Solved Write to memory with offsets (MemoryHacking)

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat
Status
Not open for further replies.

prog0

Newbie
Full Member
Feb 12, 2014
13
134
0
Hi,
I'm trying to read (and write) in memory with offsets (I know how to write and read in memory without offsets)

My code :
C++:
                       int value;
                       int newdata = 500;
                    DWORD newdatasize = sizeof(newdata);
                    DWORD baseAddress = 0xBB0E8;
                    DWORD offset1 = 0x154;
                    DWORD offset2 = 0x68;
                    DWORD offset3 = 0xa0;
                    DWORD offset4 = 0x48;
                    DWORD pAddress1;
                    DWORD pAddress2;
                    DWORD pAddress3;
                    DWORD pAddress4;
            ReadProcessMemory(hProcess,(void*)(baseAddress),&pAddress1,sizeof(pAddress1),0);
            ReadProcessMemory(hProcess,(void*)(pAddress1 + offset1),&pAddress2,sizeof(pAddress2),0);
            ReadProcessMemory(hProcess,(void*)(pAddress2 + offset2),&pAddress2,sizeof(pAddress3),0);
            ReadProcessMemory(hProcess,(void*)(pAddress3 + offset3),&pAddress2,sizeof(pAddress4),0);
            ReadProcessMemory(hProcess,(void*)(pAddress4 + offset4),&value,sizeof(value),0);
Where is the problem in my code ?
Thanck you in advance.
 
Last edited:

NebulaGrey

Newbie
Full Member
Jun 8, 2014
30
218
1
If your intent is to Read memory that is 1 pointer deep, then you're doing it right.
If you were trying to Read something like 2 or 3 levels deep, you'd do something more like:
ReadProcessMemory(hProcess,(void*)(baseAddress),&pAddress1,sizeof(pAddress1),0);
ReadProcessMemory(hProcess,(void*)(pAddress1 + offset1),&pAddress2,sizeof(pAddress1),0);
ReadProcessMemory(hProcess,(void*)pAddress + offset2),&pAddress3,sizeof(pAddress1),0);
 

Nether

The Angel Of Verdun
Meme Tier VIP
Dank Tier Donator
Dec 11, 2013
293
3,738
16
Hi,
I'm trying to read (and write) in memory with offsets (I know how to write and read in memory without offsets)

My code :
C++:
                       int value;
                       int newdata = 500;
                    DWORD newdatasize = sizeof(newdata);
                    DWORD baseAddress = 0xBB0E8;
                    DWORD offset1 = 0x154;
                    DWORD offset2 = 0x68;
                    DWORD offset3 = 0xa0;
                    DWORD offset4 = 0x48;
                    DWORD pAddress1;
                    DWORD pAddress2;
                    DWORD pAddress3;
                    DWORD pAddress4;
            ReadProcessMemory(hProcess,(void*)(baseAddress),&pAddress1,sizeof(pAddress1),0);
            ReadProcessMemory(hProcess,(void*)(pAddress1 + offset1),&pAddress2,sizeof(pAddress2),0);
            ReadProcessMemory(hProcess,(void*)(pAddress2 + offset2),&pAddress2,sizeof(pAddress3),0);
            ReadProcessMemory(hProcess,(void*)(pAddress3 + offset3),&pAddress2,sizeof(pAddress4),0);
            ReadProcessMemory(hProcess,(void*)(pAddress4 + offset4),&value,sizeof(value),0);
Where is the problem in my code ?
Thanck you in advance.
You would be better off using my memory class https://guidedhacking.com/showthread.php?5093-Nether-s-C-Memory-Class-V1-6 and once you have initiated the class etc.

Use To Write:

C++:
mem.write<int>(0xBB0E8, "/x154/x68/xA0/x48/*", 1337);
Use To Read Out Value Of Pointer

C++:
int Value = mem.read<int>(0xBB0E8, "/x154/x68/xA0/x48/*", true);
_cwprintf(L"Pointer Value = [ %d ]", Value);
 
Last edited:

prog0

Newbie
Full Member
Feb 12, 2014
13
134
0
You would be better off using my memory class https://guidedhacking.com/showthread.php?5093-Nether-s-C-Memory-Class-V1-6 and once you have initiated the class etc.

Use To Write:

C++:
mem.write<int>(0xBB0E8, "/x154/x68/xA0/x48/*", 1337);
Use To Read Out Value Of Pointer

C++:
int Value = mem.read<int>(0xBB0E8, "/x154/x68/xA0/x48/*", true);
_cwprintf(L"Pointer Value = [ %d ]", Value);
Thanck you but your code give me errors like
warning: ignoring #pragma region TEMPLATE [-Wunknown-pragmas]|
warning: ignoring #pragma endregion [-Wunknown-pragmas]|
In member function 'cData ProcMem::Read(DWORD, char*, BOOL)':|
|error: no matching function for call to 'ProcMem::iSizeOfArray(char*&)'|
note: candidate is:|
note: int ProcMem::iSizeOfArray(int*)|
note: no known conversion for argument 1 from 'char*' to 'int*'|

(I use codeblock).
 

prog0

Newbie
Full Member
Feb 12, 2014
13
134
0
Screenshot from Cheat Engine of the pointer ...
(Yes I use Solitaire ...)

Nether I get error with your code (I use codeblock and I thinck pragma comments are not working)
NebulaGrey I'm sorry but I don't understand your code can you make an example with the base address and the offsets that I have ?
 
Last edited by a moderator:

Nether

The Angel Of Verdun
Meme Tier VIP
Dank Tier Donator
Dec 11, 2013
293
3,738
16
Screenshot from Cheat Engine of the pointer ...
View attachment 2632
(Yes I use Solitaire ...)

Nether I get error with your code (I use codeblock and I thinck pragma comments are not working)
NebulaGrey I'm sorry but I don't understand your code can you make an example with the base address and the offsets that I have ?
I'm sorry to hear that you are using codeblocks because I use Visual C++, Using codeblocks will mean you will have to include many more header files for the code to run, I suggest you get visual studio express 2012/13 its free
 

prog0

Newbie
Full Member
Feb 12, 2014
13
134
0
Yes I know but I use QT creator for the GUI and I can't use pragma in QT (and C:B)
Do you know what headers I have to import to compile ?
 

prog0

Newbie
Full Member
Feb 12, 2014
13
134
0
Now I realised that I need to find the base address of the module so i'm trying this (from your code Nether)
C++:
DWORD Module(LPSTR ModuleName, DWORD dwPID){

	//Variables
	HANDLE hModule = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwPID); //Take A Module Snapshot Of The Process (Grab All Loaded Modules)
	MODULEENTRY32 mEntry; //Declare Module Entry Structure
	mEntry.dwSize = sizeof(mEntry); //Declare Structure Size And Populate It With Loaded Modules

	//Scan For Module By Name
	do
		if(!strcmp(mEntry.szModule, ModuleName))
		{
			CloseHandle(hModule);
			return (DWORD)mEntry.modBaseAddr;
		}
	while(Module32Next(hModule, &mEntry));

	std::cout << "\nMODULE: Process Platform Invalid\n";
	return 0;
}
But that show me MODULE: Process Platform Invalid

I use it like this
C++:
  Module("solitaire.exe", proccess_ID);
 

Nether

The Angel Of Verdun
Meme Tier VIP
Dank Tier Donator
Dec 11, 2013
293
3,738
16
Now I realised that I need to find the base address of the module so i'm trying this (from your code Nether)
C++:
DWORD Module(LPSTR ModuleName, DWORD dwPID){

	//Variables
	HANDLE hModule = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwPID); //Take A Module Snapshot Of The Process (Grab All Loaded Modules)
	MODULEENTRY32 mEntry; //Declare Module Entry Structure
	mEntry.dwSize = sizeof(mEntry); //Declare Structure Size And Populate It With Loaded Modules

	//Scan For Module By Name
	do
		if(!strcmp(mEntry.szModule, ModuleName))
		{
			CloseHandle(hModule);
			return (DWORD)mEntry.modBaseAddr;
		}
	while(Module32Next(hModule, &mEntry));

	std::cout << "\nMODULE: Process Platform Invalid\n";
	return 0;
}
But that show me MODULE: Process Platform Invalid

I use it like this
C++:
  Module("solitaire.exe", proccess_ID);

if your CPU is 32-bit then compile & run in 32 bit, else compile and run in 64-bit :) if your windows or cpu is 32/64 solitaire (MS Games will also be in that format) also you will have to run the console as administrator windows games have basic protection so you cant run/compile from Visual Studio
 

prog0

Newbie
Full Member
Feb 12, 2014
13
134
0
Thanck you now I get the base address but if the process is 64 bits how to compile in 64 bits (I tested to change to the build configuration to ARM in visual studio (I tried visual studio only for that) but the application don't work with ARM (invalid 32 bits application (I have a 64 bits processor) )
 

Nether

The Angel Of Verdun
Meme Tier VIP
Dank Tier Donator
Dec 11, 2013
293
3,738
16
Thanck you now I get the base address but if the process is 64 bits how to compile in 64 bits (I tested to change to the build configuration to ARM in visual studio (I tried visual studio only for that) but the application don't work with ARM (invalid 32 bits application (I have a 64 bits processor) )
you just click <new> on the selection and you add a new processor size to it, although I don't think there is support for the ARM Processors (like mobile phones etc)
 
Status
Not open for further replies.
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods