Pointer+Offset how?

GibsonJunk (14)
need to figure out how to add a offset to a pointer then use it in this code

Pointer is 00B835CC
Offset is 1432

i thought maybe can use this somehow but i am not sure.
p = (char*)p + 1432;


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
 
#include <windows.h>
#include <tlhelp32.h>
#include <conio.h>
#include <stdlib.h>
#include <winable.h>
#include <stdio.h>
#include <iostream>
using namespace std;

bool ChangeMemVal(const char * ProcessName, LPVOID MemAddress, int NewVal, int size);

int main()
{
        SetConsoleTitle( "Knight OnLine Helper" );
     cout << ("Knight OnLine Example console\n\n") << endl;
               if(ChangeMemVal("KnightOnLine.exe", (void*) /*Need pointer + Offset here*/, 0, 4))
          printf("Enabled\n");
     else
          printf("Disabled\n");
     system("PAUSE");
     return 0;
}

bool ChangeMemVal(const char * ProcessName, LPVOID MemAddress, int NewVal, int size)
{
     HANDLE hProcessSnap;
     HANDLE hProcess = NULL;
     PROCESSENTRY32 pe32;
     hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
     pe32.dwSize = sizeof( PROCESSENTRY32 );
     Process32First(hProcessSnap, &pe32);
     do
     {
          if(!strcmp(pe32.szExeFile, ProcessName))
          {
               hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID);
               break;
          }
     }
     while(Process32Next(hProcessSnap, &pe32));
     CloseHandle( hProcessSnap );
     if(hProcess != NULL)
     {
          WriteProcessMemory(hProcess, MemAddress, &NewVal, size, NULL);     // write the value
          CloseHandle(hProcess);
          return true;
     }
     return false;
}
kfmfe04 (788)
It depends on what p points to - if it points to a contiguous series of bytes, your code will offset by 1432 bytes.

Also, I see handles in your code, so you have to be clear if you have a pointer or a handle, and you have be clear about sizeof() what it points to...
GibsonJunk (14)
Maybe this is better explaination .

Hi all
i have been having this annoying problem. I can change th value of an memory address. the problem is tha the memory address changes every time the application restarts. Now i figured i would need to use a pointer. So i found a pointer that points to this address, but it has an offset.

lets say the address is: "04A96990"
and the offset is: "A0"
and lets say this points to...:"07b96964" // this is the address i want to modify.

How might one change this code to make it take advantage of the pointer and find the address and be able to modify it.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
 
#include <windows.h>
#include <tlhelp32.h>
#include <conio.h>
#include <stdlib.h>
#include <stdio.h>

bool ChangeMemVal(const char * ProcessName, LPVOID MemAddress, int NewVal, int size);

int main()
{
     printf("=== Pinball Trainer Example. Made by <your name here> ===\n\n");
     if(ChangeMemVal("PINBALL.EXE", (void*) 0xA90C62, 100000000, 4))
          printf("The score has been edited successfully.\n");
     else
          printf("An error occured while attempting edit the score.\n");
     system("PAUSE");
     return 0;
}


/* This function modifys a memory address according to its arguments.
   Arguments :
             ProcessName - the process we want to modify
             MemAddress - the memory address we want to modify
             NewVal - the value we want to change the memory address to
             size - the size of the memory address
   Returns :
           the success of the edit.
   */


bool ChangeMemVal(const char * ProcessName, LPVOID MemAddress, int NewVal, int size)
{
     HANDLE hProcessSnap;
     HANDLE hProcess = NULL;
     PROCESSENTRY32 pe32;    
     hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
     pe32.dwSize = sizeof( PROCESSENTRY32 );
     Process32First(hProcessSnap, &pe32);
     do
     {          
          if(!strcmp(pe32.szExeFile, ProcessName))
          {
               hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID);
               break;
          }
     }
     while(Process32Next(hProcessSnap, &pe32));
     CloseHandle( hProcessSnap );
     if(hProcess != NULL)
     {
          WriteProcessMemory(hProcess, MemAddress, &NewVal, size, NULL);     // write the value          
          CloseHandle(hProcess);    
          return true;
     }    
     return false;
}
Kiana (186)
1
2
3
4
5
6
7
8
9
10
11
12
 
#include <windows.h>

#define BASE	0x00400000
#define OFFSET	0x00
#define VALUE	0x01

BOOL APIENTRY DllMain(__in HMODULE hModule, __in DWORD dwReason, __in __reserved LPVOID lpReserved)
{
	if(dwReason == DLL_PROCESS_ATTACH)
		*(DWORD*)((*(DWORD*)BASE) + OFFSET) = VALUE;
	return TRUE;	
}


(edit) Just saw that you were using an .exe, in which case you'll need to take advantage of ReadProcessMemory().
Last edited on
Topic archived. No new replies allowed.