Solved Memory Addresses! :/

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

Ollie

Newbie
Full Member
Feb 2, 2013
11
202
0
Sorry for spamming my threads here, but I've got quite a lot of questions and this forums is pretty helpful so yeah.

I tried getting static memory address for "Spider Solitaire" game's score value.

I managed to find this pointer:
0xffdd5f78 + 0xE8 + 0x14, which points to my score perfectly fine, but it's not static.

When I check what accesses this pointer, I can find "mov rax,SpiderSolitaire.exe+000b5f78"?

So what is this SpiderSolitaire.exe doing there, and how can i turn that into a memory address?

 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
11,573
78,998
2,316
C#:
using System;
using System.Diagnostics;
using System.Runtime.InteropServices;

namespace RakeCSharp
{
    internal class RakeCSMem
    {
        [DllImport("kernel32.dll")]
        private static extern IntPtr OpenProcess(uint processAccess, bool bInheritHandle, int processId);

        [DllImport("kernel32.dll", SetLastError = true)]
        private static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [Out] byte[] lpBuffer, int dwSize, out IntPtr lpNumberOfBytesRead);

        public static IntPtr FindDMAAddy(IntPtr hProc, IntPtr ptr, int[] offsets)
        {
            var buffer = new byte[IntPtr.Size];
            foreach (int i in offsets)
            {
                ReadProcessMemory(hProc, ptr, buffer, buffer.Length, out var read);

                ptr = (IntPtr.Size == 4)
                ? IntPtr.Add(new IntPtr(BitConverter.ToInt32(buffer, 0)), i)
                : ptr = IntPtr.Add(new IntPtr(BitConverter.ToInt64(buffer, 0)), i);
            }
            return ptr;
        }

        public static IntPtr GetModuleBaseAddress(Process proc, string modName)
        {
            IntPtr addr = IntPtr.Zero;

            foreach (ProcessModule m in proc.Modules)
            {
                if (m.ModuleName == modName)
                {
                        addr = m.BaseAddress;
                        break;
                }
            }
                return addr;
        }

        private static void Main(string[] args)
        {
            Process process;

            process = Process.GetProcessesByName("ac_client")[0];

            var hProc = OpenProcess(0x001F0FFF, false, process.Id);

            var modBase = GetModuleBaseAddress(process, "ac_client.exe");

            var addr = FindDMAAddy(hProc, (IntPtr)0x50f4f4, new int[] { 0x374, 0x14, 0 });

            Console.WriteLine("0x" + addr.ToString("X"));
        }
    }
}
 
Last edited:

Crazywink

Hacker
Meme Tier VIP
Dank Tier Donator
Jul 18, 2012
626
4,613
17
SpiderSolitaire.exe is referring to the program's base address. Something along the lines of.. (If you're doing it in C#.)
C++:
System.Diagnostics.Process[] processes = System.Diagnostics.Process.GetProcessesByName("SpiderSolitaire"); 

int baseAddy = processes[0].MainModule.BaseAddress.ToInt32();
Will return the base address, from which you add the proceeding address and offsets. :)

Crazywink
 

Ollie

Newbie
Full Member
Feb 2, 2013
11
202
0
This is what I use when getting the base address using C++: (Thanks to Flyte from Cheat Engine Forums for this)

C++:
DWORD GetModuleBase(HANDLE hProc, string &sModuleName) 
{ 
   HMODULE *hModules; 
   char szBuf[50]; 
   DWORD cModules; 
   DWORD dwBase = -1; 
   //------ 

   EnumProcessModules(hProc, hModules, 0, &cModules); 
   hModules = new HMODULE[cModules/sizeof(HMODULE)]; 
    
   if(EnumProcessModules(hProc, hModules, cModules/sizeof(HMODULE), &cModules)) { 
      for(int i = 0; i < cModules/sizeof(HMODULE); i++) { 
         if(GetModuleBaseName(hProc, hModules[i], szBuf, sizeof(szBuf))) { 
            if(sModuleName.compare(szBuf) == 0) { 
               dwBase = (DWORD)hModules[i]; 
               break; 
            } 
         } 
      } 
   } 

   delete[] hModules; 

   return dwBase; 
}
To use:
C++:
GetModuleBase(hProc, string("spidersolitaire.exe"));

Thanks but GetModuleBase() always returns 0xFFFFFFFF for some reason.
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods League of Legends Accounts