hooking into a window and peeking/poking memory
in [Visual Studio]
|
From: Dee Earley on 28 Jul 2010 04:22 On 27/07/2010 19:58, Nobody wrote: > "5k3105"<christianlott1(a)yahoo.com> wrote in message > news:9caa98d0-04de-4d7e-ae63-9dd568f32164(a)m1g2000vbh.googlegroups.com... >> I want to open a game program of mine running in an windows emulator >> and read and write directly to offsets in that memory space. So I need >> the base address of the process/window. >> >> If I start it from my program maybe it will be easier to get the base >> address? >> >> I already have a program that will allow me to scroll the memory space >> in hex I just need a way to get the base address. > > Dependency Walker shows the base address. Only the requested base address of that module. The loader is free to relocate that wherever it wants in the processes space (unless explicitly asked not to) That still won't give an address for stuff that is loaded at runtime though. -- Dee Earley (dee.earley(a)icode.co.uk) i-Catcher Development Team iCode Systems (Replies direct to my email address will be ignored. Please reply to the group.)
From: Mike Williams on 28 Jul 2010 05:50 "Karl E. Peterson" <karl(a)exmvps.org> wrote in message news:i2nt7u$61k$1(a)news.eternal-september.org... >> Mike Williams said : >> Many years ago (too long to remember!) I used to do stuff like this >> on admittedly much simpler machines like the Oric and the C64, >> but I think it is still possible (although much more difficult) to do it >> on modern PCs. In my day there were two main basic methods. >> One was to modify the game code itself before the game was run >> and the other was to modify the contents of the memory addresses >> it used to store various data items at runtime. It was very easy many >> years ago on simpler machines, but I am far too long in the tooth >> now to consider delving into how it can be achieved on modern PCs! > > I'm thinking, *maybe* in a Win95 VM? > Definitely not in NT class operating systems. Yeah, you're probably right, at least as far as writing such stuff in VB is concerned. I think maybe the OP would need to move to C++ or ASM if he wanted to write such stuff for use on modern systems such as Vista, Win7 etc, and even then he would need to become very proficient in writing code that behaves in a similar way to a hypervisor or bootloader or kernel level rootkit. Not something I would like to tackle, that's for sure :-) Mike
From: Thorsten Albers on 28 Jul 2010 06:02 Karl E. Peterson <karl(a)exmvps.org> schrieb im Beitrag <i2nt7u$61k$1(a)news.eternal-september.org>... > Definitely not in NT class operating systems. It is possible on a NT class operating system, and I think it will be possible on any Windows version in the future or at least in the near future since accessing the memory of another process is essentially for a process which is used to debug the other process. It is not easy and presumably will get more difficult in the future, and, of course, sufficient rights are needed for it (i.e. administrative rights only). -- Thorsten Albers albers (a) uni-freiburg.de
From: Mike Williams on 28 Jul 2010 07:27 "Karl E. Peterson" <karl(a)exmvps.org> wrote in message news:i2nt7u$61k$1(a)news.eternal-september.org... >> Mike Williams said : Many years ago (too long to remember!) >> I used to do stuff like this on admittedly much simpler machines >> like the Oric and the C64, but I think it is still possible (although >> much more difficult) to do it on modern PCs. > > I'm thinking, *maybe* in a Win95 VM? Definitely not in NT class operating > systems. > Further to my previous response, I happen to have a game called Divinity2 Ego Draconis on my main Vista machine which my grandson plays from time to time when he visits us. It's a complex and often difficult game and I've just remembered once asking him how he got so far with it so quickly and he said, "I cheat"! He downloaded and installed a 'trainer' for it and if he runs the trainer at the same time as he runs the game then he can press certain keys that cause his health status (and various other things) to change to any selected value or to update in real time to maximum values. Most of the 'cheat stuff' happens quietly in the background and the displayed status value remains static, but in the case of one specific status value you can see by it's behaviour that it is being updated in real time to a high value by the 'trainer' immediately after the game itself has set it to a low value. If the people behind the www.cheathappens.com site can do these things on Vista and other similar machines then it can very definitely be done. I'm still not sure whether or not it can be done using Visual Basic, but I definitely would not rule out that possibility. Mike
From: 5k3105 on 28 Jul 2010 10:45 On Jul 27, 4:20 pm, Tom Shelton <tom_shel...(a)comcast.invalid> wrote: > 5k3105 formulated on Tuesday : > > > I want to open a game program of mine running in an windows emulator > > and read and write directly to offsets in that memory space. So I need > > the base address of the process/window. > > > If I start it from my program maybe it will be easier to get the base > > address? > > > I already have a program that will allow me to scroll the memory space > > in hex I just need a way to get the base address. > > > Thanks. > > ReadProcessMemory/WriteProcessMemory. I believe these are the api's > you'll want for reading and writting to the other process. > > Others you'll probably need: > > CreateProcess - if you need to programatically start the process > OpenProcess - if you are attachign to an already running process. > > You'll probably need to use FindWindow or EnumWindows to get a handle > to the main window of the game if you are going to be attaching to an > already running instance... And then use GetWindowThreadProcessId to > actually get the process id to pass to OpenProcess > > You'll also need CloseHandle to clean up when done. This is great information. Thank you. I have found this page showing an example: http://allapi.mentalis.org/apilist/F307CAA2589BD8227FE5D6D4A27F5BDA.html
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 4 5 Prev: Adding reference to netmodule; vbc al Next: Bundling VB Files? |