[Help]C# few questions

04/16/2010 20:39 shimo diaz#1
OK a while ago I posted a thread asking about memory addresses and where to put the codes now I am changing my question

First question: Is this the right place for the codes?
(note: If this isn't the right place there is a chance that I will commit suicide)

Second question: lots of things I can't get or can't understand!
dwProcessId ----> How to get it?
lpBaseAddress ---> Is this where I should put the memory address?
byte[] lpBuffer ---> What exactly is this and how to get it?!

This is my full code (thanks in advance)
PHP Code:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Runtime.InteropServices;
using System.Threading;
using System.Security.Permissions;
using System.Security.Principal;
using System.Diagnostics;


namespace ConsoleApplication1
{
    class Program
    {
        enum ProcessAccessFlags uint
        {
            All 0x001F0FFF,
            Terminate 0x00000001,
            CreateThread 0x00000002,
            VMOperation 0x00000008,
            VMRead 0x00000010,
            VMWrite 0x00000020,
            DupHandle 0x00000040,
            SetInformation 0x00000200,
            QueryInformation 0x00000400,
            Synchronize 0x00100000
        }
        [DllImport("kernel32.dll")]
        static extern IntPtr OpenProcess(ProcessAccessFlags dwDesiredAccess,
            [MarshalAs(UnmanagedType.Bool)] bool bInheritHandle,
            int dwProcessId);
        [DllImport("kernel32.dll"SetLastError truePreserveSig true)]
        [return: MarshalAs(UnmanagedType.Bool)]
        public static extern bool ReadProcessMemory(IntPtr hProcess,
            IntPtr lpBaseAddress,
     byte[] lpBuffer,
            UIntPtr nSize,
            out int lpNumberOfBytesRead);
        static void Main(string[] args)
        {
            IntPtr hProcess OpenProcess(ProcessAccessFlags.VMReadfalse0x0012C0);
            ReadProcessMemory(hProcess0xE72E40, , 40);
        }
    }
If there is any thing wrong with the code other than the empty spots please tell me. (thanks again)

I know this isn't actually related to CO but most of epvp coders are Germans.
04/18/2010 11:32 Huseby#2
#Moved

Most Germans knows English tho.
04/18/2010 17:17 n00byplay#3
Code:
//Get All Processes with the specified name
Process[] processes = Process.GetProcessesByName("notepad.exe");
//You also can show the user a list of the founded processes and he have to select one
//If you/the user selected one process you can access the Process-Id
OpenProcess( ... , ... , processes[0].Id);
The process Id is an unique number to identify processes.
You need to add the out keyword to the declaration of your function:

Code:
[DllImport("kernel32.dll", SetLastError = true, PreserveSig = true)]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool ReadProcessMemory(IntPtr hProcess,
IntPtr lpBaseAddress,
[B][COLOR="Red"]out[/COLOR][/B] byte[] lpBuffer,
UIntPtr nSize,
out int lpNumberOfBytesRead);
Then you create a simple byte array, pass it with the out keyword and convert it in a string/long/... using the BitConverter

Sry for my bad english :D
04/18/2010 17:29 shimo diaz#4
Hi thanks for your help I am sorry but can you help me a bit more
Is this code right I am looking for a process with the name "Conquer.exe"
PHP Code:
            Process[] processes Process.GetProcessesByName("Conquer.exe");
            IntPtr hProcess OpenProcess(ProcessAccessFlags.VMReadfalseprocesses[0].Id);
            ReadProcessMemory(hProcess0xE72E40, , 40); 
One more thing I don't get the byte[] lpBuffer thing can you explain it more and if it isn't too much trouble please check my code in the first post and after reading the the memory address how do I turn the value into string? (sorry I am asking too much!)
04/18/2010 17:52 n00byplay#5
You can use the class BitConverter to convert this byte-array into a string:
PHP Code:
byte[] byteArray;
ReadProcessMemory(..., ..., out byteArray, ..., ...);
string strReaded BitConverter.ToString(byteArray); 
04/19/2010 14:43 shimo diaz#6
Hi sorry i tried the code you gave me but it didn't work
[Only registered and activated users can see links. Click Here To Register...]
so please check my code one more time and tell me what's wrong!
PHP Code:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Runtime.InteropServices;
using System.Threading;
using System.Security.Permissions;
using System.Security.Principal;
using System.Diagnostics;
using HANDLE System.IntPtr;


namespace ConsoleApplication1
{
    class Program
    {
        enum ProcessAccessFlags uint
        {
            All 0x001F0FFF,
            Terminate 0x00000001,
            CreateThread 0x00000002,
            VMOperation 0x00000008,
            VMRead 0x00000010,
            VMWrite 0x00000020,
            DupHandle 0x00000040,
            SetInformation 0x00000200,
            QueryInformation 0x00000400,
            Synchronize 0x00100000
        }
        [DllImport("kernel32.dll")]
        static extern IntPtr OpenProcess(ProcessAccessFlags dwDesiredAccess,
            [MarshalAs(UnmanagedType.Bool)] bool bInheritHandle,
            int dwProcessId);
        [DllImport("kernel32.dll"SetLastError truePreserveSig true)]
        [return: MarshalAs(UnmanagedType.Bool)]
        public static extern bool ReadProcessMemory(IntPtr hProcess,
            IntPtr lpBaseAddress,
     byte[] lpBuffer,
            UIntPtr nSize,
            out int lpNumberOfBytesRead);
        [DllImport("coredll.dll"SetLastError trueCallingConvention CallingConvention.WinapiCharSet CharSet.Auto)]
        [return: MarshalAs(UnmanagedType.Bool)]
        public static extern bool CloseHandle(HANDLE hObject);
        static void Main(string[] args)
        {
            Process[] processes Process.GetProcessesByName("Conquer.exe");
            HANDLE hProcess OpenProcess(ProcessAccessFlags.VMReadfalseprocesses[0].Id);
            if (hProcess == 0)
            {return;}
            byte[] byteArray;
            ReadProcessMemory(hProcess0xE72E40out byteArray4null);
            CloseHandle(hProcess);
            string strReaded BitConverter.ToString(byteArray); 
        }
    }
04/19/2010 19:21 n00byplay#7
Code:
        [DllImport("kernel32.dll", SetLastError = true, PreserveSig = true)]
        [return: MarshalAs(UnmanagedType.Bool)]
        public static extern bool ReadProcessMemory(IntPtr hProcess,
            IntPtr lpBaseAddress,
     [COLOR="Red"]out[/COLOR] byte[] lpBuffer,
            UIntPtr nSize,
            out int lpNumberOfBytesRead);
You have to write the "out"-keyword at the function-declaration, too.
And what is the other error message?
04/20/2010 23:36 Henri_#8
What are you trying to do? Get a string or an integer value? If it is an int, you just have to declare "int thisfreakenunknownvalue" and then switch for "byte []lpBuffer". If it is a string, you can either declare "char thatdamnunknownstring" or "char thatdamnunknownstring[]". Also, if the user has 2 process of the same name, this function might not work properly, you better get the handles of the desired window, and then you can be sure that it will work good. Another thing that you must know, if this game has any anti-hacking system such as gameguard or hackshield, it will NOT work... By the way, this is VB. :)
04/22/2010 11:20 shimo diaz#9
Quote:
Originally Posted by Henri_ View Post
What are you trying to do? Get a string or an integer value? If it is an int, you just have to declare "int thisfreakenunknownvalue" and then switch for "byte []lpBuffer". If it is a string, you can either declare "char thatdamnunknownstring" or "char thatdamnunknownstring[]". Also, if the user has 2 process of the same name, this function might not work properly, you better get the handles of the desired window, and then you can be sure that it will work good. Another thing that you must know, if this game has any anti-hacking system such as gameguard or hackshield, it will NOT work... By the way, this is VB. :)
Thanks for your concern but I am using C# and I don't understand what do you mean by switching for "byte[] IpBuffer" if you don't mind give me a code that explains this.