ReadProcessMemory from a .DLL with offset
ReadProcessMemory from a .DLL with offset
Hello,
i am kinda stuck with my function.
i want to read out a string from the game SAMP.
Found it in CE and looks exactly like this:
It is pretty easy to read out the memory from only a window, but reading with a pointer from a .DLL is a bit too unknow for me.
So far i got the GetModuleBaseAddress function:
and this is in my main function:
hopefully some nice guy can post me an example or something where i can look up, how this works.
i am kinda stuck with my function.
i want to read out a string from the game SAMP.
Found it in CE and looks exactly like this:
It is pretty easy to read out the memory from only a window, but reading with a pointer from a .DLL is a bit too unknow for me.
So far i got the GetModuleBaseAddress function:
Code:
DWORD GetModuleBaseAddress(LPCWSTR szProcessName, LPCWSTR szModuleName)
{
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
PROCESSENTRY32 pe32;
if (hSnap == INVALID_HANDLE_VALUE)
{
return 0;
}
pe32.dwSize = sizeof(PROCESSENTRY32);
if (Process32First(hSnap, &pe32) == 0)
{
CloseHandle(hSnap);
return 0;
}
do
{
if (lstrcmp(pe32.szExeFile, szProcessName) == 0)
{
int PID;
PID = pe32.th32ProcessID;
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, PID);
MODULEENTRY32 xModule;
if (hSnap == INVALID_HANDLE_VALUE)
{
return 0;
}
xModule.dwSize = sizeof(MODULEENTRY32);
if (Module32First(hSnap, &xModule) == 0)
{
CloseHandle(hSnap);
return 0;
}
do
{
if (lstrcmp(xModule.szModule, szModuleName) == 0)
{
CloseHandle(hSnap);
return (DWORD)xModule.modBaseAddr;
}
} while (Module32Next(hSnap, &xModule));
CloseHandle(hSnap);
return 0;
}
} while (Process32Next(hSnap, &pe32));
CloseHandle(hSnap);
return 0;
}
Code:
pHandle = OpenProcess(PROCESS_ALL_ACCESS | PROCESS_VM_OPERATION, TRUE, pId); DWORD ADDR; DWORD SAMPDLLBASE = GetModuleBaseAddress(L"GTA:SA:MP", L"samp.dll"); const char* ServerString; ReadProcessMemory(pHandle, (LPVOID)(SAMPDLLBASE + 0x21A0F8), (LPVOID)&ADDR, sizeof(ADDR), NULL); ADDR += 121; ReadProcessMemory(pHandle, (LPVOID)(ADDR), (LPVOID)&ServerString, sizeof(ServerString), NULL); cout << ServerString;
Code:
#include "stdafx.h"
#include <windows.h>
#include <iostream>
#include <stdio.h>
#include <TlHelp32.h>
__int64 GetModuleBaseAddress(LPCWSTR szProcessName, LPCWSTR szModuleName)
{
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
PROCESSENTRY32 pe32;
if (hSnap == INVALID_HANDLE_VALUE)
{
return 0;
}
pe32.dwSize = sizeof(PROCESSENTRY32);
if (Process32First(hSnap, &pe32) == 0)
{
CloseHandle(hSnap);
return 0;
}
do
{
if (lstrcmp(pe32.szExeFile, szProcessName) == 0)
{
int PID;
PID = pe32.th32ProcessID;
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, PID);
MODULEENTRY32 xModule;
if (hSnap == INVALID_HANDLE_VALUE)
{
return 0;
}
xModule.dwSize = sizeof(MODULEENTRY32);
if (Module32First(hSnap, &xModule) == 0)
{
CloseHandle(hSnap);
return 0;
}
do
{
if (lstrcmp(xModule.szModule, szModuleName) == 0)
{
CloseHandle(hSnap);
return (__int64)xModule.modBaseAddr;
}
} while (Module32Next(hSnap, &xModule));
CloseHandle(hSnap);
return 0;
}
} while (Process32Next(hSnap, &pe32));
CloseHandle(hSnap);
return 0;
}
int main()
{
wchar_t* wCharWindowName = L"Grand Theft Auto V";
wchar_t* GameTitle = L"GTA5.exe";
HWND WindowHandle = FindWindow(NULL, wCharWindowName);
__int64 baseaddr = GetModuleBaseAddress(GameTitle, GameTitle);
DWORD PlayerInfo = 0x1B29400;
DWORD PlayerOffset = 0x280;
float value = 0;
DWORD pid;
GetWindowThreadProcessId(WindowHandle, &pid);
HANDLE phandle = OpenProcess(PROCESS_ALL_ACCESS, 0, pid);
while (1)
{
float Life = 0;
__int64 pLifeAddress = 0;
ReadProcessMemory(phandle, (void*)(baseaddr + PlayerInfo), &pLifeAddress, sizeof(pLifeAddress), 0);
ReadProcessMemory(phandle, (void*)(pLifeAddress + PlayerOffset), &Life, sizeof(Life), 0);
std::cout << "Life: "<< Life << "\n";
Sleep(1000);
}
return 0;
}
Life: 200
Life: 200
...
Originally Posted by MikeRohsoft
Code:
#include "stdafx.h"
#include <windows.h>
#include <iostream>
#include <stdio.h>
#include <TlHelp32.h>
__int64 GetModuleBaseAddress(LPCWSTR szProcessName, LPCWSTR szModuleName)
{
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
PROCESSENTRY32 pe32;
if (hSnap == INVALID_HANDLE_VALUE)
{
return 0;
}
pe32.dwSize = sizeof(PROCESSENTRY32);
if (Process32First(hSnap, &pe32) == 0)
{
CloseHandle(hSnap);
return 0;
}
do
{
if (lstrcmp(pe32.szExeFile, szProcessName) == 0)
{
int PID;
PID = pe32.th32ProcessID;
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, PID);
MODULEENTRY32 xModule;
if (hSnap == INVALID_HANDLE_VALUE)
{
return 0;
}
xModule.dwSize = sizeof(MODULEENTRY32);
if (Module32First(hSnap, &xModule) == 0)
{
CloseHandle(hSnap);
return 0;
}
do
{
if (lstrcmp(xModule.szModule, szModuleName) == 0)
{
CloseHandle(hSnap);
return (__int64)xModule.modBaseAddr;
}
} while (Module32Next(hSnap, &xModule));
CloseHandle(hSnap);
return 0;
}
} while (Process32Next(hSnap, &pe32));
CloseHandle(hSnap);
return 0;
}
int main()
{
wchar_t* wCharWindowName = L"Grand Theft Auto V";
wchar_t* GameTitle = L"GTA5.exe";
HWND WindowHandle = FindWindow(NULL, wCharWindowName);
__int64 baseaddr = GetModuleBaseAddress(GameTitle, GameTitle);
DWORD PlayerInfo = 0x1B29400;
DWORD PlayerOffset = 0x280;
float value = 0;
DWORD pid;
GetWindowThreadProcessId(WindowHandle, &pid);
HANDLE phandle = OpenProcess(PROCESS_ALL_ACCESS, 0, pid);
while (1)
{
float Life = 0;
__int64 pLifeAddress = 0;
ReadProcessMemory(phandle, (void*)(baseaddr + PlayerInfo), &pLifeAddress, sizeof(pLifeAddress), 0);
ReadProcessMemory(phandle, (void*)(pLifeAddress + PlayerOffset), &Life, sizeof(Life), 0);
std::cout << "Life: "<< Life << "\n";
Sleep(1000);
}
return 0;
}
Life: 200
Life: 200
...
or should i just replace GTA5.exe with my dll?
Originally Posted by LEZIK
that would prob. fix my problem with the offset but not with .dll.
or should i just replace GTA5.exe with my dll?
Create a new Pointer in CE, insert "samp.dll" in this and writedown the Integer
If your variable SAMPDLLBASE output of cout is the same, you got it
Code:
DWORD SAMPDLLBASE = GetModuleBaseAddress(L"GTA:SA:MP", L"samp.dll"); std::cout << SAMPDLLBASE << "\n";
Read String:
Code:
char* buffer = new char[1]; ReadProcessMemory(phandle, (void*)(baseaddr + 0x23713DE), &buffer[0], 10, 0); std::cout << "PlayerName: " << buffer;
Found my mistake already some time ago, just want to clear things out and post my solution.
The function GetModuleBaseAddress() was right but it gave me no value back.
Thats when i realized, that i don't need to put in the window name rather the name of the .exe.
So in my case it was gta_sa.exe.
/close
The function GetModuleBaseAddress() was right but it gave me no value back.
Thats when i realized, that i don't need to put in the window name rather the name of the .exe.
So in my case it was gta_sa.exe.
Code:
DWORD SAMPDLLBASE = GetModuleBaseAddress(L"gta_sa.exe", L"samp.dll");
Where I Need Put The Value?
Your Is Float how about 4bytes
What is in your dll?
Did you make it?
Is it re-used code?
What is your knowledge of pointers? Is it small?
Did you make it?
Is it re-used code?
What is your knowledge of pointers? Is it small?
Similar Threads
- 5Last post
- 11Last post
- 5Last post
- 19Last post
- 1Last post