C++

Forum

 
Finding memory address.

astro (6)
Greetings mortals.

what i am about to ask might sound a Like its been asked before, but its not...
i need to change the value of a memory address.

say the process name is: "bobdole.exe" (not the same process as the application it self)
memory address: "04A96990"
memory type: "float"

i already know how to do this:

i found this code on the internet, and managed to fixed it with some help.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
 
#include <windows.h>
#include <tlhelp32.h>
#include <conio.h>
#include <stdlib.h>
#include <stdio.h>

bool ChangeMemVal(const char * ProcessName, LPVOID MemAddress, int NewVal, int size);

int main()
{
     printf("=== Pinball Trainer Example. Made by <your name here> ===\n\n");
     if(ChangeMemVal("PINBALL.EXE", (void*) 0xA90C62, 100000000, 4))
          printf("The score has been edited successfully.\n");
     else
          printf("An error occured while attempting edit the score.\n");
     system("PAUSE");
     return 0;
}


/* This function modifys a memory address according to its arguments.
   Arguments :
             ProcessName - the process we want to modify
             MemAddress - the memory address we want to modify
             NewVal - the value we want to change the memory address to
             size - the size of the memory address
   Returns :
           the success of the edit.
   */


bool ChangeMemVal(const char * ProcessName, LPVOID MemAddress, int NewVal, int size)
{
     HANDLE hProcessSnap;
     HANDLE hProcess = NULL;
     PROCESSENTRY32 pe32;    
     hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
     pe32.dwSize = sizeof( PROCESSENTRY32 );
     Process32First(hProcessSnap, &pe32);
     do
     {          
          if(!strcmp(pe32.szExeFile, ProcessName))
          {
               hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID);
               break;
          }
     }
     while(Process32Next(hProcessSnap, &pe32));
     CloseHandle( hProcessSnap );
     if(hProcess != NULL)
     {
          WriteProcessMemory(hProcess, MemAddress, &NewVal, size, NULL);     // write the value          
          CloseHandle(hProcess);    
          return true;
     }    
     return false;
}



the problem is that the address, sometimes don't stay the same. some addresses change every time the program starts.
i know this requires that we know what writes to that address. lets say we know what writes to that address. how would i go about to change this code and make it follow the thing that writes to this address and figure out the address. then change it.
simplified: address a writes to address b we know wat a is. we try to find b by knowing that a writes to it

i hope i made sense.

any help would be greatly appreciated.

Last edited on
Topic archived. No new replies allowed.