Hey,
I'm messing around with reading values from another already running process, for testing, I'm reading the mouse x and y coordinates of warcraft III. Now, using Cheat Engine, i found the address, which is 0x09A103C0 and 0x09A103C4, and i made a small testing app, and it all works fine. My problem is, it only works if i find the address beforehand, since the address changes from computer to computer. Now what i wanted to do was look up the address by finding a region around the address that might be static, and i think i managed to do that, but now i don't know where to begin, in the whole search aspect.
Here's the app:
Code:
void EnableDebugPriv(void)
{
HANDLE hToken;
LUID sedebugnameValue;
TOKEN_PRIVILEGES tkp;
OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken);
LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &sedebugnameValue);
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Luid = sedebugnameValue;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(tkp), NULL, NULL);
CloseHandle(hToken);
}
int _tmain(int argc, _TCHAR* argv[]) {
HWND hWnd;
HANDLE hProcess;
unsigned long pID, tID;
float valx, valy;
EnableDebugPriv();
hWnd = FindWindow(L"Warcraft III", L"Warcraft III");
if(hWnd) {
printf("hWnd: %i (OK)\n", hWnd);
} else {
printf("hWnd: %i (Err: %i)\n", hWnd, GetLastError());
system("pause");
return GetLastError();
}
GetWindowThreadProcessId(hWnd, &pID);
if(pID) {
printf("pID: %i (OK)\n", pID);
} else {
printf("pID: %i (Err: %i)\n", pID, GetLastError());
system("pause");
return GetLastError();
}
hProcess = OpenProcess(PROCESS_VM_READ, false, pID);
if(hProcess) {
printf("hProcess: %i (OK)\n", hProcess);
} else {
printf("hProcess: %i (Err: %i)\n", hProcess, GetLastError());
system("pause");
return GetLastError();
}
ReadProcessMemory(hProcess, (LPVOID)0x09A103C0, &valx, sizeof(float), NULL);
ReadProcessMemory(hProcess, (LPVOID)0x09A103C4, &valy, sizeof(float), NULL);
printf("fValX: %f (OK)\n", valx);
printf("fValY: %f (OK)\n", valy);
system("pause");
return 0;
}
And here's the pattern i found
Code:
//Prefix
00 00 00 00 E4 8D 70 6F 00 00 00 00 A8 F3 45 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
01 00 00 00 04 00 00 00 04 00 00 00 38 8A 7D 04
04 00 00 00 04 00 00 00 28 FA 9F 04 04 00 00 00
04 00 00 00 C8 64 80 04 04 00 00 00 04 00 00 00
78 1E 80 04 04 00 00 00 04 00 00 00 90 15 80 04
02 00 00 00 04 00 00 00 04 00 00 00 D8 01 D1 07
04 00 00 00 04 00 00 00 30 1D D1 07 04 00 00 00
04 00 00 00 48 1D D1 07 00 00 00 00 00 00 00 00
FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00
< fMouseX > < fMouseY > ?? ?? ?? ?? ?? ?? ?? ??
//Suffix
00 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00
01 00 00 00 60 01 84 04 2C 0F 3B 04 00 11 3B 04
80 00 0D 0A 00 00 00 00 E4 8D 70 6F 00 00 00 00
A8 F3 45 00 00 00 00 00 01 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
08 00 00 00 08 00 00 00 90 00 DD 09 00 00 00 00
So, as stated earlier, i don't know what to do, to search the memory, or even where to begin. I did some google searching but i didn't manage to find anything. A link to a guide or tutorial would be cool, or just some hints to what i could try.
Anyways, thanks in advance.
- MindWorX