Solved Problem reading multi level pointers C#

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

Rake

I'm not your friend
Administrator
Jan 21, 2014
12,513
78,998
2,419
Bro, I'm testing with your code and I get as result: 0x10

This is the code I'm testing with:
C#:
Process process = Process.GetProcessesByName("client_dx").FirstOrDefault();

var hProc = OpenProcess(0x00000010, false, process.Id);

var modBase = GetModuleBaseAddress(process, "client_dx.exe");

var addr = FindDMAAddy(hProc, (IntPtr)0x003393AC, new int[] { 0x30, 0x374, 0x2C, 0x0, 0x14, 0x48, 0x10 });

Debug.WriteLine("0x" + addr.ToString("X"));
This is what I get from cheat engine:
1574704736235.png

I expected to get as result: 0x0FAEB9A8
That's because you're using a relative offset instead of the actual base address of the pointer, do this:

C++:
var addr = FindDMAAddy(hProc, (IntPtr)(modBase + 0x003393AC), new int[] { 0x30, 0x374, 0x2C, 0x0, 0x14, 0x48, 0x10 });
 

dome11fun

Newbie
May 9, 2013
1
152
0
Hey Fleep,
I try since 2 weeks to write an Aimbot for Warsow. But I can not do it. Can you help me? Add Me on Skype. Skype name: LetsSplashLP.
I would be very grateful if you could help me. Can you please help me? I have all your videos with 'Aimbot' and 'Wallhack' looked but it does not work. Please help me. I have watched your videos over 2 hours.
Add Me on Skype. Skype-Name: LetsSplashLP
Game: https://www.warsow.net/
Thank you! <3
 

WiTH

Jr.Coder
Full Member
Nobleman
May 24, 2012
58
458
1
Hey Fleep,
I try since 2 weeks to write an Aimbot for Warsow. But I can not do it. Can you help me? Add Me on Skype. Skype name: LetsSplashLP.
I would be very grateful if you could help me. Can you please help me? I have all your videos with 'Aimbot' and 'Wallhack' looked but it does not work. Please help me. I have watched your videos over 2 hours.
Add Me on Skype. Skype-Name: LetsSplashLP
Game: https://www.warsow.net/
Thank you! <3
lol, nice thread hijack, no1 is going to help you
Sagiigi340
we also need to know what's going under the hood... show us the trainer class
 

maestro

Newbie
Dank Tier Donator
Jul 5, 2013
19
182
0
WoW... I tried to find a class like that for c++ but didn't look enough. Do you know any? I would love to make one but I think I don't have the knowledge of the methods needed to have a good class. But, if it's a good reference I can try to translate that one to c++
 

till0sch

Respected Hacker
Dank Tier VIP
Dank Tier Donator
Oct 14, 2012
1,104
12,593
51
WoW... I tried to find a class like that for c++ but didn't look enough. Do you know any? I would love to make one but I think I don't have the knowledge of the methods needed to have a good class. But, if it's a good reference I can try to translate that one to c++
You don't need one. Just import 'Windows.h' and use WriteProcessMemory. As buffer you can pass variables. So to write 2 bytes, you have to make the variable a WORD! If you need help with that, I'll be there to help you.
 

maestro

Newbie
Dank Tier Donator
Jul 5, 2013
19
182
0
ops I guess I didn't see the class... What I was talking about was that series of repeated code that we need to do ti initialize the process than open than write than read... Was thinking of something like Trainer.attach("File.exe"); Trainer.read(0xadd7e55); instead of 100 lines of code.
 

till0sch

Respected Hacker
Dank Tier VIP
Dank Tier Donator
Oct 14, 2012
1,104
12,593
51

Rake

I'm not your friend
Administrator
Jan 21, 2014
12,513
78,998
2,419
This contains everything you need

C++:
using System;
using System.Diagnostics;
using System.Runtime.InteropServices;

namespace RakeCSharp
{
    internal class RakeCSMem
    {
        [DllImport("kernel32.dll")]
        private static extern IntPtr OpenProcess(uint processAccess, bool bInheritHandle, int processId);

        [DllImport("kernel32.dll", SetLastError = true)]
        private static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [Out] byte[] lpBuffer, int dwSize, out IntPtr lpNumberOfBytesRead);

        public static IntPtr FindDMAAddy(IntPtr hProc, IntPtr ptr, int[] offsets)
        {
            var buffer = new byte[IntPtr.Size];
            foreach (int i in offsets)
            {
                ReadProcessMemory(hProc, ptr, buffer, buffer.Length, out var read);

                ptr = (IntPtr.Size == 4)
                ? IntPtr.Add(new IntPtr(BitConverter.ToInt32(buffer, 0)), i)
                : ptr = IntPtr.Add(new IntPtr(BitConverter.ToInt64(buffer, 0)), i);
            }
            return ptr;
        }

        public static IntPtr GetModuleBaseAddress(Process proc, string modName)
        {
            IntPtr addr = IntPtr.Zero;

            foreach (ProcessModule m in proc.Modules)
            {
                if (m.ModuleName == modName)
                {
                        addr = m.BaseAddress;
                        break;
                }
            }
                return addr;
        }

        private static void Main(string[] args)
        {
            Process process;

            process = Process.GetProcessesByName("ac_client")[0];

            var hProc = OpenProcess(0x001F0FFF, false, process.Id);

            var modBase = GetModuleBaseAddress(process, "ac_client.exe");

            var addr = FindDMAAddy(hProc, (IntPtr)0x50f4f4, new int[] { 0x374, 0x14, 0 });

            Console.WriteLine("0x" + addr.ToString("X"));
        }
    }
}
 

kuhi

Full Member
May 24, 2019
25
203
1
This contains everything you need

C++:
using System;
using System.Diagnostics;
using System.Runtime.InteropServices;

namespace RakeCSharp
{
    internal class RakeCSMem
    {
        [DllImport("kernel32.dll")]
        private static extern IntPtr OpenProcess(uint processAccess, bool bInheritHandle, int processId);

        [DllImport("kernel32.dll", SetLastError = true)]
        private static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [Out] byte[] lpBuffer, int dwSize, out IntPtr lpNumberOfBytesRead);

        public static IntPtr FindDMAAddy(IntPtr hProc, IntPtr ptr, int[] offsets)
        {
            var buffer = new byte[IntPtr.Size];
            foreach (int i in offsets)
            {
                ReadProcessMemory(hProc, ptr, buffer, buffer.Length, out var read);

                ptr = (IntPtr.Size == 4)
                ? IntPtr.Add(new IntPtr(BitConverter.ToInt32(buffer, 0)), i)
                : ptr = IntPtr.Add(new IntPtr(BitConverter.ToInt64(buffer, 0)), i);
            }
            return ptr;
        }

        public static IntPtr GetModuleBaseAddress(Process proc, string modName)
        {
            IntPtr addr = IntPtr.Zero;

            foreach (ProcessModule m in proc.Modules)
            {
                if (m.ModuleName == modName)
                {
                        addr = m.BaseAddress;
                        break;
                }
            }
                return addr;
        }

        private static void Main(string[] args)
        {
            Process process;

            process = Process.GetProcessesByName("ac_client")[0];

            var hProc = OpenProcess(0x001F0FFF, false, process.Id);

            var modBase = GetModuleBaseAddress(process, "ac_client.exe");

            var addr = FindDMAAddy(hProc, (IntPtr)0x50f4f4, new int[] { 0x374, 0x14, 0 });

            Console.WriteLine("0x" + addr.ToString("X"));
        }
    }
}
Bro, I'm testing with your code and I get as result: 0x10

This is the code I'm testing with:
C#:
Process process = Process.GetProcessesByName("client_dx").FirstOrDefault();

var hProc = OpenProcess(0x00000010, false, process.Id);

var modBase = GetModuleBaseAddress(process, "client_dx.exe");

var addr = FindDMAAddy(hProc, (IntPtr)0x003393AC, new int[] { 0x30, 0x374, 0x2C, 0x0, 0x14, 0x48, 0x10 });

Debug.WriteLine("0x" + addr.ToString("X"));
This is what I get from cheat engine:
1574704736235.png


I expected to get as result: 0x0FAEB9A8
 

kuhi

Full Member
May 24, 2019
25
203
1
That's because you're using a relative offset instead of the actual base address of the pointer, do this:

C++:
var addr = FindDMAAddy(hProc, (IntPtr)(modBase + 0x003393AC), new int[] { 0x30, 0x374, 0x2C, 0x0, 0x14, 0x48, 0x10 });
Thank you very much, worked perfectly, and I found that I'm retard :D

I have some trouble now, as I'm trying to read a string that can be 6 to 10 long, and I'm getting as 4 byte: 825570360

The expected results are: 845120

There's any way to convert that 4 byte to string? I'm searching on google + youtube but I'm not finding anything

Thank you very much @Rake
 

Rake

I'm not your friend
Administrator
Jan 21, 2014
12,513
78,998
2,419
Thank you very much, worked perfectly, and I found that I'm retard :D

I have some trouble now, as I'm trying to read a string that can be 6 to 10 long, and I'm getting as 4 byte: 825570360

The expected results are: 845120

There's any way to convert that 4 byte to string? I'm searching on google + youtube but I'm not finding anything

Thank you very much @Rake
all char arrays are either constant or defined to be a specific size

if it's constant, you know the length because you can look at the string. Read the full length of the string + 1 for the null terminator

If it's defined a specific size, then read that size. For instance, in assault cube the name variable is 16 bytes. To find out the max size of a name, just make your name really long and it will cut it off at max length, then just count the number of chars.

C++:
const char dog = "dog"; //3 chars + null terminator, duh
#define MAX_NAME_LENGTH 20
char * name = new char[MAX_NAME_LENGTH]; //20 chars
Why is your string a number?

"any way to convert a 4 byte to string?"

I don't know what you're talking about. Please be more descriptive in your explanation
 

kuhi

Full Member
May 24, 2019
25
203
1
all char arrays are either constant or defined to be a specific size

if it's constant, you know the length because you can look at the string. Read the full length of the string + 1 for the null terminator

If it's defined a specific size, then read that size. For instance, in assault cube the name variable is 16 bytes. To find out the max size of a name, just make your name really long and it will cut it off at max length, then just count the number of chars.

C++:
const char dog = "dog"; //3 chars + null terminator, duh
#define MAX_NAME_LENGTH 20
char * name = new char[MAX_NAME_LENGTH]; //20 chars
Why is your string a number?

"any way to convert a 4 byte to string?"

I don't know what you're talking about. Please be more descriptive in your explanation
My account number (845120) is stored as a string or at least that's the way I find it in Cheat Engine.

When I run that code:
C#:
var addr = FindDMAAddy(hProc, (IntPtr)(modBase + 0x003393AC), new int[] { 0x30, 0x374, 0x2C, 0x0, 0x14, 0x48, 0x10 });
I'm getting the same thing that changing in cheat engine from string to 4 byte: 825570360
1574708318468.png
<-- this is what I want to read
1574708389491.png
<-- this is what I'm getting from c# code

I don't really know why it's storing numeric values as string, I know that makes no sense XD

Sorry I didn't ask the question properly, what I wanted to say, is if there's any way to read 845120 instead of 825570360

It's not a constant as when I login with another account it's value is changing and it can be from 6 to 10 char length, so it's also not fixed length
 

kuhi

Full Member
May 24, 2019
25
203
1
you are reading an integer, you need to read a string

checkout this thread, it has a "read string" functions
https://guidedhacking.com/threads/c-better-trainer-class.3165/
Good morning :)

Yesterday I was working on this until late night but without success :(

I made some attempts to read the string, and made some modifications to the code:
C#:
Process process = null;

while(process == null)
{
     process = Process.GetProcessesByName("client_dx").FirstOrDefault();
}

var hProc = Memory.OpenProcess(0x00000010, false, process.Id);

var modBase = Memory.GetModuleBaseAddress(process, "client_dx.exe");

var addr = Memory.FindDMAAddy(hProc, (IntPtr)(modBase + 0x003393AC), new int[] { 0x30, 0x374, 0x2C, 0x0, 0x14, 0x48, 0x10 });

var acc = Memory.ReadStringUntilNULL("client_dx.exe", addr.ToInt32());

lblAccount.Text = acc;
I'm getting an empty string all the time.. And I've also tested with:
C#:
var acc = Memory.ReadStringUntilNULL("client_dx.exe", (int)addr);
I created the Memory class just from the class you sent me, but I don't understand why the function ReadStringUntilNULL is taking as parameter the address as int and not as intptr.

"var addr" contains the memory address that I want to read as string, your functions are working perfectly but I'm not being able to combine them with that Memory class.

Thank you very much <3
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Similar threads

Community Mods