How To Get The Base Address with c++?

[webowner47]

hello i want to get the base address of my application, so that i can write to it's memory, here is my code below:

DWORD dwGetModuleBaseAddress(TCHAR *lpszModuleName, DWORD ProcessID) {
	DWORD dwModuleBaseAddress = 0;
	MODULEENTRY32 ModuleEntry32 = {0};
	HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, ProcessID);
	ModuleEntry32.dwSize = sizeof(MODULEENTRY32);
	if ( Module32First(hSnapshot, &ModuleEntry32) )
	{
		do
		{
		  if ( _tcscmp(ModuleEntry32.szModule, lpszModuleName) == 0 ) {
			 dwModuleBaseAddress = (DWORD)ModuleEntry32.modBaseAddr;
             break;
		  }
		} while( Module32Next(hSnapshot, &ModuleEntry32) );
	}
	CloseHandle(hSnapshot);
    return dwModuleBaseAddress;
}

void __fastcall TForm1::Button1Click(TObject *Sender)
{
	DWORD ProcessID;
	DWORD off1, off2, off3;
	DWORD BaseAddr;
	// Get Handles
	HWND HalfLife2 = FindWindowA(0, "AssaultCube");
	GetWindowThreadProcessId(HalfLife2, &ProcessID);
	HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, ProcessID);
	// Get Client Base Address
	DWORD ClientBaseAddress = dwGetModuleBaseAddress(L"ac_client.exe", ProcessID);
	ReadProcessMemory( hProcess, (LPCVOID)(ClientBaseAddress + 0x00109B74), &BaseAddr, sizeof(BaseAddr), 0 );
	CheatReturnStatus1->Caption = BaseAddr;
}

The Problem is that every time i launch my application i see different address (always change) not pointing to the desired address that i found in cheat engine(which is static address), but i already got a base pointer to that address in cheat engine,
can you help me please?

 

[2ffat]

I'm not sure what the "cheat engine" is showing but when I load a program into memory, the location is rarely same. If always depends on what else is loaded and when.


James P. Cottingham
I'm number 1,229!
I'm number 1,229!

 

[webowner47]

Thank you, but i already found the solution, the problem is i get the base address of my application module, but when i go ahead to display in label i forgot to convert the DWORD value to HEX.
Now i get the desired results.
Still, how to write to process memory with offsets, because i already have that code to do that, and it's not working somehow:

bool GetMoreAmmo(int AmmoAmount) {
	DWORD ProcessID;
	DWORD off1, off2, off3;
	DWORD BaseAddr;
	DWORD AmmoAddr;
        int CurrentAmmo;
	int NewAmmo = AmmoAmount;
	// Get Handles
	HWND HalfLife2 = FindWindowA(0, "HALF-LIFE 2");
	GetWindowThreadProcessId(HalfLife2, &ProcessID);
	HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, ProcessID);
	// Get Client Base Address
	DWORD ClientBaseAddress = dwGetModuleBaseAddress(L"client.dll", ProcessID);
	ReadProcessMemory( hProcess, (LPCVOID)(ClientBaseAddress + 0x0010A280), &BaseAddr, sizeof(BaseAddr), 0 );
	ReadProcessMemory(hProcess, (LPCVOID)(BaseAddr + 0x7B0), &off1, sizeof(off1), 0);
	ReadProcessMemory(hProcess, (LPCVOID)(off1 + 0x34), &off2, sizeof(off2), 0);
	ReadProcessMemory(hProcess, (LPCVOID)(off2 + 0xA4), &off3, sizeof(off3), 0);
	AmmoAddr = off3 + 0x4E0;
	ReadProcessMemory(hProcess, (LPCVOID)(AmmoAddr), &CurrentAmmo, sizeof(CurrentAmmo), 0);
	if ( WriteProcessMemory( hProcess, (LPVOID)(CurrentAmmo), &NewAmmo, sizeof(NewAmmo), 0 ) != 0 )
	{
		return true;
	} else
	{
                return false;
	}
}

However, i don't get what i expects, any idea?

 

[Prattaratt]

The Operating system and your anti-virus should not allow you to write to your program's code segments after it is loaded into memory. Any attempt to do so will result in either a AV fault and program crash or the anti-virus quarantining your program. This a very specific viral behavior that is blocked, and for good reason.

 

[webowner47]

OK, now i understand, thank you