astropirit
09-19-2008, 11:27 AM
Hi all
i have been having this annoying problem. I can change th value of an memory address. the problem is tha the memory address changes every time the application restarts. Now i figured i would need to use a pointer. So i found a pointer that points to this address, but it has an offset.
lets say the address is: "04A96990"
and the offset is: "A0"
and lets say this points to...:"07b96964" // this is the address i want to modify.
How might one change this code to make it take advantage of the pointer and find the address and be able to modify it.
#include <windows.h>
#include <tlhelp32.h>
#include <conio.h>
#include <stdlib.h>
#include <stdio.h>
bool ChangeMemVal(const char * ProcessName, LPVOID MemAddress, int NewVal, int size);
int main()
{
printf("=== Pinball Trainer Example. Made by <your name here> ===\n\n");
if(ChangeMemVal("PINBALL.EXE", (void*) 0xA90C62, 100000000, 4))
printf("The score has been edited successfully.\n");
else
printf("An error occured while attempting edit the score.\n");
system("PAUSE");
return 0;
}
/* This function modifys a memory address according to its arguments.
Arguments :
ProcessName - the process we want to modify
MemAddress - the memory address we want to modify
NewVal - the value we want to change the memory address to
size - the size of the memory address
Returns :
the success of the edit.
*/
bool ChangeMemVal(const char * ProcessName, LPVOID MemAddress, int NewVal, int size)
{
HANDLE hProcessSnap;
HANDLE hProcess = NULL;
PROCESSENTRY32 pe32;
hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
pe32.dwSize = sizeof( PROCESSENTRY32 );
Process32First(hProcessSnap, &pe32);
do
{
if(!strcmp(pe32.szExeFile, ProcessName))
{
hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID);
break;
}
}
while(Process32Next(hProcessSnap, &pe32));
CloseHandle( hProcessSnap );
if(hProcess != NULL)
{
WriteProcessMemory(hProcess, MemAddress, &NewVal, size, NULL); // write the value
CloseHandle(hProcess);
return true;
}
return false;
}
Help would be greately apreciated.
Astro
i have been having this annoying problem. I can change th value of an memory address. the problem is tha the memory address changes every time the application restarts. Now i figured i would need to use a pointer. So i found a pointer that points to this address, but it has an offset.
lets say the address is: "04A96990"
and the offset is: "A0"
and lets say this points to...:"07b96964" // this is the address i want to modify.
How might one change this code to make it take advantage of the pointer and find the address and be able to modify it.
#include <windows.h>
#include <tlhelp32.h>
#include <conio.h>
#include <stdlib.h>
#include <stdio.h>
bool ChangeMemVal(const char * ProcessName, LPVOID MemAddress, int NewVal, int size);
int main()
{
printf("=== Pinball Trainer Example. Made by <your name here> ===\n\n");
if(ChangeMemVal("PINBALL.EXE", (void*) 0xA90C62, 100000000, 4))
printf("The score has been edited successfully.\n");
else
printf("An error occured while attempting edit the score.\n");
system("PAUSE");
return 0;
}
/* This function modifys a memory address according to its arguments.
Arguments :
ProcessName - the process we want to modify
MemAddress - the memory address we want to modify
NewVal - the value we want to change the memory address to
size - the size of the memory address
Returns :
the success of the edit.
*/
bool ChangeMemVal(const char * ProcessName, LPVOID MemAddress, int NewVal, int size)
{
HANDLE hProcessSnap;
HANDLE hProcess = NULL;
PROCESSENTRY32 pe32;
hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
pe32.dwSize = sizeof( PROCESSENTRY32 );
Process32First(hProcessSnap, &pe32);
do
{
if(!strcmp(pe32.szExeFile, ProcessName))
{
hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID);
break;
}
}
while(Process32Next(hProcessSnap, &pe32));
CloseHandle( hProcessSnap );
if(hProcess != NULL)
{
WriteProcessMemory(hProcess, MemAddress, &NewVal, size, NULL); // write the value
CloseHandle(hProcess);
return true;
}
return false;
}
Help would be greately apreciated.
Astro