GetModuleHandle can only return module handles from the process in which it was called. Unless you are injected... you're doing it completely wrong.
I am using c# so i am simply getting the process by name and then the main module and the id of that. This returns the Module Handle. I am then attempting to readMemory using this handle. It still however returns 0 everytime even with read only access.
EDIT: NVM looks like I am calculating Game.dll address incorrectly so i'll look into this more and see if i can make sure to make this dynamic.
I am using c# so i am simply getting the process by name and then the main module and the id of that. This returns the Module Handle. I am then attempting to readMemory using this handle. It still however returns 0 everytime even with read only access.
EDIT: NVM looks like I am calculating Game.dll address incorrectly so i'll look into this more and see if i can make sure to make this dynamic.
using System.Diagnostics...
Code:
Process aionProcess = null;
Process[] processes = Process.GetProcesses();
foreach (Process process in processes)
{
if (process.ProcessName == "AION.bin")
{
aionProcess = process;
break;
}
}
The Process object that is returned will hold a list of modules and their associated handles, etc.
Oh, and read up on ReadProcessMemory buddy. You don't need the module handle, you need the process handle, which the Process class conveniently contains for you.
Process aionProcess = null;
Process[] processes = Process.GetProcesses();
foreach (Process process in processes)
{
if (process.ProcessName == "AION.bin")
{
aionProcess = process;
break;
}
}
The Process object that is returned will hold a list of modules and their associated handles, etc.
Oh, and read up on ReadProcessMemory buddy. You don't need the module handle, you need the process handle, which the Process class conveniently contains for you.
Issue Resolved: I was only having an issue since i am running x64, the code you are supplying is for x86 which my code works for as well.
Unfortunately it does not...It does compile and it does run...but you'll never find Game.dll...if you don't believe me feel free to test it.
Sorry we were talking about 2 different things, yes that will find Aion.BIN and that is important, but this won't get you a baseAddress which is what my question was...my bad
Unfortunately it does not...It does compile and it does run...but you'll never find Game.dll...if you don't believe me feel free to test it.
Sorry we were talking about 2 different things, yes that will find Aion.BIN and that is important, but this won't get you a baseAddress which is what my question was...my bad
Thanks for the assist.
Code:
foreach (ProcessModule module in aionProcess.Modules)
{
if (module.ModuleName == "Game.dll")
{
IntPtr gameBaseAddress = module.BaseAddress;
break;
}
}
ModuleName *may* strip off the extension, I can't remember, so it might be "Game" not "Game.dll".
He's right, it doesnt find game.dll module. I am also running x64, and when debugging it only shows a handful of Aion's process Modules (maybe like 10% of what there actually is).
Hey RevivedSoulReaver, how did you work around this? Did I read your post wrong or did you figure out how to detect game.dll?
foreach (ProcessModule module in aionProcess.Modules)
{
if (module.ModuleName == "Game.dll")
{
IntPtr gameBaseAddress = module.BaseAddress;
break;
}
}
ModuleName *may* strip off the extension, I can't remember, so it might be "Game" not "Game.dll".
No it doesn't work like that, if you aren't debugging or running x64 Vista or greater you wouldn't see this...Thanks for the code and attempted helping.
Quote:
Originally Posted by GTxFinish
He's right, it doesnt find game.dll module. I am also running x64, and when debugging it only shows a handful of Aion's process Modules (maybe like 10% of what there actually is).
Hey RevivedSoulReaver, how did you work around this? Did I read your post wrong or did you figure out how to detect game.dll?
Thanks,
Fnsh
Yes, i have fixed/worked around this. It isn't hard, just need to know what to google it is also important to understand how windows x64 handles 32 bit processes. I recommend googling around with wow64 (one of the 5 dlls returned from x64 processes) and you'll find out about it. You see you get the main process and then the x64 dlls that allow the process to work.
Note there isn't any C# for this you'll be using DllImport...good luck dude
Ah that makes sense, I always enable debug/all access privileges by default.
Also, you really don't need module bases if you don't work with offsets (from module bases)
I'm completely unsure about what you are attempting to (sneaky? suggestive) with this. You need base addresses if you are doing any memory work. If you are doing Packet sniffing you just need the appropriate filter.
I'm completely unsure about what you are attempting to (sneaky? suggestive) with this. You need base addresses if you are doing any memory work. If you are doing Packet sniffing you just need the appropriate filter.
You can search the game's memory for byte patterns (in functions) that reference memory addresses. Since the memory locations that you extract are written to memory inside functions on load, you never need to deal with offsets.
Take for example:
Code:
mov ecx, dword_108E7230
mov eax, ecx
sub eax, 0Ah
You can search for the above code, placing wildcards on the 4 bytes (dword) 108E7230. Then you'd always be able to find that memory location, even between game versions (usually.)
Does anyone know how to handle this? 09/03/2010 - Mabinogi - 10 Replies how to handle the mini game of metal conversion?
Can you offer me a link or just post bellow?
Correct way to handle speedhack 05/10/2010 - CO2 Programming - 10 Replies What would be the correct way other then;
Entity.Character.StatusFlag |= Update.Flags.Cyclone;
Update upd = new Update(true);
upd.Append(Update.StatusFlag, Entity.Character.StatusFlag);
upd.UID = Entity.Character.ID;
Entity.GameHandler.SendToClient(upd.ToArray());
The only way so far I discovered is when launching superman.
[C++] Process Handle 10/27/2009 - C/C++ - 9 Replies huhu, ich hab ein Problem den Process Handle von Diablo II zu bekommen.
#include <cstdlib>
#include <iostream>
#include <windows.h>
using namespace std;
2moons window handle 04/09/2008 - Dekaron - 1 Replies hello there people, im new here and as most noobs i joined to ask for help. I'll do my best to help other ppl as much as i can though
As the title of the thread suggests, im trying to get the handle of the 2moons window but Windows wont let me get access to the message stream of the window. I'm using spy++ btw.
I looked it up on google but there arent many topics i could find about this issue. From the hacks i've seen in the forum im guessing its not worth it trying to get the window...
How to handle a rb 02/16/2007 - CO2 Guides & Templates - 16 Replies When you see a rb pking, you think usually about the guard right? especially when rbs get to 105 and have gold guard, they are usually invincible.
A little trick that works for me is to poison the guard before going after the pker, the poison delays the guards lightning, giving you enough time to land a fb or rapid on the pker, however
sometimes it does fail and 9/10 you die because gold guard has a ridiculously high Matk
feel free to flame away and call me a noob or w/e just sharing...
