KnifeOnlyI
How do I cheat?
![]() Reputation: 0
Joined: 01 Feb 2021
Posts: 2
|
 Posted: Mon Feb 01, 2021 11:37 am Post subject: Problem with base module address (C++) |
 |
|
Hi everyone,
(Sorry for my english, I'm french, I'll do my best... Especially without translator)
I'm here because I have a problem to fetch a module base address (for tests, I use a game and Cheat engine to compare C++ results).
The problem is probably related to 32/64bit application, but I can't find it.
I already change the DWORD to DWORD_PTR.
I suppose the game is a 32bit build. Because the register can found are theses : eax, esi and not rax, rsi.
Here is my code function to get a base address of the specified proccess pid and name :
| Code: |
DWORD_PTR ProcessService::getModuleBaseAddress(DWORD_PTR pid, const std::string &name)
{
DWORD_PTR modBaseAddr {0};
HANDLE hSnap {CreateToolhelp32Snapshot(TH32CS_SNAPMODULE | TH32CS_SNAPMODULE32, pid)};
if (hSnap != INVALID_HANDLE_VALUE)
{
MODULEENTRY32 modEntry;
modEntry.dwSize = sizeof(modEntry);
if (Module32First(hSnap, &modEntry))
{
do
{
const std::string curModuleName {modEntry.szModule};
if (name == curModuleName)
{
modBaseAddr = reinterpret_cast<DWORD_PTR>(modEntry.modBaseAddr);
break;
}
} while (Module32Next(hSnap, &modEntry));
}
}
CloseHandle(hSnap);
return modBaseAddr; // 0x400000, this value is probably wrong because 32/64bit problem ?
}
|
And here, my code to perform calculation on address + offsets :
| Code: |
DWORD_PTR Process::getAddressFromOffsets(DWORD_PTR virtualAddress, const std::vector<unsigned int> &offsets) const
{
// _address = 0x400000
// _virtualAddress = 0x1100F8
DWORD_PTR addr {_address + virtualAddress}; // Results = 0x5100f8
int i {0};
for (unsigned int offset : offsets)
{
// Find which address is pointed by *addr pointer
ReadProcessMemory(_handle, (DWORD_PTR *) addr, &addr, sizeof(addr), nullptr);
// Add offset to address to find the next pointer
addr += offset;
i++;
}
return addr;
}
|
Output results (I remove in the above code to not hide the "real" code):
| Quote: |
"game.exe" + 1100f8 -> 80c252868
[80c252868 + 438] -> 80c252868
[80c252ca0 + 1f0] -> 80c252ca0
[80c252e90 + 18] -> 80c252e90
[80c252ea8 + 1dc] -> 80c252ea8
[80c253084 + 8] -> 80c253084
[80c25308c + 150] -> 80c25308c
|
Cheat engine results are in attachement.
I know it's a very common problem, but after a days of research, I failed to solve myself...
Thanks for the help.
| Description: |
|
| Filesize: |
16.39 KB |
| Viewed: |
1124 Time(s) |
|
Last edited by KnifeOnlyI on Tue Feb 02, 2021 4:43 am; edited 1 time in total |
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
Reputation: 205
