Solved Finding simpe base address.

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

Onsed1970

Newbie
Aug 10, 2015
19
433
1
I've created a simple C++ output program.

int x = 5;
std::cout << &x << " = " << x;

I managed to find the address in Cheat Engine, after that I put my code inside a while loop, so I'll see the changes in the value.

while (true)
{
// etc..

Sleep(1000);
system("cls");
}

Everything works perfect except I can't seem to find the base address.
How do I find the base ( static ) address ?
 

Broihon

edgy 12 y/o
Escobar Tier VIP
Fleep Tier Donator
Dec 22, 2013
1,746
40,528
316
The value gets created on the stack of the main function. There ain't no baseaddress.
 
Last edited:

squeenie

Hacker
Meme Tier VIP
Dank Tier Donator
Mar 6, 2013
677
5,478
37
Subtract the base address of your module from the address of x, this will give you its offset.
 

Onsed1970

Newbie
Aug 10, 2015
19
433
1
what do you mean " base address of your module ", all I have is the address of x, ( cout << &x; )
how do I find the base address ?
also newbie here ^^
 

Onsed1970

Newbie
Aug 10, 2015
19
433
1
I'm not quite sure how to find base address of exe/dll.

HANDLE handle = GetCurrentProcess(); //or OpenProcess()
void *baseAddress = (void*) handle;

will it work ?


EDIT: I used this code
C++:
#define _CRT_SECURE_NO_WARNINGS
#define UNINITIALIZED 0xFFFFFFFF

#include <iostream>
#include <iomanip>
#include <Windows.h>
#include <TlHelp32.h> //PROCESSENTRY

/* The name of the process */
const char* processName_ = "REPLACETHIS.exe" ; 

void main(void)
{
DWORD  processID_     = NULL ;
DWORD  processBaseAddress_   = UNINITIALIZED;

/* Get the process ID  */
{
    PROCESSENTRY32 processEntry_ ; // Entry into process you wish to inject to
    HANDLE hProcSnapshot_ = NULL ; 
    /* Takes a snapshot of the system's processes */
    hProcSnapshot_ = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0) ; //?

    /* While process has not been found, keep looking for it */
    while(!processID_)
    {
        /* If a process on the system exists */
        if(Process32First(hProcSnapshot_, &processEntry_)) //?
        {
            /* Check all processes in the system's processes snapshot */
            do
            {
                /* Compare the name of the process to the one we want */
                if( !strcmp(processEntry_.szExeFile, processName_) ) //?
                {
                    /* Save the processID and break out */
                    processID_ = processEntry_.th32ProcessID ;
                    break ;
                }
            } 
            while(Process32Next(hProcSnapshot_, &processEntry_)) ;
        }

        /* Didnt find process, sleep for a bit */
        if( !processID_ )
        {
            system("CLS") ;
            std::cout << "Make sure " << processName_ << " is running." << std::endl ;
            Sleep(200) ;
        }
    }

    /* Process found */
    std::cout << "Found Process: " << processName_ << std::endl ;
}


/* Find Base Address of process */
{
    HANDLE moduleSnapshotHandle_ = INVALID_HANDLE_VALUE;
    MODULEENTRY32 moduleEntry_;

    /* Take snapshot of all the modules in the process */
    moduleSnapshotHandle_ = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, processID_ );

    /* Snapshot failed */
    if( moduleSnapshotHandle_ == INVALID_HANDLE_VALUE )
    {
        std::cout << "Module Snapshot error" << std::endl ;
        return ;
    }

    /* Size the structure before usage */
    moduleEntry_.dwSize = sizeof( MODULEENTRY32 );

    /* Retrieve information about the first module */
    if( !Module32First( moduleSnapshotHandle_, &moduleEntry_ ) )
    {
        std::cout << "First module not found" << std::endl ;  
        CloseHandle( moduleSnapshotHandle_ );    
        return ;
    }

    /* Find base address */
    while(processBaseAddress_ == UNINITIALIZED)
    {
        /* Find module of the executable */
        do
        {

            /* Compare the name of the process to the one we want */
            if( !strcmp(moduleEntry_.szModule, processName_) ) //?
            {
                /* Save the processID and break out */
                processBaseAddress_ = (unsigned int)moduleEntry_.modBaseAddr ;
                break ;
            }

        } while( Module32Next( moduleSnapshotHandle_, &moduleEntry_ ) );


        if( processBaseAddress_ == UNINITIALIZED )
        {
            system("CLS") ;
            std::cout << "Failed to find module" << processName_ << std::endl ;
            Sleep(200) ;
        }
    }

    /* Found module and base address successfully */
    std::cout << "Base Address: " << std::hex << processBaseAddress_ << std::dec << std::endl ;
    CloseHandle( moduleSnapshotHandle_ );
}
credit: stackoverflow.com/questions/11564148/how-to-get-the-starting-base-address-of-a-process-in-c ( James Knight )

In the image below you'll see a more detailed "explanation" of what I am talking about.
Now I subtract 0x12a0000 from - x address, I get the offset, then what ?
also thanks for the help ^^.

EDIT: forgot to add the image. ( gyzao link ..) - https://gyazo.com/efccad53eabe49c3c6622a0883bb5e34
 
Last edited:

squeenie

Hacker
Meme Tier VIP
Dank Tier Donator
Mar 6, 2013
677
5,478
37
oh yeah if x is not global then its gonna be a bit more complicated.
 

Onsed1970

Newbie
Aug 10, 2015
19
433
1
I'm not trying to be rude, but, can anyone answer/provide info on how to find base address for x ? :/
 

Broihon

edgy 12 y/o
Escobar Tier VIP
Fleep Tier Donator
Dec 22, 2013
1,746
40,528
316
C++:
#include <windows.h>
#include <iostream>
int Global_X = 88;

int main()
{
     std::cout << std::hex << &Global_X << " = " << Global_X << std::endl;
     Sleep(-1);
}
Edit: till0sch ehuuheuheuheuheuhueheuuheuehueheuheuehu
 
Last edited:

till0sch

Respected Hacker
Dank Tier VIP
Dank Tier Donator
Oct 14, 2012
1,104
12,593
51
what do you mean, "global" ?>
int var = 0;
int main()
{
return var;
}


int main2()
{
return var;
}

now var is public because it's not only declared in one function scope, which would then be the only one having access that way, but publicly, which means other functions have access aswell - this makes a difference because unless the functions are in a class, which they aren't, the variable 'var' would be static, with the baseaddress you are searching for.

EDIT: well, ron was faster
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Similar threads

Community Mods