Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Module + Offset wont work for the life of me

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
lilneo
How do I cheat?
Reputation: 0

Joined: 12 Jun 2012
Posts: 1
PostPosted: Tue Jun 12, 2012 8:27 pm    Post subject: Module + Offset wont work for the life of me Reply with quote
So I have a pointer tree to an address I am trying to access, in Cheat Engine I have this
(dl[.]dropbox[.]com/u/14174746/Pointer.png)
Quote:

Address of Pointer: "Battle.net.dll" + 0x0070FC0C
This pointer points to the address: 03605F80

Then I have a bunch of offsets and further dereferences to get to my actual value. But just looking at this very first offset:
In c++ I am doing
Code:

DWORD *Base = (DWORD*)(GetModuleHandle("Battle.net.dll") + 0x70FC0C);

Without even adding any offsets, that is immediately wrong.

When I output *Base, I get something along the lines of 5b28f030, where the base address of the DLL is 59650000. Yet, doing the math with the values CE gives me it says the base address is 2EF6374.

I tried GetModuleInformation on Battle.net.dll and using the pModInfo.EntryPoint but it's the exact same thing.

Also this isn't an online game, battle.net.dll does not refer to anything online. This is an offline game my friend made.

I've searched every other thread about this but none of them seem to solve the issue. It's driving me crazy, what am I doing wrong?


Edit: I think I got it, it was some messed up pointer addition
Back to top
View user's profile Send private message
Kriogenic
Cheater
Reputation: -1

Joined: 13 Jun 2012
Posts: 36
Location: localhost
PostPosted: Thu Jun 14, 2012 4:37 am    Post subject: Reply with quote
Hey, I was recently trying to figure out the same thing and I came across this block of code

Code:

    DWORD GetModuleBase(LPSTR lpModuleName, DWORD dwProcessId)
    {
    MODULEENTRY32 lpModuleEntry = {0};
    HANDLE hSnapShot = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, dwProcessId );
    if(!hSnapShot)
    return NULL;
    lpModuleEntry.dwSize = sizeof(lpModuleEntry);
    BOOL bModule = Module32First( hSnapShot, &lpModuleEntry );
    while(bModule)
    {
    if(!strcmp( lpModuleEntry.szModule, lpModuleName ) )
    {
    CloseHandle( hSnapShot );
    return (DWORD)lpModuleEntry.modBaseAddr;
    }
    bModule = Module32Next( hSnapShot, &lpModuleEntry );
    }
    CloseHandle( hSnapShot );
    return NULL;
    }


Which works perfectly its usage is this
GetModuleBase("Library.dll", dwProcessId)

I did not write this just finally found it after hours of searching
Back to top
View user's profile Send private message
Fresco
Grandmaster Cheater
Reputation: 4

Joined: 07 Nov 2010
Posts: 600
PostPosted: Sat Jun 16, 2012 11:03 am    Post subject: Reply with quote
read all this
http://forum.cheatengine.org/viewtopic.php?t=552974
the c plus plus part
http://forum.cheatengine.org/viewtopic.php?p=5371592#5371592
_________________
... Fresco
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites