Results 1 to 3 of 3
  1. 08-12-2012 #1
    Jabberwock
    Jabberwock is offline
    Blackhat Hacker
    MPGH Member
    Jabberwock's Avatar
    Join Date
    Jun 2012
    Gender
    male
    Posts
    1,735
    Reputation
    191
    Thanks
    15,692
    My Mood
    Relaxed
    Send a message via Birdie™ to Jabberwock Japan

    Accessing another process's pointers from a trainer

    Hi guys it's me again.
    I know how to access pointers from a DLL. But from a trainer this is a first to me. In DLL I use the "GetModuleHandle" function to get the client offset, so I'm trying to do the same here, just differently with the use of the "GetModuleHandleEx" function. But I get an error "Couldn't find module", therefore I need your help.

    Code:
    void mainP()
{
	HWND hWnd = FindWindow(NULL, "Alliance of Valiant Arms");

	if (!hWnd)
	{
		MessageBox(NULL, "Couldn't find AVA window.", "Error", MB_OK | MB_ICONERROR);
		return;
	}

	unsigned long pId;
	GetWindowThreadProcessId(hWnd, &pId);
	HANDLE hProc = OpenProcess(PROCESS_VM_WRITE | PROCESS_VM_OPERATION, false, pId);

	if (!hProc)
	{
		MessageBox(NULL, "Couldn't open the process.", "Error", MB_OK | MB_ICONERROR);
		return;
	}

	HMODULE module;

	if (GetModuleHandleEx(0, "AVA.exe", &module) == NULL)
		ShowErr();

	unsigned long dwPointer;
	ReadProcessMemory( hProc, (PVOID)0x01BFC478, &dwPointer, 4, 0 );

	MessageBox(NULL, "point " + (unsigned long)dwPointer, "Error", MB_OK | MB_ICONERROR);

	CloseHandle(hProc);
}
    Last edited by 'Bruno; 08-13-2012 at 04:06 AM.
    Reply With Quote Reply With Quote
  2. 08-12-2012 #2
    radnomguywfq3
    radnomguywfq3 is offline
    MPGH God IV
    MPGH Member
    radnomguywfq3's Avatar
    Join Date
    Jan 2007
    Gender
    male
    Location
    J:\E\T\A\M\A\Y.exe
    Posts
    8,858
    Reputation
    381
    Thanks
    1,823
    My Mood
    Sad
    Send a message via Birdie™ to radnomguywfq3 Canada
    The executable image usually has its sections loaded at the base address of 0x400000 99% of the time; i.e you don't need to find the base address, you can just assume that it is 0x400000.

    Technically, you need to read ImageBase which will tell you the base address of the image, but by default (and there is no reason to do otherwise) it will aways be 0x400000. DLLs usually take advantage of this to avoid being relocated (which can significantly increase load time.)

    The reason GetModuleHandleEx doesn't work is because you aren't in the targets address-space; this API only works on the current address-space (your application.)


    You can also use EnumProcessModules as a substitute for GetModuleHandle, which will return a list of handles to all the modules loaded in the target's address space, then you can use GetModuleBaseName to filter the modules by name.
    Last edited by radnomguywfq3; 08-12-2012 at 02:12 PM.



    There are two types of tragedies in life. One is not getting what you want, the other is getting it.

    If you wake up at a different time in a different place, could you wake up as a different person?

    Reply With Quote Reply With Quote

  3. The Following User Says Thank You to radnomguywfq3 For This Useful Post:

    Jabberwock (08-12-2012)
  4. 08-13-2012 #3
    'Bruno
    'Bruno is offline
    We are the MINIONFORCE
    MPGH Member
    'Bruno's Avatar
    Join Date
    Dec 2009
    Gender
    male
    Location
    Portugal
    Posts
    2,883
    Reputation
    290
    Thanks
    1,036
    My Mood
    Busy
    Send a message via Birdie™ to 'Bruno Portugal
    I guess Jeta explained it well, and since you thanked him I will mark as solved.
    Light travels faster than sound. That's why most people seem bright until you hear them speak.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Similar Threads

  1. How to use pointer from CheatEngine in C#
    By pakistanihaider in forum Call of Duty Modern Warfare 3 Coding, Programming & Source Code
    Replies: 24
    Last Post: 08-06-2012, 02:15 PM
  2. [Help] Dealing with pointers from a dll
    By ctpsolo in forum C++/C Programming
    Replies: 11
    Last Post: 01-26-2010, 11:19 PM
  3. [Tutorial(C++)]How to call functions within another process
    By radnomguywfq3 in forum Programming Tutorials
    Replies: 4
    Last Post: 07-08-2008, 07:33 PM
  4. If i make uce from guide in topic- he can make trainer?
    By V1olATor in forum WarRock - International Hacks
    Replies: 6
    Last Post: 04-27-2007, 11:41 AM