Deprecated: The behavior of unparenthesized expressions containing both '.' and '+'/'-' will change in PHP 8: '+'/'-' will take a higher precedence in /home/iano/public_html/tpforums-vb5/forum/includes/class_core.php on line 5842

PHP Warning: Use of undefined constant MYSQL_NUM - assumed 'MYSQL_NUM' (this will throw an Error in a future version of PHP) in ..../includes/init.php on line 165

PHP Warning: Use of undefined constant MYSQL_ASSOC - assumed 'MYSQL_ASSOC' (this will throw an Error in a future version of PHP) in ..../includes/init.php on line 165

PHP Warning: Use of undefined constant MYSQL_BOTH - assumed 'MYSQL_BOTH' (this will throw an Error in a future version of PHP) in ..../includes/init.php on line 165

PHP Warning: "continue" targeting switch is equivalent to "break". Did you mean to use "continue 2"? in ..../includes/functions_navigation.php on line 588

PHP Warning: "continue" targeting switch is equivalent to "break". Did you mean to use "continue 2"? in ..../includes/functions_navigation.php on line 612

PHP Warning: Use of undefined constant archive_postsperpage - assumed 'archive_postsperpage' (this will throw an Error in a future version of PHP) in ..../archive/index.php on line 456
What's wrong with reading mana? [Archive] - Forums

PDA

View Full Version : What's wrong with reading mana?



Davlog
11-22-2013, 11:52 PM
tibiaWindow = FindWindow( L"TibiaClient", NULL);
DWORD PID;
GetWindowThreadProcessId( tibiaWindow, &PID );
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, PID); //Open Process for Read/Write
short mana = 0;

if( !ReadProcessMemory(hProcess, (void*)0x3C2D00, &mana, 2, 0) )
statusBar()->showMessage( "Error occured ", 3000 ); //shows me if failed
else
statusBar()->showMessage( QString::number(mana), 3000 ); //Shows me mana

I've checked the address of mana and it should be tibia.exe+0x3C2D00. However, this code above does not work. It always fails to read the process memory. Anyone knows whats wrong?

jo3bingham
11-23-2013, 12:51 AM
I believe Mana is one of the addresses that are XOR'd. This thread should help: http://tpforums.org/forum/threads/4981-We-got-a-problem?p=44519&viewfull=1#post44519

Davlog
11-23-2013, 06:07 PM
Here's an update.

This code works but I got the wrong address. CheatEngine says I have to get the baseaddress of tibia.exe and add 0x3C2D00 to it.
Now I just need to find out how to get the base address of tibia.exe...
Gonna look it up somewhere but so far I got nothing! -.-

Davlog
11-23-2013, 07:43 PM
DWORD MainWindow::getBaseAddress(DWORD dwProcessIdentifier, TCHAR *lpszModuleName)
{
HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwProcessIdentifier);
DWORD dwModuleBaseAddress = 0;
if(hSnapshot != INVALID_HANDLE_VALUE)
{
MODULEENTRY32 ModuleEntry32;
ModuleEntry32.dwSize = sizeof(MODULEENTRY32);
if(Module32First(hSnapshot, &ModuleEntry32))
{
do
{
if( wcscmp(ModuleEntry32.szModule, lpszModuleName) == 0)
{
dwModuleBaseAddress = (DWORD)ModuleEntry32.modBaseAddr;
break;
}
}
while(Module32Next(hSnapshot, &ModuleEntry32));
}
CloseHandle(hSnapshot);
}
return dwModuleBaseAddress;
}

This is supposed to return the base address... doesn't work! Any ideas whats wrong?

Davlog
11-24-2013, 01:14 AM
Got it now :


DWORD MainWindow::getBaseAddress(DWORD dwProcessId)
{
WCHAR* lpModuleName = L"tibia.exe";
MODULEENTRY32 lpModuleEntry;
HANDLE hSnapShot = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, dwProcessId );

if(!hSnapShot)
return 0;

lpModuleEntry.dwSize = sizeof(lpModuleEntry);
BOOL bModule = Module32First( hSnapShot, &lpModuleEntry );
while(bModule)
{
if(!wcsicmp(lpModuleEntry.szModule, lpModuleName ) )
{
CloseHandle( hSnapShot );
return (DWORD)lpModuleEntry.modBaseAddr;
}
bModule = Module32Next( hSnapShot, &lpModuleEntry );
}
CloseHandle( hSnapShot );
return 0;
}


this seems to work.