Register for your free account! | Forgot your password?

You last visited: Today at 20:42

  • Please register to post and access all features, it's quick, easy and FREE!

 

Game.dll Handle

Reply
 
Old   #16
 
elite*gold: 0
Join Date: Jul 2005
Posts: 206
Received Thanks: 108
Quote:
Originally Posted by aocunderground View Post
GetModuleHandle can only return module handles from the process in which it was called. Unless you are injected... you're doing it completely wrong.

I am using c# so i am simply getting the process by name and then the main module and the id of that. This returns the Module Handle. I am then attempting to readMemory using this handle. It still however returns 0 everytime even with read only access.

EDIT: NVM looks like I am calculating Game.dll address incorrectly so i'll look into this more and see if i can make sure to make this dynamic.



Revived Soulreaver is offline  
Old   #17
 
elite*gold: 0
Join Date: May 2008
Posts: 29
Received Thanks: 4
Quote:
Originally Posted by Revived Soulreaver View Post
I am using c# so i am simply getting the process by name and then the main module and the id of that. This returns the Module Handle. I am then attempting to readMemory using this handle. It still however returns 0 everytime even with read only access.

EDIT: NVM looks like I am calculating Game.dll address incorrectly so i'll look into this more and see if i can make sure to make this dynamic.
using System.Diagnostics...
Code:
            Process aionProcess = null;
            Process[] processes = Process.GetProcesses();
            foreach (Process process in processes)
            {
                if (process.ProcessName == "AION.bin")
                {
                    aionProcess = process;
                    break;
                }
            }
The Process object that is returned will hold a list of modules and their associated handles, etc.


Oh, and read up on ReadProcessMemory buddy. You don't need the module handle, you need the process handle, which the Process class conveniently contains for you.


aocunderground is offline  
Old   #18
 
elite*gold: 0
Join Date: Jul 2005
Posts: 206
Received Thanks: 108
Quote:
Originally Posted by aocunderground View Post
using System.Diagnostics...
Code:
            Process aionProcess = null;
            Process[] processes = Process.GetProcesses();
            foreach (Process process in processes)
            {
                if (process.ProcessName == "AION.bin")
                {
                    aionProcess = process;
                    break;
                }
            }
The Process object that is returned will hold a list of modules and their associated handles, etc.


Oh, and read up on ReadProcessMemory buddy. You don't need the module handle, you need the process handle, which the Process class conveniently contains for you.
Issue Resolved: I was only having an issue since i am running x64, the code you are supplying is for x86 which my code works for as well.

Have a good one.
Revived Soulreaver is offline  
Old   #19
 
elite*gold: 0
Join Date: May 2008
Posts: 29
Received Thanks: 4
Quote:
Originally Posted by Revived Soulreaver View Post
Issue Resolved: I was only having an issue since i am running x64, the code you are supplying is for x86 which my code works for as well.

Have a good one.
What? This code works in x64.


aocunderground is offline  
Old   #20
 
elite*gold: 0
Join Date: Jul 2005
Posts: 206
Received Thanks: 108
Quote:
Originally Posted by aocunderground View Post
What? This code works in x64.
Unfortunately it does not...It does compile and it does run...but you'll never find Game.dll...if you don't believe me feel free to test it.

Sorry we were talking about 2 different things, yes that will find Aion.BIN and that is important, but this won't get you a baseAddress which is what my question was...my bad

Thanks for the assist.
Revived Soulreaver is offline  
Old   #21
 
elite*gold: 0
Join Date: May 2008
Posts: 29
Received Thanks: 4
Quote:
Originally Posted by Revived Soulreaver View Post
Unfortunately it does not...It does compile and it does run...but you'll never find Game.dll...if you don't believe me feel free to test it.

Sorry we were talking about 2 different things, yes that will find Aion.BIN and that is important, but this won't get you a baseAddress which is what my question was...my bad

Thanks for the assist.
Code:
            foreach (ProcessModule module in aionProcess.Modules)
            {
                if (module.ModuleName == "Game.dll")
                {
                    IntPtr gameBaseAddress = module.BaseAddress;
                    break;
                }
            }
ModuleName *may* strip off the extension, I can't remember, so it might be "Game" not "Game.dll".
aocunderground is offline  
Old   #22
 
elite*gold: 0
Join Date: Apr 2006
Posts: 1
Received Thanks: 0
He's right, it doesnt find game.dll module. I am also running x64, and when debugging it only shows a handful of Aion's process Modules (maybe like 10% of what there actually is).

Hey RevivedSoulReaver, how did you work around this? Did I read your post wrong or did you figure out how to detect game.dll?

Thanks,
Fnsh
GTxFinish is offline  
Old   #23
 
elite*gold: 0
Join Date: Jul 2005
Posts: 206
Received Thanks: 108
Quote:
Originally Posted by aocunderground View Post
Code:
            foreach (ProcessModule module in aionProcess.Modules)
            {
                if (module.ModuleName == "Game.dll")
                {
                    IntPtr gameBaseAddress = module.BaseAddress;
                    break;
                }
            }
ModuleName *may* strip off the extension, I can't remember, so it might be "Game" not "Game.dll".
No it doesn't work like that, if you aren't debugging or running x64 Vista or greater you wouldn't see this...Thanks for the code and attempted helping.

Quote:
Originally Posted by GTxFinish View Post
He's right, it doesnt find game.dll module. I am also running x64, and when debugging it only shows a handful of Aion's process Modules (maybe like 10% of what there actually is).

Hey RevivedSoulReaver, how did you work around this? Did I read your post wrong or did you figure out how to detect game.dll?

Thanks,
Fnsh
Yes, i have fixed/worked around this. It isn't hard, just need to know what to google it is also important to understand how windows x64 handles 32 bit processes. I recommend googling around with wow64 (one of the 5 dlls returned from x64 processes) and you'll find out about it. You see you get the main process and then the x64 dlls that allow the process to work.

Note there isn't any C# for this you'll be using DllImport...good luck dude

I hope this points you in the right direction.
Revived Soulreaver is offline  
Old   #24
 
elite*gold: 0
Join Date: May 2008
Posts: 29
Received Thanks: 4
Ah that makes sense, I always enable debug/all access privileges by default.

Also, you really don't need module bases if you don't work with offsets (from module bases)
aocunderground is offline  
Old   #25
 
elite*gold: 0
Join Date: Jul 2005
Posts: 206
Received Thanks: 108
Quote:
Originally Posted by aocunderground View Post
Ah that makes sense, I always enable debug/all access privileges by default.

Also, you really don't need module bases if you don't work with offsets (from module bases)
I'm completely unsure about what you are attempting to (sneaky? suggestive) with this. You need base addresses if you are doing any memory work. If you are doing Packet sniffing you just need the appropriate filter.
Revived Soulreaver is offline  
Old   #26
 
elite*gold: 0
Join Date: May 2008
Posts: 29
Received Thanks: 4
Quote:
Originally Posted by Revived Soulreaver View Post
I'm completely unsure about what you are attempting to (sneaky? suggestive) with this. You need base addresses if you are doing any memory work. If you are doing Packet sniffing you just need the appropriate filter.

You can search the game's memory for byte patterns (in functions) that reference memory addresses. Since the memory locations that you extract are written to memory inside functions on load, you never need to deal with offsets.

Take for example:
Code:
mov     ecx, dword_108E7230
mov     eax, ecx
sub     eax, 0Ah
You can search for the above code, placing wildcards on the 4 bytes (dword) 108E7230. Then you'd always be able to find that memory location, even between game versions (usually.)

I don't know if I'm explaining this properly.
aocunderground is offline  
Old   #27
 
elite*gold: 0
Join Date: Feb 2005
Posts: 2
Received Thanks: 0
anyone have the offset to the list of npc's/monsters
iifuzz is offline  
Old   #28
 
elite*gold: 0
Join Date: May 2008
Posts: 29
Received Thanks: 4
Quote:
Originally Posted by iifuzz View Post
anyone have the offset to the list of npc's/monsters
how is this at all related to anything that has been going on in this thread?
aocunderground is offline  
Old   #29
 
elite*gold: 0
Join Date: Feb 2005
Posts: 2
Received Thanks: 0
nothing ^_^
thought id ask anyways!


iifuzz is offline  
Reply



« Previous Thread | Next Thread »

Similar Threads
Does anyone know how to handle this?
how to handle the mini game of metal conversion? Can you offer me a link or just post bellow?
10 Replies - Mabinogi
Correct way to handle speedhack
What would be the correct way other then; Entity.Character.StatusFlag |= Update.Flags.Cyclone; ...
10 Replies - CO2 Programming
[C++] Process Handle
huhu, ich hab ein Problem den Process Handle von Diablo II zu bekommen. #include <cstdlib> #include <iostream> #include <windows.h> ...
9 Replies - C/C++
2moons window handle
hello there people, im new here and as most noobs i joined to ask for help. I'll do my best to help other ppl as much as i can though As the title...
1 Replies - Dekaron
How to handle a rb
When you see a rb pking, you think usually about the guard right? especially when rbs get to 105 and have gold guard, they are usually invincible. ...
16 Replies - CO2 Guides & Templates



All times are GMT +1. The time now is 20:42.


Powered by vBulletin®
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.

Support | Contact Us | FAQ | Advertising | Privacy Policy | Abuse
Copyright ©2017 elitepvpers All Rights Reserved.