ReadProcessMemory Break after 3 times.

05/18/2015 23:38 dragonluck4#1
So this was all working fine before I did something and for the life of me I can't figure out what I did that may have caused this issue to occur, I've been sat here for the past few hours trying to figure it out with no luck. Basically, this will read everything fine the first 3 times then after that it will break. I've managed to narrow down the issue to it being the ReadProcessMemory.

This is the ReadProcessMemory function I've got.
Code:
        [DllImport("kernel32.dll")]
        public static extern Int32 ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [In, Out] byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesRead);

This is the function to find the address from multi level pointers.
Code:
        private int findAddress(int[] offsetArray)
        {
            byte[] buffer = new byte[4];
            int arrayPosition = 0;
            IntPtr bytesRead;
            //IntPtr processHandle = Memory.pHandle;
            int address = findBaseAddress();

            foreach (int i in offsetArray)
            {
                if (arrayPosition != offsetArray.Length - 1)
                {
                    Memory.ReadProcessMemory(procHandle, (IntPtr)address+i, buffer, 4, out bytesRead);
                    address = BitConverter.ToInt32(buffer, 0);
                    arrayPosition++;
                }
                else
                {
                    address += i;
                }
            }
            string hexValue = address.ToString("X");
            return address;
        }
This is where I use the function:
Code:
        private string HPValue()
        {
            int pointer = findAddress(new int[] { 0x00B1BC0C, 0x0, 0x190, 0x290 });
            byte[] buffer = new byte[4];
            IntPtr ptrBytesRead;

            Memory.ReadProcessMemory(procHandle, (IntPtr)pointer, buffer, 4, out ptrBytesRead);
            return BitConverter.ToInt32(buffer, 0).ToString();
        }
There is a timer which calls the HPValue function every second or so.
05/19/2015 00:20 tolio#2
use the [Only registered and activated users can see links. Click Here To Register...] to get more details about the error
05/19/2015 00:53 dragonluck4#3
Quote:
Originally Posted by tolio View Post
use the [Only registered and activated users can see links. Click Here To Register...] to get more details about the error

Hey thanks for your reply appreciate it. I tried to do this but it seems like there is no error. The value is 0 which when I looked it up means operation completed successfully.

For your information, this is where I placed the checks.

Code:
        private int findAddress(int[] offsetArray)
        {
            int error = Marshal.GetLastWin32Error();
            byte[] buffer = new byte[4];
            int arrayPosition = 0;
            IntPtr bytesRead;
            //IntPtr processHandle = Memory.pHandle;
            int address = findBaseAddress();

            foreach (int i in offsetArray)
            {
                if (arrayPosition != offsetArray.Length - 1)
                {
                    Memory.ReadProcessMemory(procHandle, (IntPtr)address+i, buffer, 4, out bytesRead);
                    address = BitConverter.ToInt32(buffer, 0);
                    arrayPosition++;
                }
                else
                {
                    address += i;
                }
            }
            error = Marshal.GetLastWin32Error();
            MessageBox.Show(error.ToString());
            string hexValue = address.ToString("X");
            r
Code:
        private string HPValue()
        {
            int pointer = findAddress(new int[] { 0x00B1BC0C, 0x0, 0x190, 0x290 });
            byte[] buffer = new byte[4];
            IntPtr ptrBytesRead;

            Memory.ReadProcessMemory(procHandle, (IntPtr)pointer, buffer, 4, out ptrBytesRead);
            string test = BitConverter.ToInt32(buffer, 0).ToString();
            int error = Marshal.GetLastWin32Error();
            MessageBox.Show(error.ToString());
            return test;
        }
05/19/2015 01:16 tolio#4
Did you set the [Only registered and activated users can see links. Click Here To Register...] in the import?
05/19/2015 01:28 dragonluck4#5
Quote:
Originally Posted by tolio View Post
Did you set the [Only registered and activated users can see links. Click Here To Register...] in the import?
Ah, I had not no. I just tested it out, I set the last error attribute to true and I got error got 6.

ERROR_INVALID_HANDLE
6 (0x6)
The handle is invalid.

I've no idea what this means though.
05/19/2015 01:36 Biesi#6
Every process has a handle so you can access it. Can you show the part where
Code:
procHandle
is declared and/or defined?
05/19/2015 01:53 dragonluck4#7
Defined near the top of the class:
Code:
Process[] myProcess;
Set here:
Code:
        private void timerGame_Tick(object sender, EventArgs e)
        {
            myProcess = Process.GetProcessesByName("Raiderz");
            if (myProcess.Length != 0)
            {
                IsGameAvailable = true;
                procHandle = myProcess[0].Handle;
                Memory.pHandle = myProcess[0].Handle;

                toolText.Text = "Status: Successfully Fused with RaiderZ!";
                timerGame.Stop();

                numericJumpDistance.Value = (decimal)jumpDistance();
                numericZoomDistance.Value = (decimal)zoomDistance();
            }
            else
            {
                IsGameAvailable = false;
                toolText.Text = "Status: Waiting for RaiderZ.";
            }
        }
This is the function which finds the base, it's called everytime a multi-level pointer base address is located:
Code:
        private int findBaseAddress()
        {
            try
            {
                myProcess = Process.GetProcessesByName("Raiderz");

                foreach (ProcessModule M in myProcess[0].Modules)
                {
                    if (M.ModuleName == "Raiderz.exe")
                    {
                        int baseAddress = M.BaseAddress.ToInt32();
                        //string hexValue = baseAddress.ToString("X");
                        return baseAddress;
                    }
                    break;
                }
                return -1;
            }
            catch
            {
                timerUpdate.Stop();
                timerGame.Start();
                return -1;
            }
        }
05/19/2015 02:15 Biesi#8
Are you running your application with administrator privileges or UAC disabled?
05/19/2015 02:27 dragonluck4#9
I'm running it with UAC disabled.

Thanks guys, you helped me solve the issue. :)

Actually the issue isn't solved entirely. The process handle keeps changing for some reason? I don't know if it is meant to keep changing. I don't think it did before?

Alright never mind I fixed it :D
05/20/2015 19:26 YatoDev#10
i just want to add that in some cases it helps to reopen the process on every read