
Location: United Kingdom
|
| Posted: Wed May 13, 2015 5:58 pm Post subject: |
|
|
| ulysse3131 wrote: | Maybe because you chose wrong baseAdress / offset ?
if your scantable gave you more than 1 result and the first one does not work make sure to check the other ones, unlike what tutorial text says it's quite often not the first displayed result which works |
The pointer works in CE.
Open the tutorial and use the same pointer/offset, it will work (Step2)
_________________
Do not ask Dark Byte about online cheats. He doesn't know any and wont help finding them.[center]
[/center] |
|
| Back to top |
|
|
ulysse31
Master Cheater
![]() Reputation: 2
Joined: 19 Mar 2015
Posts: 324
Location: Paris
|
| Posted: Wed May 13, 2015 6:11 pm Post subject: |
|
|
I have this base address when I do it :
002A6C58
Offset 480
base address is computer dependant so it doesn't mean anything
edit :
aha, i think i got it.
I think you are trying to find a pointer where there is no pointer to be found.
here there is just an offset and a memory adress.
A pointer is when a memory address has a value which corresponds to another memory address, to which you add an offset.
Go further in the steps of the tutorial to get pointers
tldr :
here the address that has your value will be this :
baseAddress + 0x480
but this is not a pointer as players usually name them ; here it's just a register value pointing to an address so if you wanted to use c++ readMemory here you would have to read the memory of a register and then add the offset to the buffer. you really should go step 4-5-6 where there are pointers that will fit your need
Last edited by ulysse31 on Wed May 13, 2015 6:52 pm; edited 5 times in total |
|
| Back to top |
|
|
rawgreaze
Expert Cheater
Reputation: 0
Joined: 23 May 2009
Posts: 108
Location: United Kingdom
|
| Posted: Wed May 13, 2015 6:13 pm Post subject: |
|
|
| ulysse3131 wrote: | I have this base address when I do it :
002A6C58
Offset 480
base address is computer dependant so it doesn't mean anything |
So my pointers are different than yours? wat
_________________
Do not ask Dark Byte about online cheats. He doesn't know any and wont help finding them.[center]
[/center] |
|
| Back to top |
|
|
Zanzer
I post too much
![]() Reputation: 126
Joined: 09 Jun 2013
Posts: 3278
|
| Posted: Wed May 13, 2015 8:13 pm Post subject: |
|
|
As Dark Byte had pointed out, the address you want is actually the value stored at the address 0x645300.
So you first want to read the value at that address, alone.
Then, add 0x480 to that returned value.
Now use that total as the address in a second read.
That will give you the value at the [pointer]+offset. |
|
| Back to top |
|
|
rawgreaze
Expert Cheater
Reputation: 0
Joined: 23 May 2009
Posts: 108
Location: United Kingdom
|
| Posted: Thu May 14, 2015 3:30 am Post subject: |
|
|
| Zanzer wrote: | As Dark Byte had pointed out, the address you want is actually the value stored at the address 0x645300.
So you first want to read the value at that address, alone.
Then, add 0x480 to that returned value.
Now use that total as the address in a second read.
That will give you the value at the [pointer]+offset. |
I thought I understood, but :L
| Code: | DWORD Step2Addr = 0x00645300;
DWORD baseAddr;
DWORD AddrToMod;
ReadProcessMemory(hProc, (LPVOID)Step2Addr, &baseAddr, sizeof(newValue), NULL);
cout << "ReadProcessMemory Returned: " << baseAddr << endl;
ReadProcessMemory(hProc, (LPVOID)baseAddr+480, &AddrToMod, sizeof(newValue), NULL);
cout << "ReadProcessMemory Returned: " << AddrToMod << endl;
int isSuccessful = WriteProcessMemory(hProc, (LPVOID)AddrToMod, &newValue, sizeof(newValue), NULL); |
gives me
| Code: | ReadProcessMemory Returned: 24864712
ReadProcessMemory Returned: 0
Cannot write memory
Process returned 0 (0x0) execution time : 0.015 s
Press any key to continue. |
EDIT: I just realized I wasn't adding 0x480, but 480.
But it shouldn't really matter as the baseaddr is wrong?
_________________
Do not ask Dark Byte about online cheats. He doesn't know any and wont help finding them.[center]
[/center] |
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 470
Joined: 09 May 2003
Posts: 25812
Location: The netherlands
|
| Posted: Thu May 14, 2015 4:44 am Post subject: |
|
|
remove the second readprocessmemory
and change the address of writeprocessmemory to (LPVOID)baseAddr+0x480
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
rawgreaze
Expert Cheater
Reputation: 0
Joined: 23 May 2009
Posts: 108
Location: United Kingdom
|
| Posted: Thu May 14, 2015 11:05 am Post subject: |
|
|
| Dark Byte wrote: | remove the second readprocessmemory
and change the address of writeprocessmemory to (LPVOID)baseAddr+0x480 |
Worked.
You, sir, are a fucking God.
I appreciate what you do 
_________________
Do not ask Dark Byte about online cheats. He doesn't know any and wont help finding them.[center]
[/center] |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
