Solved C++ Writing Multi Level Pointer?

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

baseball435

Newbie
Full Member
Jun 3, 2012
16
322
0
Hey everyone, so I am practically done a hack for a game but I am coming across a problem. I have a multi level pointer that is the enemy base address but I can't figure out how to write to it using C++. I can write to addresses with one offset but I dont know how to with two offsets and I have been searching for about 2 hours or so. On cheat engine the multi level pointer looks like this:



The addresses for the enemy base and the other offsets are below:
C++:
DWORD ENEMY_BASE = 0x00400000 + 0x000E5F00; //The enemy base
DWORD OFFSET_1 = 0x0; //First Offset to the enemy base
DWORD HP_OFFSET = 0xF4 //Second offset
The function I use to write to a pointer is below:
C++:
bool WritePointer(unsigned long ulBase, int iOffset, int iValue)
{
  __try { *(int*)(*(unsigned long*)ulBase + iOffset) = iValue; return true; }
  __except (EXCEPTION_EXECUTE_HANDLER) { return false; }
}
I need the address of a pointer. So practically:
C++:
DWORD ENEMY = 0x00400000 + 0x000E5F00; //Base address
DWORD ENEMY_OFFSET = 0x0;
DWORD ENEMY_BASE = //Address of ENEMY with the ENEMY_OFFSET
I need to get the address of the ENEMY with the ENEMY_OFFSET. So not the value, the address.

If someone could pleaseee help me and provide a function it would be awesome. Thanks a lot!
~Baseball435
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,371
78,998
2,414
Last edited:

sakino

Newbie
Aug 26, 2012
4
212
0
I am not an expert coder but i stumbled across this code a couple weeks back and it works with multilevel.
Good luck.

C++:
#include <windows.h>
#include <iostream>
using namespace std;



int main()
{
    DWORD baseAddress = 0xFF1DAA38;//always changing
    DWORD offset1 = 0x18;
    DWORD offset2 = 0x20;
    DWORD pAddress1;
    DWORD pAddress2;

    float value = 0;
    DWORD pid;
    HWND hwnd;

    hwnd = FindWindow(NULL,"Minesweeper");
    if(!hwnd)//didn't find the window
    {
        cout <<"Window not found!\n";
        cin.get();
    }
    else
    {
        GetWindowThreadProcessId(hwnd,&pid);
        HANDLE phandle = OpenProcess(PROCESS_VM_READ,0,pid);//get permission to read
        if(!phandle)//failed to get permission
        {
            cout <<"Could not get handle!\n";
            cin.get();
        }
        else
        {
            ReadProcessMemory(phandle,(void*)(baseAddress),&pAddress1,sizeof(pAddress1),0);
            ReadProcessMemory(phandle,(void*)(pAddress1 + offset1),&pAddress2,sizeof(pAddress2),0);
            while(1)
            {
                ReadProcessMemory(phandle,(void*)(pAddress2 + offset2),&value,sizeof(value),0);
                cout << value << "\n";
                Sleep(1000);
            }
        }
    }
}


https://stackoverflow.com/questions/10056641/getting-base-address-of-a-process
 

BlackPitchPL

Coder
Full Member
Nobleman
May 24, 2012
166
783
1
I think ill make a tut for how to access multi level pointers coz you r 3rd person asking same question. So lets go

C++:
#define DEF_PLAYERBASE     0x18FAA0 // your base
#define off_1 0x022030
#define off_2 0x33223
//than
in your hacks func
*(INT*)(DEF_PLAYERBASE+off_1+off_2)  = 100;
But in your code i see that you dont need first address because base + 0 is still base :p try to add 0xf4 just after base and see if it works too
 
Last edited by a moderator:

TheTime

Newbie
Jul 8, 2012
3
2,038
0
A very simple solution found in a public source code by Fleep :

C++:
DWORD hackBaseAddress = {0x00000000}; 
DWORD hackOffsets[] = {0x1, 0x2, 0x3}; //3 LEVEL pointer


void WriteToMemory(DWORD addressToWrite, char* valueToWrite, int byteNum)
{
    //used to change our file access type, stores the old
    //access type and restores it after memory is written
    unsigned long OldProtection;
    //give that address read and write permissions and store the old permissions at oldProtection
    VirtualProtect((LPVOID)(addressToWrite), byteNum, PAGE_EXECUTE_READWRITE, &OldProtection);
             
    //write the memory into the program and overwrite previous value
    memcpy( (LPVOID)addressToWrite, valueToWrite, byteNum);

    //reset the permissions of the address back to oldProtection after writting memory
    VirtualProtect((LPVOID)(addressToWrite), byteNum, OldProtection, NULL);
}

DWORD FindDmaAddy(int PointerLevel, DWORD Offsets[], DWORD BaseAddress)
{
    //DEFINES OUR ADDRESS to write to 
    //if statements are crucial to make sure that the address is valid to write 
    //otherwise we crash. Address will not be valid when things like map changes or game loads are happening
    DWORD Ptr = *(DWORD*)(BaseAddress); //Base Address
    if(Ptr == 0) return NULL;//prevent crash

    //this is done to allow us to have pointers up to many levels e.g.10 
    for(int i = 0; i < PointerLevel; i ++)
    {
        //if it = PointerLevel-1 then it reached the last element of the array
        //therefore check if that address plus the offset is valid and leave the loop
        if(i == PointerLevel-1)
        {
            //!!make sure the last address doesnt have the asterisk on DWORD otherwise incoming crash
            Ptr = (DWORD)(Ptr+Offsets[i]);  //Add the final offset to the pointer
            if(Ptr == 0) return NULL;//prevent crash
            //we here return early because when it hits the last element 
            //we want to leave the loop, specially adapted for offsets of 1
            return Ptr;
        }
        else
        {
            //if its just a normal offset then add it to the address
            Ptr = *(DWORD*)(Ptr+Offsets[i]); //Add the offsets
            if(Ptr == 0) return NULL;//prevent crash
        }
    }
    return Ptr;
}
Simple usage :

C++:
if(GetAsyncKeyState(VK_F2))
{        
    WriteToMemory(FindDmaAddy(3, hackOffsets, hackBaseAddress), "\x0", 1); // Number of Levels, hackOffsets, hackBaseAddress, Value, Number of bytes
}
And don't forget to check for null / inexistent pointer to avoid game crashes :

C++:
if(GetAsyncKeyState(VK_F2))
{
    DWORD base = *(DWORD*)hackBaseAddress;
    if(base  != 0)
    {
        WriteToMemory(FindDmaAddy(3, hackOffsets, hackBaseAddress), "\x0", 1);
    }
}
 
Last edited:

Glenox

Newbie
Full Member
Sep 8, 2012
7
488
0
if(GetAsyncKeyState(VK_F2))
{
DWORD base = *(DWORD*)hackBaseAddress;
if(base != 0)
{
WriteToMemory(FindDmaAddy(3, hackOffsets, hackBaseAddress), "\x0", 1);
}
}

im using this code!!! but the game is crash?? why?
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods