c++ - WriteProcessMemory no error and it don't writes to correct address -
i have little trouble understand here problem is. first read correct value address: part works fine.
readprocessmemory(phandle, (lpcvoid)(baseaddr + staticoffset), &value, sizeof(dword), &numbytesread); value += 0x174; readprocessmemory(phandle, (lpcvoid)value, &value, sizeof(dword), &numbytesread); value += 0x4; readprocessmemory(phandle, (lpcvoid)value, &value, sizeof(dword), &numbytesread); value += 0xc; readprocessmemory(phandle, (lpcvoid)value, &value, sizeof(dword), &numbytesread); value += 0x130; readprocessmemory(phandle, (lpcvoid)value, &value, sizeof(dword), &numbytesread);
you see lvl 4 pointer , value have correct information. have think, hey let's decrease value 1 , write result in address.
newvalue = value - 1; //new value dword std::cout << "writevalue: " << newvalue << std::endl; if (!writeprocessmemory(phandle, &value, &newvalue, sizeof(dword), null)) { std::cout << "oh write error: " << getlasterror() << std::endl; } readprocessmemory(phandle, (lpcvoid)value, &value, sizeof(dword), &numbytesread); std::cout << "after write value: " << value << std::endl;
now, no error , address value don't change. don't have experience write memory , hope can me.
important: use own processes. learning reverse enginnering.
tell me why downvote, try make bether. thanks
i tried:
writeprocessmemory(phandle, (lpvoid)value, &newvalue, sizeof(dword), null)
error_invalid_address
487 (0x1e7) attempt access invalid address.
&
gets address of variable comes after it. ex. &value
. you're trying write address of variable value
, since value
contained in address space of own process means address passed &value
may or may not valid in remote process.
you don't need store final readprocessmemory
in value
. @ moment last readprocessmemory
storing actual value want , not address of value. instead have value
pointer variable you're trying access in remote process , create new variable hold value you're trying access.
and since put sizeof(dword)
parameter in both write , read i'm gonna assume type of value want dword
well.
as such:
readprocessmemory(phandle, (lpcvoid)(baseaddr + staticoffset), &value, sizeof(dword), &numbytesread); value += 0x174; readprocessmemory(phandle, (lpcvoid)value, &value, sizeof(dword), &numbytesread); value += 0x4; readprocessmemory(phandle, (lpcvoid)value, &value, sizeof(dword), &numbytesread); value += 0xc; readprocessmemory(phandle, (lpcvoid)value, &value, sizeof(dword), &numbytesread); value += 0x130; dword dwvalue = 0; readprocessmemory(phandle, (lpcvoid)value, &nvalue, sizeof(dword), &numbytesread);
now value
holds address of variable , dwvalue
contains value of variable.
however newvalue = value - 1
needs newvalue = dwvalue - 1
.
and readprocessmemory(phandle, (lpcvoid)value, &value, sizeof(dword), &numbytesread)
needs become readprocessmemory(phandle, (lpcvoid)value, &dwvalue, sizeof(dword), &numbytesread)
. likewise std::cout << "after write value: " << value << std::endl;
needs become std::cout << "after write value: " << dwvalue << std::endl;
.
result:
newvalue = dwvalue - 1; //new value dword std::cout << "writevalue: " << newvalue << std::endl; if (!writeprocessmemory(phandle, &value, newvalue, sizeof(dword), null)) { std::cout << "oh write error: " << getlasterror() << std::endl; } readprocessmemory(phandle, (lpcvoid)value, &dwvalue, sizeof(dword), &numbytesread); std::cout << "after write value: " << dwvalue << std::endl;
i highly encourage learn more virtual memory, pointers, etc. there's plethora of tutorials online. might take while you'll eventually. luck , happy coding! :)
Comments
Post a Comment