Dream.In.Code > Programming Help > C and C++

Welcome to Dream.In.Code
	Getting C++ Help is Easy! Join 136,533 C++ Programmers for FREE! Get instant access to thousands of C++ experts, tutorials, code snippets, and more! There are 1,792 people online right now. Registration is fast and FREE... Join Now! Chat LIVE With a C++ Expert

Finding memory address

2 Pages

1 2 >

Reply to this topic

Start new topic

Finding memory address

astropirit	22 Aug, 2008 - 12:45 AM Post #1
New D.I.C Head Joined: 22 Aug, 2008 Posts: 13 My Contributions	Greetings mortals. what i am about to ask might sound a Like its been asked before, but its not... i need to change the value of a memory address. say the process name is: "bobdole.exe" (not the same process as the application it self) memory address: "04A96990" memory type: "float" i already know how to do this: i found this code on a tutorial on this site, and managed to fixe it with some help. CODE #include <windows.h> #include <tlhelp32.h> #include <conio.h> #include <stdlib.h> #include <stdio.h> bool ChangeMemVal(const char * ProcessName, LPVOID MemAddress, int NewVal, int size); int main() { printf("=== Pinball Trainer Example. Made by <your name here> ===\n\n"); if(ChangeMemVal("PINBALL.EXE", (void) 0xA90C62, 100000000, 4)) printf("The score has been edited successfully.\n"); else printf("An error occured while attempting edit the score.\n"); system("PAUSE"); return 0; } / This function modifys a memory address according to its arguments. Arguments : ProcessName - the process we want to modify MemAddress - the memory address we want to modify NewVal - the value we want to change the memory address to size - the size of the memory address Returns : the success of the edit. / bool ChangeMemVal(const char ProcessName, LPVOID MemAddress, int NewVal, int size) { HANDLE hProcessSnap; HANDLE hProcess = NULL; PROCESSENTRY32 pe32; hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 ); pe32.dwSize = sizeof( PROCESSENTRY32 ); Process32First(hProcessSnap, &pe32); do { if(!strcmp(pe32.szExeFile, ProcessName)) { hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID); break; } } while(Process32Next(hProcessSnap, &pe32)); CloseHandle( hProcessSnap ); if(hProcess != NULL) { WriteProcessMemory(hProcess, MemAddress, &NewVal, size, NULL); // write the value CloseHandle(hProcess); return true; } return false; } the problem is that the address, sometimes don't stay the same. some addresses change every time the program starts. i know this requires that we know what writes to that address. lets say we know what writes to that address. how would i go about to change this code and make it follow the thing that writes to this address and figure out the address. simplified: address a writes to address b we know wat a is. we try to find b by knowing that a writes to it any help would be greatly appreciated.
	This Post Was Helpful!


Register for Free to Make These Ads Go Away!

gabehabe	RE: Finding Memory Address 22 Aug, 2008 - 03:25 AM Post #2
Donkey DIC Joined: 6 Feb, 2008 Posts: 5,539 Thanked: 98 times Dream Kudos: 2650 Expert In: ruling the world. My Contributions	QUOTE Greetings mortals.
	This Post Was Helpful!

KYA	RE: Finding Memory Address 22 Aug, 2008 - 07:11 AM Post #3
#include <nerd.h> Joined: 14 Sep, 2007 Posts: 4,924 Thanked: 104 times Dream Kudos: 1200 My Contributions	Assuming you have found the variable that writes to the score, you could simply create a pointer to that variable and have it follow it around for the duration of the game.
	This Post Was Helpful!

astropirit	RE: Finding Memory Address 22 Aug, 2008 - 08:24 AM Post #4
New D.I.C Head Joined: 22 Aug, 2008 Posts: 13 My Contributions	QUOTE ou could simply create a pointer to that variable and have it follow it around for the duration of the game. how do i exactly do that?
	This Post Was Helpful!

perfectly.insane	RE: Finding Memory Address 22 Aug, 2008 - 03:25 PM Post #5
D.I.C Addict Joined: 22 Mar, 2008 Posts: 558 Thanked: 46 times Dream Kudos: 25 Expert In: C/C++ My Contributions	If the address of something changes with each run, it would indicate that it's something being dynamically allocated. And even then, it means that it's something more complex than allocating a chunk of memory at the beginning of the program. What this means is that if the address changes, and the address of the variable that holds on to a pointer to this address changes (let's say it's a stack variable), then what you're trying to do is rather difficult. It would be like implementing a debugger.
	This Post Was Helpful!

KYA	RE: Finding Memory Address 22 Aug, 2008 - 04:38 PM Post #6
#include <nerd.h> Joined: 14 Sep, 2007 Posts: 4,924 Thanked: 104 times Dream Kudos: 1200 My Contributions	Yes, but if it is what i think it is (modifying the score for the windows pinball game) then it won't change dynamically at run time, other then the alteration of the value stored in the memory address. Theoretically once the initial address is found it can be further modified accordingly.
	This Post Was Helpful!

astropirit	RE: Finding Memory Address 22 Aug, 2008 - 05:47 PM Post #7
New D.I.C Head Joined: 22 Aug, 2008 Posts: 13 My Contributions	QUOTE Theoretically once the initial address is found it can be further modified accordingly. exactly wat i am going for. i know it has been done before too.
	This Post Was Helpful!

astropirit	RE: Finding Memory Address 25 Aug, 2008 - 01:48 PM Post #8
New D.I.C Head Joined: 22 Aug, 2008 Posts: 13 My Contributions	ok, i figured it out. i found out how to track the address using pointers. i found the pointer with the ofset, it all works good. now my question is: how do i modify this code to work with pointers(with an offset) CODE #include <windows.h> #include <tlhelp32.h> #include <conio.h> #include <stdlib.h> #include <stdio.h> bool ChangeMemVal(const char * ProcessName, LPVOID MemAddress, int NewVal, int size); int main() { printf("=== Pinball Trainer Example. Made by <your name here> ===\n\n"); if(ChangeMemVal("PINBALL.EXE", (void) 0xA90C62, 100000000, 4)) printf("The score has been edited successfully.\n"); else printf("An error occured while attempting edit the score.\n"); system("PAUSE"); return 0; } / This function modifys a memory address according to its arguments. Arguments : ProcessName - the process we want to modify MemAddress - the memory address we want to modify NewVal - the value we want to change the memory address to size - the size of the memory address Returns : the success of the edit. / bool ChangeMemVal(const char ProcessName, LPVOID MemAddress, int NewVal, int size) { HANDLE hProcessSnap; HANDLE hProcess = NULL; PROCESSENTRY32 pe32; hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 ); pe32.dwSize = sizeof( PROCESSENTRY32 ); Process32First(hProcessSnap, &pe32); do { if(!strcmp(pe32.szExeFile, ProcessName)) { hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID); break; } } while(Process32Next(hProcessSnap, &pe32)); CloseHandle( hProcessSnap ); if(hProcess != NULL) { WriteProcessMemory(hProcess, MemAddress, &NewVal, size, NULL); // write the value CloseHandle(hProcess); return true; } return false; }
	This Post Was Helpful!

astropirit	RE: Finding Memory Address 25 Aug, 2008 - 03:43 PM Post #9
New D.I.C Head Joined: 22 Aug, 2008 Posts: 13 My Contributions	Humans i command you to assist me in my quest! sombeody plz help me sob sob sob. cry cry. YELL . cut cut. pass out...
	This Post Was Helpful!

KYA	RE: Finding Memory Address 25 Aug, 2008 - 03:49 PM Post #10
#include <nerd.h> Joined: 14 Sep, 2007 Posts: 4,924 Thanked: 104 times Dream Kudos: 1200 My Contributions	That code does use pointers to achieve its goals. If that snippet works, why screw with it?
	This Post Was Helpful!

astropirit	RE: Finding Memory Address 25 Aug, 2008 - 03:53 PM Post #11
New D.I.C Head Joined: 22 Aug, 2008 Posts: 13 My Contributions	allriht, so i would just use a pointer address instead of the address, but how would i specify the offset?
	This Post Was Helpful!

KYA	RE: Finding Memory Address 25 Aug, 2008 - 04:01 PM Post #12
#include <nerd.h> Joined: 14 Sep, 2007 Posts: 4,924 Thanked: 104 times Dream Kudos: 1200 My Contributions	Ok, I see. Create a pointer to that memory address, and instead of typing in the address use; cpp &ptrName // inside the MemVal parameters Offset depends on what is stored in the memory before inside and after that memory address. for example if we knew it was all char's then each offset would be 1 since a char is 1 byte of memory.
	This Post Was Helpful!

2 Pages

1 2 >

Reply to this topic

Start new topic

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Time is now: 12/2/08 10:14PM

Invision Power Board v2.1.7 © 2008 IPS, Inc.

Licensed to: MediaGroup1

Advertising | Terms of Use | Privacy Policy | About Us | Site Map

Forum Index: Programming Help | C and C++ | Visual Basic | Java | VB.NET | C# | ASP.NET | PHP | ColdFusion | Perl and Python | Ruby | Databases | Other Languages | Game Programming | Software Development | Computer Science | Industry News | Programming Tutorials | C++ Tutorials | Visual Basic Tutorials | Java Tutorials | VB.NET Tutorials | C# Tutorials | PHP Tutorials | Linux Tutorials | ColdFusion Tutorials | Windows Tutorials | HTML/JavaScript Tutorials | CSS Tutorials | Flash Tutorials | Web Promotion Tutorials | Photoshop Tutorials | Software Development Tutorials | Database Tutorials | Other Language Tutorials |

Copyright 2001-2008 MediaGroup1 LLC, All Rights Reserved
A MediaGroup1 LLC Production - Version 6.0.2.1.36

Search^Updated!w00t

Over 509,000 Pages! Advanced Forum Search

Live C++ Help!

C++ Tutorials

Reference Sheets

C++ Snippets

DIC Chatroom

Join our IRC Chat

Bye Bye Ads

Monthly Drawing

Top Contributors

Top 10 Kudos This Month

sharpy (50)
KYA (50)