I've been trying to code a C++ memory editor, and although I included the #include <Windows.h> library it still gives my an error the " handleprocess Was Not Declared!". Here is the code:
#include iostream
#include Windows.h
using namespace std;
int newScore;
int main()
{
HWND windowProgram = FindWindow(NULL,"Calculator");
cout << "Enter A new value to write:";
cin>>::newScore;
if(windowProgram == 0) {
cerr << "Unable To Locate Window" <<endl;
}else {
DWORD processID;
GetWindowThreadProcessId(windowProgram,&processID);
HANDLE handleProcess = OpenProcess(PROCESS_ALL_ACCESS,FALSE,processID);
}
if(!handleProcess){
cerr << "Unable to handle process: " <<handleProcess<< " ! " << endl;
}else {
int memoryHack = WriteProcessMemory(
handleProcess,
(LPVOID)0XA18803B1CC,
&newScore,
(DWORD)sizeof(newScore),NULL);
if(memoryHack > 0){
clog<< " Memory Written" <<endl;
}else{
cerr<<"Failed to write to memory"<<endl;
}
CloseHandle(handleProcess);
}
cin.sync(),
cin.ignore();
return (0);
}
You need to declare handleProcess somewhere else so that it's visible outside the else scope. For example:
// ...
HANDLE handleProcess = 0; // Declare and initialize here.
if (windowProgram == 0) {
cerr << "Unable To Locate Window" <<endl;
} else {
DWORD processID;
GetWindowThreadProcessId(windowProgram, &processID);
handleProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, processID);
}
if (!handleProcess) {
// ...
Note that this isn't just an identifier visibility problem. When the scope is exited, non-static variables created on the stack and inside the scope are destroyed and don't exist anymore.
Related
I am trying to change the value of minerals in Starcraft II to learn win32.
I am not into gaming at all. but chose my childhood game to leearn win32 and operating systems.
Here is my code.
everything works, I can get the handle and its process id.
however reading the value does not work.
From cheat engine, I can change the value of minerals to whatever I like.
Here is the memory address of the minerals.
#include <iostream>
#include <Windows.h>
using namespace std;
int main()
{
int newMineral = 2000;
int readMineral = 0;
HWND hwnd = FindWindowA(NULL, "Brood War");
if (hwnd == NULL)
{
cout << "Cannot find window." << endl;
Sleep(30000);
exit(-1);
}
else
{
DWORD procID;
GetWindowThreadProcessId(hwnd, &procID);
HANDLE handle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, procID);
if (procID == NULL)
{
cout << "Cannot find procssID." << endl;
Sleep(30000);
exit(-1);
}
else
{
cout << "process exists." << endl;
cout << procID << endl;
//WriteProcessMemory(handle, (LPVOID)0x57F0F0, &newMineral, sizeof(newMineral), 0);
ReadProcessMemory(handle, (PBYTE*)0x57F0F0, &readMineral, sizeof(int), 0);
cout << readMineral << endl;
}
}
return 0;
I think it is the format of my memory address maybe since the handle and processID are obtainable.
`
#include <iostream>
#include <windows.h>
#include <Tlhelp32.h>
HANDLE hProc = NULL;
DWORD pID;
bool attachProc(char* procName)
{
PROCESSENTRY32 procEntry32;
procEntry32.dwSize = sizeof(PROCESSENTRY32);
auto hProcSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if(hProcSnap == INVALID_HANDLE_VALUE)
{
std::cout << "FAILED to take snapshot of processes\n";
return false;
}
while(Process32Next(hProcSnap, &procEntry32))
{
std::cout << procEntry32.szExeFile << std::endl;
if (procEntry32.th32ProcessID != 996)
{
if (!strcmp(procName, procEntry32.szExeFile))
{
std::cout << "found process " << procEntry32.szExeFile << " with process id " << procEntry32.th32ProcessID << std::endl;
hProc = OpenProcess(PROCESS_ALL_ACCESS,FALSE,procEntry32.th32ProcessID);
pID = procEntry32.th32ProcessID;
if (hProc == NULL)
{
std::cout << "failed getting handle to process" << std::endl;
}
CloseHandle(hProcSnap);
return true;
}
}
}
std::cout << "couldnt find " << procName << "in the process snapshot" << std::endl;
CloseHandle(hProcSnap);
return false;
}
template <class dataType>
void wpm(dataType valToWrite, DWORD adressToWrite)
{
WriteProcessMemory(hProc, (PVOID)adressToWrite, &valToWrite, sizeof(dataType), 0);
}
template <class dataType>
dataType rpm(DWORD adressToRead)
{
dataType rpmBuffer;
ReadProcessMemory(hProc, (PVOID)adressToRead, &rpmBuffer, sizeof(dataType), 0);
return rpmBuffer;
}
int main()
{
DWORD memoryAdress = 0x288469A7A28;
int value = 1
attachProc((char*)"dummy.exe");
while (true)
{
wpm<int>(value, memoryAdress);
}
}
`
i think there is a problem in getting the handle but i dont know where or how do i debug this.
is there any different way on how to get a handle? bestsides FindWindow() because this doesnt work either
i was trying to write process memory but id didnt work for some reason the adress should be good i tested it in cheat engine multiple times
i'm trying to make a little program to my university that can change values in the memory of another process. With the exact address value that the Cheat Engine give me i can do this, but not ever the value is the same then my problem is with the memory pointers. In the following image i has the every offset that i found in the pointer scan map:
I already make a program but it not work and ever gives me 299 error code, i Run it as administrator. The code is the following:
#include <iostream>
#include <Windows.h>
#include <Psapi.h>
#include <TlHelp32.h>
#include <queue>
using namespace std;
int main() {
PROCESSENTRY32 pEntry;
pEntry.dwSize = sizeof(PROCESSENTRY32);
// Snapshot to list all process
HANDLE pHandlers = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
if (pHandlers == NULL) {
cout << "Error 1";
return 1;
}
// Listing process
if (Process32First(pHandlers, &pEntry)) {
while (Process32Next(pHandlers, &pEntry)) {
// Convert value to string
wstring wstr(pEntry.szExeFile);
string str(wstr.begin(), wstr.end());
// Check if is the process that i wan't
if (str == "Playgroundd.exe") {
MODULEENTRY32 mEntry;
mEntry.dwSize = sizeof(MODULEENTRY32);
// Snapshot to list all modules inside process
HANDLE mHandlers = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pEntry.th32ProcessID);
if (mHandlers == NULL) {
cout << "Error 2";
return 1;
}
// Usually the first process is the main module
if (Module32First(mHandlers, &mEntry)) {
// Convert the name to string
wstring wstrr(mEntry.szExePath);
string strr(wstrr.begin(), wstrr.end());
if (strr.find("Playgroundd.exe")) {
// Get the base address of module
DWORD moduleBaseAddress = (DWORD)mEntry.modBaseAddr;
// Append initial value
moduleBaseAddress += (DWORD)0x000000E8;
// Offsets defined
DWORD offsets[] = {0x88,0x98,0x90,0x20,0x10,0x48,0x904};
// Open process with the right process id
cout << "process id: " << pEntry.th32ProcessID << endl << endl;
HANDLE processHandler = OpenProcess(PROCESS_ALL_ACCESS, 0, pEntry.th32ProcessID);
if (processHandler == NULL) {
cout << "Can't open the process";
return 1;
}
// Sum offsets
for (int i = 0; i < 7;i++) {
moduleBaseAddress += offsets[i];
}
int receive = 0;
size_t bytesRead = 0;
bool resultStatus = ReadProcessMemory(processHandler,
(LPCVOID)moduleBaseAddress, &receive, sizeof(receive), &bytesRead);
cout << "result status :" << resultStatus << endl;
cout << "Received : " << receive << endl;
cout << "Bytes read : " << bytesRead << endl;
cout << "Possible error code : " << GetLastError() << endl;
}
else {
cout << "Can't find module";
return 1;
}
}
}
}
}
};
This is the output of the above program, the error code can be ignored if the result status be non-zero
result status :0
Received : 0
Bytes read : 0
Possible error code : 299
What i am doing wrong?
As pointed by the comment above, your calculation of the target address is questionable.
Your use of GetLastError is unsafe - you should call it immediately after FAILED call to ReadProcessMemory. However, in this case, cout << ... doesn't change that code, so you are OK.
According to docs
ERROR_PARTIAL_COPY
299 (0x12B)
Only part of a ReadProcessMemory or WriteProcessMemory request was completed.
And this post states
ReadProcessMemory would return FALSE and GetLastError would return ERROR_PARTIAL_COPY when the copy hits a page fault.
I am trying to get the money adress to change to whatever i want , but when i try doing so i get 998 error which is ERROR_NOACCESS . I have visual studio ran as administrator.
#include <windows.h>
using namespace std;
int main()
{
HWND hWnd = FindWindowA(NULL, "PC Building Simulator");
if (hWnd == NULL)
{
cout << "App not found" << endl;
Sleep(3000);
exit(-1);
}
else
{
DWORD proccess_ID;
GetWindowThreadProcessId(hWnd, &proccess_ID);
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, proccess_ID);
if (hProcess==NULL)
{
cout << "App not found" << endl;
Sleep(3000);
exit(-1);
}
else
{
int newdata = 500;
DWORD newdatasize = sizeof(newdata);
WriteProcessMemory(hProcess, (LPVOID)0x1B13B498FB0, &newdata, newdatasize, 0);
cout << GetLastError() << endl;
}
}
return 0;
}
The problem for me had an easy fix ,but not that easy to find it . I had to go to configuration manager and changed the platform from Win32 to x64 and that made it work
So I would like to use the DLL that I created, and I have this really weird warning I didn't see anyone has this one. I checked if LoadLibray returns "NULL", and this is not the case.
typedef DATA_BLOB(*encryption_decryption)(DATA_BLOB, bool*);
HINSTANCE dll_file = LoadLibrary(L"dllForEncryptionNDecryptionn.dll");
if (dll_file != NULL) {
cout << "Library loaded!" << endl;
}
else {
failed();
}
encryption_decryption encryption = (encryption_decryption)GetProcAddress(dll_file,"encryption");
if(encryption != NULL)
{
cout << "Workded!" << endl;
}
else
{
failed();
}
void failed() {
cout << GetLastError() << endl;
cout << "Faild!" << endl;
}
Warning at the 8th line: "'dll_file' could be '0': this does not adhere to the specification for the function 'GetProcAddress'."
Everything works, it doesn't write any errors when I run it.
If anything goes wrong in LoadLibrary you call failed() that prints the error code and returns.
HINSTANCE dll_file = LoadLibrary(L"dllForEncryptionNDecryptionn.dll");
if (dll_file != NULL) {
cout << "Library loaded!" << endl;
}
else {
failed(); // returns even when dll_file is NULL
}
// so, here you don't know if it's NULL or a valid handle which is why you get the warning
encryption_decryption encryption = (encryption_decryption)GetProcAddress(dll_file,"encryption");
If LoadLibrary fails, you shold not use that dll_file to call GetProcAddress.
encryption_decryption encryption = nullptr;
HINSTANCE dll_file = LoadLibrary(L"dllForEncryptionNDecryptionn.dll");
if(dll_file) {
encryption_decryption encryption =
(encryption_decryption)GetProcAddress(dll_file,"encryption");
} else {
// do NOT call GetProcAddress
}
if(encryption) {
// function successfully loaded
}