Solved Problem at finding base address

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

Eternity_

Newbie
Full Member
Oct 2, 2016
5
72
0
Hello.

I've been following this https://guidedhacking.com/showthrea...INER-C-LEARN-TO-HACK-TUTORIAL-DIFFICULTY-1-10 and some other tutorials to play with Warcraft 3 memory.

Thing is, I've problems at getting the base address from the dynamic one. I do the full proccess, and in the end I get the correct "green" address which if you change it's value it works as expected. But then, after I restart the game, that address isn't working anymore.

The offset routine is always the same:

I get the first dynamic address, check whos accessing to it, get +0x24 and address, search, add pointer, check access, get +0x99C search and bingo -> 2 greens at the end of the list.

Get one, check if it works at change, works. Then I restart the game and Bam, gone.

What am I doing wrong?
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,061
78,998
2,370
Hey Eternity_!

Just want to understand your process better so I can help, this is what you're doing:

1) Find dynamic address of a variable
2) Do "Find What Accesses This Address"
3) You get an address and an offset (0x24)
4) You search for that address as a 4-byte hex variable (essentially finding a pointer)
5) You add this pointer to the Cheat Engine Table.

So now you have a pointer to your variable, it's not a static pointer yet and that's why you're repeating this process and you keep going lower until you find the green pointer.

So your pointer currently has 2 offsets which are: 0x99c and 0x24

Then you restart the game and bam they are gone. This could be perhaps because the pointer you're using is reached via relative offset from a module (DLL) that is loaded into a different part of memory every time.

Read this thread for more info and to check if your pointer is loaded by the .exe or a .dll. Also check if ASLR is enabled
Tutorial - Get Module Base Address Tutorial dwGetModuleBaseAddress

And do the guide again Guide - START HERE Beginners Guide to Learning Game Hacking
 
Last edited:

Eternity_

Newbie
Full Member
Oct 2, 2016
5
72
0
Rake;44969 said:
Hey Eternity_!

Just want to understand your process better so I can help, this is what you're doing:

1) Find dynamic address of a variable
2) Do "Find What Accesses This Address"
3) You get an address and an offset (0x24)
4) You search for that address as a 4-byte hex variable (essentially finding a pointer)
5) You add this pointer to the Cheat Engine Table.

So now you have a pointer to your variable, it's not a static pointer yet and that's why you're repeating this process and you keep going lower until you find the green pointer.

So your pointer currently has 2 offsets which are: 0x99c and 0x24

Then you restart the game and bam they are gone. This could be perhaps because the pointer you're using is reached via relative offset from a module (DLL) that is loaded into a different part of memory every time.

Read this thread for more info and to check if your pointer is loaded by the .exe or a .dll. Also check if ASLR is enabled
https://guidedhacking.com/showthread.php?5781-Get-Module-Base-Address-Tutorial-(Spoonfed)
Yes thanks, the green address says: Game.dll+BEDE64

So what I've done so far:

C++:
Process process = Process.GetProcessesByName(processName)[0];
IntPtr processHandle = OpenProcess(PROCESS_ALL_ACCESS, false, process.Id);

int[] offset = { 0x99C, 0x24 };
 if (processHandle != IntPtr.Zero)
            {
                IntPtr lpOutStorage = IntPtr.Zero;
                byte[] buffer = new byte[4]; // wc3 4bytes

                foreach (ProcessModule Module in process.Modules)
                {
                    if (Module.ModuleName.Contains("Game.dll"))
                        baseAddress = Module.BaseAddress;
                }

                msg = "-" + ReadMultiLevelPointer((int)baseAddress, 4, offset, process.Id).ToString() + "-";

               return msg;

}
C++:
public int ReadMultiLevelPointer(int MemoryAddress, uint bytesToRead, Int32[] offsetList, int processId)
    {
        IntPtr procHandle = OpenProcess(PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION, false, processId);
        IntPtr pointer = (IntPtr)0x0;
        //IF THE PROCESS isnt available we return nothing
        if (procHandle == IntPtr.Zero)
        {
            return 0;
        }

        byte[] btBuffer = new byte[bytesToRead];
        IntPtr lpOutStorage = IntPtr.Zero;

        int pointerAddy = MemoryAddress;
        //int pointerTemp = 0;
        for (int i = 0; i < (offsetList.Length); i++)
        {
            if (i == 0)
            {
                ReadProcessMemory(
                    procHandle,
                    (IntPtr)(pointerAddy),
                    btBuffer,
                    (int)btBuffer.Length,
                    ref lpOutStorage);
            }
            pointerAddy = (BitConverter.ToInt32(btBuffer, 0) + offsetList[i]);
            //pointerAddy = 1;
            //string pointerAddyHEX = pointerAddy.ToString("X");

            ReadProcessMemory(
                procHandle,
                (IntPtr)(pointerAddy),
                btBuffer,
                (int)btBuffer.Length,
                ref lpOutStorage);
        }
        return pointerAddy;
    }
But msg doesn't return the correct target dynamic address.

What am I doing wrong?
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods