Get the absolute address of a value
Hi, I want to get the absolute address of a value of a program. I don't know how to do this, but I think I've seen somewhere that I can do that with knowing what is the first address of the program in memory and then using a program like cheat engine to discover the offset of the address I want using the value it has to find it. Am I correct? If so, do you know any guide related to this I could use? If not, how can I do this?
Last edited on
There is no "offset" or something. Each program can use whole address space. What it will get depends on system memory allocator.
What you can do, is to find some address on stack and try to find offsets of other values on stack (making sure that you will not try to access variable outside of its lifetime).
Note that you can only find stack variables that way (usually local variables in program)
What you can do, is to find some address on stack and try to find offsets of other values on stack (making sure that you will not try to access variable outside of its lifetime).
Note that you can only find stack variables that way (usually local variables in program)
I'm a begginer and you see me very confused. Do you know any good guide on this technique?
If you want address of some value in the program you can use operator&
If you want to read other processes memory, you need to use system API:
http://msdn.microsoft.com/en-us/library/ms680553%28VS.85%29.aspx
Or use http://en.wikipedia.org/wiki/Windows_Driver_Kit
|
|
If you want to read other processes memory, you need to use system API:
http://msdn.microsoft.com/en-us/library/ms680553%28VS.85%29.aspx
Or use http://en.wikipedia.org/wiki/Windows_Driver_Kit
Topic archived. No new replies allowed.