 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Mitch25
How do I cheat?
![]() Reputation: 0
Joined: 25 Aug 2013
Posts: 7
|
 Posted: Sun Aug 25, 2013 2:20 pm Post subject: C# How to correctly use a DLL base address? |
 |
|
Hi guys, I'm attempting to read a float within a game.
Looking in CE I can locate the address I need, however it's at wow64cpu.dll + 4720, with an offset of 34.
As such I've tried finding the base address of the wow64cpu.dll in the process, but this is where I'm confused.
I don't understand how to now use this address, and all my attempts seem to be way off.
How exactly do I use the DLL's base address and combine that with the +4720 and the offset.
Thanks for any help, code is below:
| Code: |
Process[] processes = Process.GetProcessesByName("Napoleon");
Process process = processes[0];
ProcessModuleCollection modules = process.Modules;
ProcessModule dllBaseAdress = null;
foreach (ProcessModule i in modules)
{
if (i.ModuleName == "wow64cpu.dll")
{
dllBaseAdress = i;
break;
}
}
IntPtr dllPtr = dllBaseAdress.BaseAddress;
int pointer = dllPtr.ToInt32() + 0x4720;
int offset = 34;
IntPtr hProc = OpenProcess(ProcessAccessFlags.All, false, process.Id);
int bytesRead;
byte[] buffer = new byte[4];
ReadProcessMemory(hProc, new IntPtr(pointer + offset), buffer, 4, out bytesRead);
float lightColourScale = BitConverter.ToSingle(buffer, 0);
|
|
|
| Back to top |
|
 |
661089799107
Expert Cheater
![]() Reputation: 3
Joined: 25 Jan 2009
Posts: 186
|
| Posted: Sun Aug 25, 2013 4:02 pm Post subject: |
|
|
You are only doing one read. Two are needed in this case.
Read(Read(moduleBaseAddress + 0x4720) + 0x34); |
|
| Back to top |
|
|
Mitch25
How do I cheat?
![]() Reputation: 0
Joined: 25 Aug 2013
Posts: 7
|
| Posted: Sun Aug 25, 2013 4:22 pm Post subject: |
|
|
But what am I meant to be getting from the first read then?
Should the byte array read from the first read be cast into an IntPtr that the second read needs as the address? |
|
| Back to top |
|
|
661089799107
Expert Cheater
![]() Reputation: 3
Joined: 25 Jan 2009
Posts: 186
|
| Posted: Sun Aug 25, 2013 5:21 pm Post subject: |
|
|
The result from the first read is the address of your desired value. So then you need to read from that address to get your value.
Edit: I've never used C# so hopefully the code below is correct. Below code would only work for 32 bit addresses, but as your target is wow64cpu.dll it doesn't look like that will be an issue.
| Code: |
byte[] buffer = new byte[4];
ReadProcessMemory(hProc, (IntPtr)moduleBaseAddress+0x4720, buffer, 4, out bytesRead);
ReadProcessMemory(hProc, (IntPtr) BitConverter.ToInt32(buffer, 0)+0x34, buffer, 4, out bytesRead);
float lightColourScale = BitConverter.ToSingle(buffer, 0);
|
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
