 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
DjSt3rios
Newbie cheater
![]() Reputation: 0
Joined: 06 Jun 2013
Posts: 20
|
 Posted: Mon Jul 29, 2013 8:00 am Post subject: [C++] ReadProcessMemory Problem |
 |
|
Hello to everyone! I started making an anti-cheat software for a game server I am going to open soon. I am new to C++ though, but I have done some good progress I think. My problem is, I made a new thread in my application, to read a value from the game's memory. My problem is, after the ReadProcessMemory function runs, it screws up some of my variables. For instance I have two global variables declared:
| Code: | DWORD pId; // Process ID
unsigned long playerkey; // The Player Key |
then, I have this:
| Code: |
DWORD base = GetModuleBase("File.dll", pId);
DWORD offset = 0x620B50;
DWORD address = base + offset;
ReadProcessMemory (keyProcess, (void*)address, &playerkey, 10, 0);
|
As soon as the ReadProcessMemory runs, the Process ID Becomes 6946884. If i change the amount of bytes to read, from 10, to 1, it will just reduce the number a bit from the original. For instance if the process ID is 17530 it might turn to 17210..
What could be the problem? Has anyone experienced something similar?
PS: The function pretty much works, I mean the playerkey becomes as it should, it reads the memory but it also does this somehow..
PS2: This code runs in a thread.
|
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 471
Joined: 09 May 2003
Posts: 25823
Location: The netherlands
|
| Posted: Mon Jul 29, 2013 9:36 am Post subject: |
|
|
Are those two variables declared inside an union by any chance?
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
DjSt3rios
Newbie cheater
![]() Reputation: 0
Joined: 06 Jun 2013
Posts: 20
|
| Posted: Mon Jul 29, 2013 2:01 pm Post subject: |
|
|
| I am not really sure what this is, but by googling, no. I just declared them on the top of the program and that's all. Its a pretty small application. Now on some forums some people told me that maybe the variable cannot hold the data or something like that, i will make some tests and see how it turns out.
|
|
| Back to top |
|
|
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Mon Jul 29, 2013 10:24 pm Post subject: |
|
|
Mind posting all the code, looks like one of your functions is overflowing into other variable space.
_________________
- Retired. |
|
| Back to top |
|
|
DjSt3rios
Newbie cheater
![]() Reputation: 0
Joined: 06 Jun 2013
Posts: 20
|
| Posted: Tue Jul 30, 2013 4:19 am Post subject: |
|
|
| Wiccaan wrote: | | Mind posting all the code, looks like one of your functions is overflowing into other variable space. |
Should I post the thread all the entire program? (770 Lines)
I guess you want the whole thing right?
|
|
| Back to top |
|
|
atom0s
Moderator
Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Tue Jul 30, 2013 4:28 pm Post subject: |
|
|
Yeah whole thing is fine.
_________________
- Retired. |
|
| Back to top |
|
|
DjSt3rios
Newbie cheater
![]() Reputation: 0
Joined: 06 Jun 2013
Posts: 20
|
| Posted: Wed Jul 31, 2013 5:51 am Post subject: |
|
|
Okay, it's kinda a mess, since this is my first application, I actually thought I would fail so first I tried to make it work, so variable names etc might be messy, but you can get a general idea of my knowledge etc.
EDIT: Code removed
Last edited by DjSt3rios on Sun Aug 11, 2013 12:32 pm; edited 1 time in total |
|
| Back to top |
|
|
atom0s
Moderator
Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Wed Jul 31, 2013 1:47 pm Post subject: |
|
|
If anything I'd say its probably your ReadProcessMemoryString function doing it.
_________________
- Retired. |
|
| Back to top |
|
|
DjSt3rios
Newbie cheater
![]() Reputation: 0
Joined: 06 Jun 2013
Posts: 20
|
| Posted: Wed Jul 31, 2013 2:21 pm Post subject: |
|
|
| Hmmm I don't really think so. When I was debugging my program, It was only checking key, and I never received the message to send the username, that basicly means the ReadProcessMemoryString does not run at all, yet it happens.. What should I do? Do you have any advise to give me?
|
|
| Back to top |
|
|
atom0s
Moderator
Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Wed Jul 31, 2013 2:32 pm Post subject: |
|
|
| DjSt3rios wrote: | | Hmmm I don't really think so. When I was debugging my program, It was only checking key, and I never received the message to send the username, that basicly means the ReadProcessMemoryString does not run at all, yet it happens.. What should I do? Do you have any advise to give me? |
Is your source compiled as unicode or multi-byte? I see you mix a lot of things in the src that could cause conflicts as well.
_________________
- Retired. |
|
| Back to top |
|
|
atom0s
Moderator
Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Wed Jul 31, 2013 2:40 pm Post subject: |
|
|
Some other possibilities:
Inside CheckInbox, you have:
| Code: | char text[10] = "username:";
string username = ReadUsername();
char text2[64];
sprintf(text2, "%s", username.c_str());
char text3[6] = ":key:";
char text4[30];
sprintf(text4, "%d", playerkey[0]);
char text5[5] = "\r\n";
char finalstring[100];
strcpy(finalstring, text);
strcat(finalstring, text2);
strcat(finalstring, text3);
strcat(finalstring, text4);
strcat(finalstring, text5); |
finalstring is not big enough to hold all that data if the text containers ever contain their full sizes.
ReadUsername could alone be problems.
Your best bet would be to debug the app and step through your code until the issue occurs and pinpoint where the problem is happening that way though.
You could use Cheat Engine to help find where the data is being overflowed using the 'what accesses this address' feature too.
_________________
- Retired. |
|
| Back to top |
|
|
DjSt3rios
Newbie cheater
![]() Reputation: 0
Joined: 06 Jun 2013
Posts: 20
|
| Posted: Wed Jul 31, 2013 3:19 pm Post subject: |
|
|
Hmmm, Altough these codes does not run for now, cheat engine could actually help me as you said, I will try it, although I am not sure how to proceed, but I will try it and post here! One question, Do you know if there is any program for easier/better debugging? Dev-CPP is pretty okay, but a bit weird/buggy with its debugging system.
EDIT: Hmm so, I did what you said, It seems like there is a function that writes in it, 570 times so far, and another one like 70 times. Is there any way I can find more details from that? Although that pretty much gave me an idea, the CheckKey function must be doing something, I will try to do it again but I will increase the timer, to see ifi t changes more slowly.
EDIT2: Yes CheckKey is for sure one of the problems, I tried to make it run every 100 MS and the count number increased a lot. I guess the playerkey variable which is global, when ReadProcessMemory writes in it, it also writes in Process's ID variable, but I can't understand why...
|
|
| Back to top |
|
|
atom0s
Moderator
Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Wed Jul 31, 2013 8:36 pm Post subject: |
|
|
| DjSt3rios wrote: | | Do you know if there is any program for easier/better debugging? Dev-CPP is pretty okay, but a bit weird/buggy with its debugging system. |
Oh wow.. firstly I suggest you stop using DevC++. It is extremely outdated and uses a very old version of MinGW for its compiler. If you are developing on Windows, which you are, I recommend using Visual Studio. 2012 is the latest version currently fully released. 2010 is good if you want something less resource intensive, 2013 is in beta at the moment as well. (I recommend 2012 just to stay up to date with the current version.)
You can use Visual Studio to debug easily as well.
| DjSt3rios wrote: | EDIT: Hmm so, I did what you said, It seems like there is a function that writes in it, 570 times so far, and another one like 70 times. Is there any way I can find more details from that? Although that pretty much gave me an idea, the CheckKey function must be doing something, I will try to do it again but I will increase the timer, to see ifi t changes more slowly.
EDIT2: Yes CheckKey is for sure one of the problems, I tried to make it run every 100 MS and the count number increased a lot. I guess the playerkey variable which is global, when ReadProcessMemory writes in it, it also writes in Process's ID variable, but I can't understand why... |
Probably because you are reading more than the size of the data:
unsigned long long playerkey[1];
ReadProcessMemory (keyProcess, (void*)B, &playerkey, 10, 0);
You shouldn't be reading 10 bytes for playerkey. unsigned long long is only 8 bytes long, so you are overflowing the data there.
_________________
- Retired. |
|
| Back to top |
|
|
DjSt3rios
Newbie cheater
![]() Reputation: 0
Joined: 06 Jun 2013
Posts: 20
|
| Posted: Thu Aug 01, 2013 2:55 am Post subject: |
|
|
Hmm true, but I remember when I used playerkey[10]; it was even more buggy, I don't remember exactly. Now I should tell you, I made a new project on Visual Studio 2010, and with some modifications I was able to build the project successfully, however when I try to run the application, it just doesn''t work... its icon and size looks fine, but for some reason it doesn't run... maybe I will try it on Visual Studio 2012... Thanks a lot mate, Your help is really appriciated 
Edit2: I managed to fix the issue with the application closing, but the thing is, now when I set a few breakpoints just like I did in Dev C++, when the code is about to run, I get blue screen of death. I tried it twice, both times BSOD, and I almost never get BSOD. I will make a test again without debugging, to see if the problem still exists, and maybe search for some tools or something to help fix the memory corruption
Edit3: I run the program without debugging, and seems like the memory corruption does not happen anymore... at least for now. I will see how it goes. As you said, the Dev C++ is using an old compiler, that could be the problem.
|
|
| Back to top |
|
|
atom0s
Moderator
Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Thu Aug 01, 2013 2:39 pm Post subject: |
|
|
| DjSt3rios wrote: | Hmm true, but I remember when I used playerkey[10]; it was even more buggy, I don't remember exactly. Now I should tell you, I made a new project on Visual Studio 2010, and with some modifications I was able to build the project successfully, however when I try to run the application, it just doesn''t work... its icon and size looks fine, but for some reason it doesn't run... maybe I will try it on Visual Studio 2012... Thanks a lot mate, Your help is really appriciated
Edit2: I managed to fix the issue with the application closing, but the thing is, now when I set a few breakpoints just like I did in Dev C++, when the code is about to run, I get blue screen of death. I tried it twice, both times BSOD, and I almost never get BSOD. I will make a test again without debugging, to see if the problem still exists, and maybe search for some tools or something to help fix the memory corruption
Edit3: I run the program without debugging, and seems like the memory corruption does not happen anymore... at least for now. I will see how it goes. As you said, the Dev C++ is using an old compiler, that could be the problem. |
Doing things like: playerkey[10] wont really fix the problem. You aren't increasing the size of the data, you are creating an array doing that. I think the issue might be with all the different data types you are using and converting between.
unsigned long long is 8 bytes long, unless you absolutely need 8 bytes and are sure the player key is that long, perhaps you should look into debugging the target and seeing if it really is 8 bytes long. Seeing the names in the code I assume you are targeting Lineage 2 and making a sort of anti-cheat for it. L2 is 32bit so I don't see them using 8 byte storage for things like that.
In case you are unsure:
unsigned long long = 8 bytes
unsigned long = 4 bytes
unsigned short = 2 bytes
unsigned char = 1 byte
double = 8 bytes
float = 4 bytes
As for the BSOD, L2 has GameGuard/nProtect doesn't it? Perhaps you are triggering that to cause the BSOD.
_________________
- Retired. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
