Thread: ReadProcessMemory?

Link to libcomctl.a or comctl.lib.

you should link your project to ComCtl32.lib

Program runs now. I have 3 lines appear in the list box reading something like this:

ÌÌÌÌÌÌÌÌ&# 204;ÌÌÌÌÌÌÌ&#20 4;ÌÌÌÌÌÌÌ
ÌÌÌÌÌÌÌÌ&# 204;ÌÌÌÌÌÌÌ&#20 4;ÌÌÌÌÌÌÌ
ÌÌÌÌÌÌÌÌ&# 204;ÌÌÌÌÌÌÌ&#20 4;ÌÌÌÌÌÌÌ

Whats goin on? lol

Oops, 32 at the end...

What code did you compile?
The one you posted or the one someone else posted?

I compiled bobs327's code he gave me, not the one I am making.

Whats goin on? lol

Did you first execute the remote app? This will display a hex value in the middle of the window. You must now set the DWORD variable iAddress found in util.cpp to this hex value and then create the util.exe by running the resource compiler and the linking the compilation of util.cpp with util.res.

Now, be sure that the remote.exe is up and running. That's the app which displays the hex value in the middle of the screen. Execute util.exe when you are sure the remote app is running.

Got it to work! Didn't know you had to run remote app first.

Now how would I incorporate that to my program? Here's some information that might be useful:

In Halo Trial, the max playername can be up to 11 characters, but in memory, there are 00's placed inbetween each value so it would be 22 values instead of 11.

Example [My name in halo trial]

Code:

¯®³_¬Silent

In hex, in Halo Trial memory, it translates to:

Code:

AF 00 AE 00 B3 00 5F 00 AC 00 53 00 69 00 6C 00 65 00 6E 00 74 00

In Halo Trial memory, the first byte of player1's[host], is located at 004BD7AFD0 [in hex]. The first byte of players2 name is 200 bytes after that. Which means player2's first byte of his name is located at 004BD7B1D0. Player3 would be 200 bytes after that and so on. Max number of players in a single server is 16.

The window name of Halo Trial is "Halo".

Also I need the listbox to refresh the names as players enter and leave the server.

I think that's it. I'm not asking you to write my program for me [unless you want to], but just tell me how and if I can edit the code you gave me to do this. Thanks!

For starters, your DoListboxProcess function would probably be similiar to this:

Code:

BOOL CALLBACK DoListboxProcess(HWND hDlg, UINT message, WPARAM wParam, LPARAM lParam)
{
    HWND hwnd;           
    DWORD pid;
    HANDLE process;

    int x, y, z;
    DWORD iAddress = 0x4BD7AFD0;
    DWORD dummy = 0;
    unsigned char value[200];
    char outvalue[22];

    switch (message) {
        case WM_INITDIALOG:

            hwnd=FindWindow(NULL, "Halo");
            SendDlgItemMessage(hDlg, IDC_PLAYERLIST,  LB_RESETCONTENT, 0, 0);
            GetWindowThreadProcessId(hwnd, &pid);
            process = OpenProcess(PROCESS_VM_READ
                |PROCESS_VM_WRITE|     
                PROCESS_VM_OPERATION    
                |PROCESS_QUERY_INFORMATION, 
                FALSE, pid);
            for(x = 0; x < 16;x++)
            {
                ReadProcessMemory(process    // handle to the process
                    ,(void*) iAddress,     // address to start reading
                    (void*) &value,        // address of buffer to place read data
                    sizeof(value)          // number of bytes to read
                    ,&dummy);              // number of bytes read
                z = 0;
                for(y = 10; y < 22; y+=2)
                {
                    outvalue[z++] = value[y];
                }
                outvalue[11] = '\0';
                SendDlgItemMessage(hDlg, IDC_PLAYERLIST, LB_ADDSTRING, 0, (LPARAM)outvalue);
                iAddress += sizeof value;
            }               
            return (TRUE);
        case WM_COMMAND:

            if (LOWORD(wParam) == IDOK ||LOWORD(wParam)== IDCANCEL  ) {
                EndDialog(hDlg, TRUE);
                return (TRUE);
            }
            break;
    }
    return FALSE;
}

Be absolutely sure that 0x4BD7AFD0 is the correct address of the remote variables that you wish to access. If it isn't correct, you'll end up with garbage.

The listbox refresh is just a matter of using a timer.

I haven't tested this snippet. That's up to you.

Good luck!

I had to change a few things around but it works now! THANK YOU SO MUCH!!!!!!! AHH I DON'T KNOW HOW TO REPAY YOU!!!!

Can't open the dialog window to edit! Why is this? What do I need?

Assuming that you want to select an item from the list box for editing. Left button double click selects the item.

Code:

case WM_COMMAND:
	if(LOWORD(wParam) == IDC_PLAYERLIST && HIWORD(wParam) == LBN_DBLCLK)
	{
		iLBCurSelection = SendMessage((HWND)lParam, LB_GETCURSEL, 0, 0); 
		memset(szBuffer, 0, sizeof(szBuffer));
		SendMessage((HWND)lParam, LB_GETTEXT, (LPARAM)iLBCurSelection, (WPARAM)szBuffer);
		MessageBox(NULL, szBuffer, "We selected from List Box",MB_OK);
	}
if (LOWORD(wParam) == IDOK ||LOWORD(wParam)== IDCANCEL  )
{
	EndDialog(hDlg, TRUE);
	return (TRUE);
}
break

;

I would do that, but I can't even get to the dialog window in VC++. When I doubleclick util.rc, dialog window will not show up. When I double click util.cpp, the code window shows up. I can't even edit util.rc, I had to go into DEVC++ to do it.

I got it to work. I had the wrong file extension attached to my project. Had to change it back from .res to .rc for some reason to edit the dialog?