| View previous topic :: View next topic |
| Author |
Message |
abystus
Expert Cheater
 Reputation: 1
Joined: 09 Dec 2010
Posts: 140
|
 Posted: Thu Jun 13, 2013 12:20 am Post subject: MainModule.BaseAddress "Access is Denied" |
 |
|
So I'm wanting to monitor some addresses in World of Warcraft (old build/private server) such as health, mana, x, y, z, etc... using the following code before I call ReadProcessMemory:
| Code: |
Process[] CurrentProcesses = Process.GetProcessesByName("Wow");
if (CurrentProcesses.Length > 0)
{
OpenProcess(0x1F0FFF, false, CurrentProcesses[0].Id); //<-- Open Full Access.
WowProcess = CurrentProcesses[0].MainWindowHandle; //<-- Get Handle.
BaseAddress = (int)CurrentProcesses[0].MainModule.BaseAddress; //<-- "Access is Denied" error here.
}
|
The problem lies with getting the base address, and errors out with "Access is Denied".
Things to know:
| Code: | -Windows 8 64 bit, but the application is set to build x86 along with the game being x86.
-I am on an Administrator account.
-I've tried running both the game and app as administrator.
-No other application has a lock on the process.
-Have tried opening with just read access instead of all, but the same error persists.
-I've been googling for a while now trying different "fixes" (tokens, setting debug mode on the process, etc), but have not resolved the issue. |
It seems cheat engine has no problems reading this information from the game, so I'm wondering how it was done. Also, I am aware this is an online multiplayer game (though be it a 1.12.1 Vanilla Wow client that has been out of circulation since 2006), but I am only wanting to read the memory, not alter it in any sort of way. Any help is appreciated.
|
|
| Back to top |
|
 |
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Thu Jun 13, 2013 3:44 am Post subject: |
|
|
Is your WoW install 32bit or 64bit?
In either case your application you are creating needs to match what WoW is to return proper results. Also there is no need for OpenProcess in .NET, the process class exposes a fully qualified handle using .Handle.
_________________
- Retired. |
|
| Back to top |
|
|
abystus
Expert Cheater
Reputation: 1
Joined: 09 Dec 2010
Posts: 140
|
| Posted: Thu Jun 13, 2013 8:56 am Post subject: |
|
|
| Wiccaan wrote: | Is your WoW install 32bit or 64bit?
In either case your application you are creating needs to match what WoW is to return proper results. Also there is no need for OpenProcess in .NET, the process class exposes a fully qualified handle using .Handle. |
The WOW client is a 32 bit application. The project is set to compile x86 as well. The OpenProcess line was an attempt at getting around the "Access is Denied" error (usually it's some sort of permission problem), though it didn't seem to help in this case. I get the process handle just fine using MainWindowHandle, as I have used it for other things outside of getting the baseaddress. Is there something missing from my code that may prevent this error from happening when trying to retrieve the baseaddress of the WOW process?
|
|
| Back to top |
|
|
Dark Byte
Site Admin
 Reputation: 471
Joined: 09 May 2003
Posts: 25824
Location: The netherlands
|
| Posted: Thu Jun 13, 2013 9:30 am Post subject: |
|
|
did you launch your app by rightclicking and choosing "Run as admin..."
Just running with an admin account doesn't always make it run as admin
Also, you may need to give your app the SeDebugging right.
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
abystus
Expert Cheater
Reputation: 1
Joined: 09 Dec 2010
Posts: 140
|
| Posted: Thu Jun 13, 2013 9:45 am Post subject: |
|
|
| Dark Byte wrote: | did you launch your app by rightclicking and choosing "Run as admin..."
Just running with an admin account doesn't always make it run as admin
Also, you may need to give your app the SeDebugging right. |
I start both applications (WOW, My App) with the right-click>Run as Administator and got the same error on attempting to get the base address. I have read about the token SeDebug setup, though I haven't gotten to get it completely implemented yet (was late when I started the project). How is Cheat Engine able to to do it (I'd assume your using the SeDebug)? I will give it a shot when I get home and report back on my findings.
|
|
| Back to top |
|
|
atom0s
Moderator
Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Thu Jun 13, 2013 9:46 am Post subject: |
|
|
Might just be Warden blocking the calls to obtain a handle and obtain module information then.
(In case you don't know, Wardren is Blizzards anti-cheat that WoW uses that runs hidden in the background of the game while you play.)
_________________
- Retired. |
|
| Back to top |
|
|
abystus
Expert Cheater
Reputation: 1
Joined: 09 Dec 2010
Posts: 140
|
| Posted: Thu Jun 13, 2013 2:12 pm Post subject: |
|
|
| Wiccaan wrote: | Might just be Warden blocking the calls to obtain a handle and obtain module information then.
(In case you don't know, Wardren is Blizzards anti-cheat that WoW uses that runs hidden in the background of the game while you play.) |
It could be, but I would assume it only blocks writes if anything. Hell it might not even block writing, but may just report back to Blizzard to flag your account (which I'm not on a live server so I'm not really concerned). I've seen several other applications connect and read from this process including Cheat Engine, so undoubtedly it's possible. I will give the debug setup a shot, and worst case scenario inspect the Cheat Engine source to see what magic Dark Byte is performing to be able to access it (unless he's reading this and can just tell me lol).
|
|
| Back to top |
|
|
Corruptor
Advanced Cheater
![]() Reputation: 3
Joined: 10 Aug 2011
Posts: 82
|
| Posted: Fri Jun 14, 2013 12:05 pm Post subject: |
|
|
Opening a process with some flags requires you to have specific rights, some of them which you don't simply get by having your program opened as admin. PROCESS_VM_READ and WRITE are one of those flags, which you will need the SeDebugPrivilege for. (which makes sense, as there is very limited use in writing into another processes memory except for debugging purposes).
Take a look at http://support.microsoft.com/kb/131065 if you don't know how to do that.
|
|
| Back to top |
|
|
Screitor
Cheater
![]() Reputation: 1
Joined: 26 Nov 2012
Posts: 33
Location: Venezuela
|
| Posted: Fri Jun 14, 2013 1:18 pm Post subject: |
|
|
Can you get that address from another processes?
_________________
Everybody lies. |
|
| Back to top |
|
|
abystus
Expert Cheater
Reputation: 1
Joined: 09 Dec 2010
Posts: 140
|
| Posted: Fri Jun 14, 2013 3:07 pm Post subject: |
|
|
| Corruptor wrote: | Opening a process with some flags requires you to have specific rights, some of them which you don't simply get by having your program opened as admin. PROCESS_VM_READ and WRITE are one of those flags, which you will need the SeDebugPrivilege for. (which makes sense, as there is very limited use in writing into another processes memory except for debugging purposes).
Take a look at http://support.microsoft.com/kb/131065 if you don't know how to do that. |
I'll check this out when I get home. Thanks for the info/link.
|
|
| Back to top |
|
|
atom0s
Moderator
Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Fri Jun 14, 2013 3:29 pm Post subject: |
|
|
You can use the following in .NET to handle the debug token:
System.Diagnostics.Process.EnterDebugMode();
_________________
- Retired. |
|
| Back to top |
|
|
abystus
Expert Cheater
Reputation: 1
Joined: 09 Dec 2010
Posts: 140
|
| Posted: Fri Jun 14, 2013 3:36 pm Post subject: |
|
|
| Screitor wrote: | | Can you get that address from another processes? |
Yep, works fine for just about any other process I target. I've made a few code alterations since then that I'll be updating this post with when I get home (at work) that got me a little closer (along with running as administrator). I would like to find a way around having to do that though (running as administrator) as it becomes annoying (not to mention other applications don't have to do it such as Cheat Engine).
|
|
| Back to top |
|
|
Screitor
Cheater
![]() Reputation: 1
Joined: 26 Nov 2012
Posts: 33
Location: Venezuela
|
| Posted: Tue Jun 18, 2013 11:12 pm Post subject: |
|
|
| Abystus wrote: | | Screitor wrote: | | Can you get that address from another processes? |
Yep, works fine for just about any other process I target. I've made a few code alterations since then that I'll be updating this post with when I get home (at work) that got me a little closer (along with running as administrator). I would like to find a way around having to do that though (running as administrator) as it becomes annoying (not to mention other applications don't have to do it such as Cheat Engine). |
Hmm, have you tried to do the same thing, with C/C++?
_________________
Everybody lies. |
|
| Back to top |
|
|
logical_operator
How do I cheat?
![]() Reputation: 1
Joined: 17 Jun 2013
Posts: 5
|
| Posted: Wed Jun 19, 2013 4:51 am Post subject: |
|
|
Foreword: I know very little about C#/.NET.
Now, I had a quick look at this Process class and as far as I can tell, you're misusing it.
After using the GetProcessesByName constructor, I'm under the impression that it already gains access to each found process through use of OpenProcess as the Process class seems to have a Handle member. With that said, your attempts at accessing MainWindowHandle are misguided as that's grabbing the process' main HWND.
So, with that said, calling OpenProcess is superfluous and pointless, especially since you're not using the handle provided to you after calling OpenProcess.
My guess is that Wiccaan is right and that you need to call Process::EnterDebugMode before attempting to do anything with the process. Even after this, though, I'm not sure what privileges are requested with the handle, so I'd suggest calling OpenProcess yourself and then calling GetModuleInformation while providing NULL for the second parameter.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
