Write protected memory.

**pyton789** · 04-24-2011

I have found some addresses in CoD Black Ops that I would like to use in my trainer.
The problem is that they are write protected. That means that cheat engine can change them, but I can't find a way to do it with VB.net
Where I found the address

FLD DWORD PTR DS:[9E1E18]

I can easily write to a normal address so the only problem is that it is write protected.
Cheat engine has no problem with doing this and it is open source. But CE was written in Delphi so I can't understand any of it.

I hope someone who knows more about this is able to help me.

**[MPGH]master131** · 04-24-2011

Maybe @Hell_Demon might be able to helps.

**Hell_Demon** · 04-24-2011

VirtualProtectEx Function (Windows)

Don't know how to use it from VB though

**[MPGH]master131** · 04-24-2011

C++ Example of usage.

**♪~ ᕕ(ᐛ)ᕗ** · 04-24-2011

@Hell_Demon

Code:

Public Declare Function VirtualProtectEx Lib "kernel32" (ByVal hProcess As IntPtr, ByVal lpAddress As Integer, ByVal dwSize As Integer, ByVal flNewProtect As Integer, <Out>ByRef lpflOldProtect As Integer) As Boolean

See?

EDIT: Import System****ntime.InteropServices, (idk if i spelled good )

**[MPGH]master131** · 04-24-2011

I didn't mean that. -.-

[highlight=vb.net]<DllImport("kernel32.dll", CharSet:=CharSet.Auto, SetLastError:=True)> _
Public Shared Function VirtualProtectEx(ByVal hProcess As IntPtr, ByVal lpAddress As IntPtr, ByVal dwSize As IntPtr, ByVal flNewProtect As UInteger, ByRef lpflOldProtect As UInteger) As Boolean
End Function

<DllImport("kernel32.dll")> _
Private Shared Function OpenProcess(ByVal dwDesiredAccess As Integer, <MarshalAs(UnmanagedType.Bool)> ByVal bInheritHandle As Boolean, ByVal dwProcessId As Integer) As IntPtr
End Function

Private Const PROCESS_ALL_ACCESS As Integer = &H1F0FFF
Private Const PAGE_EXECUTE_READWRITE As UInteger = &H40
Private Sub doShit()
Dim processName As String = "BlackOps"
Dim address As String = "&H1BADDSA"
Dim processHandle As IntPtr = OpenProcess(PROCESS_ALL_ACCESS, False, Process.GetProcessesByName(processName)(0).Id)
If processHandle = IntPtr.Zero Then
MsgBox("Access is denied!", MsgBoxStyle.Critical)
Exit Sub
End If
Dim oldProtect As UInteger
Dim vpEx As Boolean = VirtualProtectEx(processHandle, New IntPtr(CInt(address)), New IntPtr(4), PAGE_EXECUTE_READWRITE, oldProtect) 'Remove write-protect attributes
If vpEx = False Then
MsgBox("An error has occured! Error Code: " & Err.LastDllError, MsgBoxStyle.Critical)
Exit Sub
End If
'Change the address value here, add the code in yourself
VirtualProtectEx(processHandle, New IntPtr(CInt(address)), New IntPtr(4), oldProtect, 0) 'Restore write-protect attributes
End Sub[/highlight]

Written from the top of my head, haven't tested it. Thanks to HD for helping meh a lil.

**♪~ ᕕ(ᐛ)ᕗ** · 04-24-2011

Originally Posted by master131

I didn't mean that. -.-

[highlight=vb.net]<DllImport("kernel32", CharSet:=CharSet.Auto, SetLastError:=True)> _
Public Shared Function VirtualProtectEx(ByVal hProcess As IntPtr, ByVal lpAddress As IntPtr, ByVal dwSize As IntPtr, ByVal flNewProtect As UInteger, ByRef lpflOldProtect As UInteger) As Boolean
End Function

<DllImport("kernel32.dll")> _
Private Shared Function OpenProcess(ByVal dwDesiredAccess As Integer, <MarshalAs(UnmanagedType.Bool)> ByVal bInheritHandle As Boolean, ByVal dwProcessId As Integer) As IntPtr
End Function

Private Const PROCESS_ALL_ACCESS As Integer = &H1F0FFF
Private Const PAGE_EXECUTE_READWRITE As UInteger = &H40
Private Sub doShit()
Dim processName As String = "BlackOps"
Dim address As String = "&H1BADDSA"
Dim processHandle As IntPtr = OpenProcess(PROCESS_ALL_ACCESS, False, Process.GetProcessesByName(processName)(0).Id)
If processHandle = IntPtr.Zero Then
MsgBox("Access is denied!", MsgBoxStyle.Critical)
Exit Sub
End If
Dim oldProtect As UInteger
Dim vpEx As IntPtr = VirtualProtectEx(processHandle, New IntPtr(CInt(address)), New IntPtr(4), PAGE_EXECUTE_READWRITE, oldProtect) 'Remove write-protect attributes
If vpEx = IntPtr.Zero Then
MsgBox("An error has occured! Error Code: " & Err.LastDllError, MsgBoxStyle.Critical)
Exit Sub
End If
'Change the address value here
VirtualProtectEx(processHandle, New IntPtr(CInt(address)), New IntPtr(4), oldProtect, 0) 'Restore write-protect attributes
End Sub[/highlight]

Written from the top of my head, haven't tested it. Thanks to HD for helping meh a lil.

Was talking to pyton. Also u shud assign a value to oldProtect otherwise it will show u a error. Make it zero. The rest seems to have sense, but I think pyton can do it by himself he isn't a noob ;D

**[MPGH]master131** · 04-24-2011

It's used in a ByRef Parameter, who cares. -.- If it fails it will just be assigned 0.

**♪~ ᕕ(ᐛ)ᕗ** · 04-24-2011

Originally Posted by master131

It's used in a ByRef Parameter, who cares. -.- If it fails it will just be assigned 0.

too bad when I do et, it shows me error. And it's same for ReadProcessMemory(). aww

**[MPGH]master131** · 04-24-2011

Oh craps, found a mistake in my code.

(You can't convert a boolean to a pointer *cough* fail)

/fixed

What do you mean error?

**♪~ ᕕ(ᐛ)ᕗ** · 04-24-2011

Originally Posted by master131

Oh craps, found a mistake in my code. (You can't convert a boolean to a pointer *cough* fail)

/fixed

What do you mean error?

Error: XXX is used before it's assigned a value.

**[MPGH]master131** · 04-24-2011

LOL, I didn't get that error.

You must assign all datatypes a value before you use them unless you definately know that it will always be assigned a value no matter what.

**wtfiwantthatname** · 04-24-2011

Did you debug the code in Visual Studio to test it?

**Hell_Demon** · 04-24-2011

Originally Posted by wtfiwantthatname

Did you debug the code in Visual Studio to test it?

Why the fuck would you want to debug it >.<

**pyton789** · 04-24-2011

Looks good.

I didn't expect that much response so fast.

I will try it out later.

Thread: Write protected memory.

Thread Tools

Display

Write protected memory.

The Following User Says Thank You to master131 For This Useful Post: