Cheat Engine

[N00bcoder]

In trying to teach my self the OpenProcess /ReadProcess/ WriteProcess/ CloseHandle functions, I ran into a problem with memory addresses changing.

Background info: All written in C#(.NET)
Clickme.exe
The form has one checkbox, and one button. The only code I've written in it is as follows

[Dark Byte]

use pointers and module baseaddresses
0x013AC2F4 looks like it's allocated mem instead of module mem, so use pointers

[N00bcoder]

Not sure what "module baseaddresses" are.

I may have the settings on CE incorrect, but I'm able to get the pointer in step 6(?) in the Tut that came with CE. I'm leaving the settings alone since I still know next to nothing about that aspect of the application.

So if there's a pointer pointing to that address, it's either out of range of what I'm searching through... or my settings are incorrect in someway.

Writable memory as base only is the only checkbox selected

Clickme.exe selected

from 00400000 to 00408000
pointer must reside in
00400000 to 70000000

The rest of the options look like they only deal with the scanner rather than the data being scanned.

With everything setup this way, I come up with 0 pointers.

[samuri25404]

First, two notes on your code:

1) Name your buttons/check boxes. It's been discussed a lot in this section, and it's annoying for people to read through your code with things like "button1" "checkbox1" etc.

2) Instead of doing those weird expressions, I prefer to just do something like

[N00bcoder]

I understand the reason for renaming the controls, however I didn't expect to be posting the code anywhere, or even to be using the code for longer than a 24 hour period of time. It was just some quick and dirty code to do the job. I do have to point out, that with as simple as this code is, leaving the names alone does give a clear indication of what's going on in this program. Anymore complex, and I would agree 100% with you. In the future, all code I post will have the names changed just to stifle this kind of comment.

As far as the trinary, I can only say that my coding practices are heavily influenced by my friends at school, sometimes not always for the better. I originally wrote an if-else statement then changed it to it's current form. Had I given it a little more thought I would have ended up with what you suggested.

For the last 24 hours I've been on a journey trying to figure this out. I ended up using the second part of what you suggested:

[samuri25404]

First of all, the code that you were using was the faster one, but not necessarily always the correct one; keep that in mind. It is safest to use the loop, but then again not always necessary. You should check first, though, before deciding on a way to do it.

As for the issue, I'm still not quite positive what you're trying to accomplish with CE.

Edit:

I played around this, and basically, you just need to declare the value to change as static.

Here's how it works in memory:

Dynamic Int (Not Static):

[N00bcoder]

I'm weighing my choices here... If I was sure that I would be using these techniques in order to effectively find the same value in a game, then I would be more than happy to continue along this path.

However, most games are written in C++. I find C#.NET a little annoying atm to work in. I'm sure it will grow on me eventually when I start having to create tools. It's just how can I trust a book of code that I don't write? I'm sure it's because of this code that I'm having weird memory address issues.

Or it may just be that I don't understand everything I need to know about how to consistently find a memory address in any application and need to continue figuring out this conundrum.

The whole point of these two little programs was to give myself a relatively easy goal to achieve: Display the value that controls what the checkbox displays (checked/unchecked).

Something clicked a while ago. I keep seeing esi+0000009c again and again when I tell CE to look at what writes to this value. Going off what you explained, the esi value should be the base of the form. Well, I took the address of the byte that controls the checkbox, and subtracted 9c from it.................. and that address doesn't have a pointer to it either. I still haven't tried implementing the safe code you suggested yet because I've only really had time to sleep eat and go to class in the last 36 hours. Maya is a pain sometimes.

BTW what is AOB?

[atom0s]

[N00bcoder]

I have an answer to this whole mess, it's not favorable, but I doubt anyone here is going to have to find a work around.
I've been talking to my C# teacher over the last couple of days, trying to figure out why things are acting like they are (memory addresses changing with out an apparent pointer). The realization is: this is managed code. Meaning that it's running on something akin(not exactly) to a virtual machine. So the memory model is different than what you would find in just about any game.

Thank you samuri25404 for all the help you have provided on this.

[samuri25404]

[Estx]

If you need code references or something to read over to learn how you can use memory management in C#, check out my MemEdit class. Link is in sig. (:

As for topic problem, my initial suggestion was already suggested (pointers).
I'm a little tired at the moment so haven't really reviewed all the posts - will repost tomorrow and try to help solve whatever the problem is.

[N00bcoder]

I haven't had time to work on this of late. I will once I catch up on the projects I've been assigned in class. Why oh why didn't I go to a normal college?