 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Unc3nZureD
Newbie cheater
![]() Reputation: 0
Joined: 17 Jul 2013
Posts: 13
|
 Posted: Sat Aug 17, 2013 2:21 pm Post subject: C++ OpenProcess/WriteProcessMemory |
 |
|
Hi guys, I'm trying to make a DLL which modifies the memory when it's injected into a process.
Here's the code which is called on injection:
| Code: | DWORD WINAPI memoryPatch( LPVOID )
{
Sleep(5000);
int newValue = 0;
DWORD proc_id = GetCurrentProcessId();
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, proc_id);
if( !hProcess )
ExitProcess( 1 );
BYTE EnableTestBytes[48] = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
int isSuccessful = WriteProcessMemory( hProcess, (LPVOID)0x006A6F24, &EnableTestBytes, 48, NULL );
if (isSuccessful > 0)
{
MessageBox(NULL, "Success", "title", NULL);
}
else
{
MessageBox(NULL, "FATAL ERROR", "title", NULL);
}
return true;
} |
The problem is that it auto-exits. I'm using winxp and the process should have all privileges. What am I doing wrong? |
|
| Back to top |
|
 |
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Sat Aug 17, 2013 5:31 pm Post subject: |
|
|
Firstly you are injected, you don't need to use API.
Just use memcpy / memset to alter memory (or directly access it via pointers).
As for auto-exiting, more than likely because of:
| Code: | HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, proc_id);
if( !hProcess )
ExitProcess( 1 ); |
PROCESS_ALL_ACCESS fails on Windows Vista and higher unless you adjust the debug token of the process. As stated already though, you don't need to use API when injected.
_________________
- Retired. |
|
| Back to top |
|
|
Unc3nZureD
Newbie cheater
![]() Reputation: 0
Joined: 17 Jul 2013
Posts: 13
|
| Posted: Sun Aug 18, 2013 1:27 pm Post subject: |
|
|
Thanks for your reply.
I'm quite a novice user, could you give me some examples?
I mean I can't see any address parameter at memset / memcpy. How could I write thoose bytes from the 0x006A6F24 address? |
|
| Back to top |
|
|
atom0s
Moderator
Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Mon Aug 19, 2013 10:01 am Post subject: |
|
|
For starters:
| Code: | BYTE EnableTestBytes[48] = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
int isSuccessful = WriteProcessMemory( hProcess, (LPVOID)0x006A6F24, &EnableTestBytes, 48, NULL );
|
Given that you are only writing 00's you can use memset for that. Like this:
memset( (LPVOID)0x006A6F24, 0x00, 48 );
If you want to use memcpy to do the same thing, you can use:
memcpy( (LPVOID)0x006A6F24, &EnableTestBytes, 48 );
memset/memcpy have direct access to the current process memory. If you are injected, you have direct access to that processes memory then.
_________________
- Retired. |
|
| Back to top |
|
|
Unc3nZureD
Newbie cheater
![]() Reputation: 0
Joined: 17 Jul 2013
Posts: 13
|
| Posted: Mon Aug 19, 2013 10:05 am Post subject: |
|
|
Oh, the 1st parameter is the address I want to access. MemSet seems to be awesome since it's much easier 
Currently I can't test it, but thanks a lot! |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
