Cheat Engine

[Cyperium]

I would like to use the functions to scan the memory in c.

I haven't found any c source that can read/write to memory of another process as your program does, many sources I've found is way too complicated for me.

I use a different programming language altogether (QB64) which can include C code (as functions) so I was planning on making C functions to read/write memory of a different process and using them within QB64.

I've tried to study your code but I don't understand delphi, so I was wondering if there is some easy to use C example of some of the fundamental aspects (like reading/writing a byte of memory). It could also be useful to the developer of QB64.

Nice program btw, I used GameHack with Windows 98 back in the days and it was great fun, now I can have the same fun again!

[Slugsnack]

Read/WriteProcessMemory()

[Krähne]

You should read the Cheat Engine 1.3 source code, can help so much, because... is fucking easy to understand... (i mean, you doesn't has to be a delphi programmer for get it).

You also has to read something about the Win32 API and... you'll be ready. (Pinvoke.net should be enough).

[Cyperium]

Thanks, yes Read/WriteProcessMemory works but is way too complicated as you can't just read/write to any process as you would think, instead you have to do a lot of work before you get the ability to change anything or find any value. In my opinion it would be better if someone constructed a simple function to do this for you instead of having to override the manic security settings all the time. After all, isn't that what functions are for so you don't have to reinvent the wheel all the time?

I came this far, and was able to read but not write, and since I couldn't write I couldn't be certain what I read was correct either:

[atom0s]

[Cyperium]

ReadProcessMemory isn't too complicated.

OpenProcess isn't too complicated.

I can do all that, I just open it with PROCESS_ALL_ACCESS and the handle to it is retrieved.

BUT the documentation must be wrong, cause I STILL can't read the correct addresses or change them, so what do I do? Well, what I did was find a page that said how the priviliges had to be changed for the process. So I change the priviliges and hope it will work then (and mind you; I've tried many types of variables and HANDLE was the one it could take) but it DIDN'T work.

I've been trying to read/write to process memory for years and I can't seem to understand it, so instead of directing me to everywhere else like some **** telephone company give me some straight answers...

At least direct me to ANY site that shows SIMPLISTICALLY how it should be done, OR tell me what I can do to change my code so that it works! Do I really need a 1000 lines program to read a byte??

[atom0s]

[Cyperium]

Sorry for the attitude, I'm just frustrated that it doesn't work as suspected.

Seriously though, since as you say PROCESS_ALL_ACCESS doesn't work as intended then the documentation is indeed wrong.

Also; the official documentation on OpenProcess states:

"To open a handle to another local process and obtain full access rights, you must enable the SeDebugPrivilege privilege. For more information, see Changing Privileges in a Token."

So it basically tells me to set privileges and you tell me not to. Still you tell me to trust the documentation? (not meant as a attitude but simply a fair question).

Perhaps you mean that I don't need full access rights and only need to use PROCESS_VM_READ and PROCESS_VM_WRITE?

I will try that and get back to you. One last thing, QB64 isn't meant for x64 only, it can run on both 32-bit and 64-bit systems (and on Linux and MacOSX but my function isn't meant to be compatible with those systems).

I can get by pretty good by trial&error if only the function I'm creating is simple enough (which this should be, it's not like I'm creating a rocket, I just want to read and write a byte from another process memory, at least at this stage of the project, I just need a stepping stone).

I've also used API to great extent in VB 5.0 (yeah it was a long time ago) and this was when I first tried to read/write to another process memory. I created a program called WinlOOk which could manipulate the windows in many ways, including editing the text on the title bar, enable/disable windows, hide/show windows, I even made a function that would "kidnap" a window by changing it's parent ;D, it was a fun program to make and I still have use for it today! So I'm not really a beginner in API, I'm more of a beginner in C and I haven't got Read/WriteProcessMemory to work correctly for me yet so you could say I'm a beginner at that particular area as well.

[atom0s]

I'm saying not to use PROCESS_ALL_ACCESS because the flags changed across OS versions. The flag changed between XP and Vista/Win7:

[Cyperium]

Ok, thanks. I usually make my own program so I know what to look for, so there shouldn't be any access problems.

I think that beginners might have a hard time to understand this, since there are so many pitfalls. If I succeed in making this program I will try to document it so that others in my situation will know what to do, cause usually when I search for sources they are way to complicated to be easily dissected into just the basic parts that build everything. It's those parts that I'm after, the foundation (I guess I'm being a bit too philosophical about this, but that's the way I perceive it).

Anyway, thanks again!

[atom0s]

[Slugsnack]

Btw the docs actually state not to use PROCESS_ALL_ACCESS:
http://msdn.microsoft.com/en-us/library/ms684880(v=vs.85).aspx