Jump to content
  • Advertisement
Sign in to follow this  
toony

ReadProcessMemory not reading

This topic is 3006 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

i am trying to read the value stored inside a memory address of a program but the value at this address is not being copied to the val variable i created. can someone that has used this function please have a look at my code? thanks.

#include <windows.h>
#include <stdio.h>

void ReadProcess(DWORD lpAddress, void* buf, int len);

int main()
{
int val = 0;

ReadProcess(0x0003f3a8, &val, sizeof(int));
printf("val is: %d\n", val);

return 0;
}

void ReadProcess(DWORD address, void* buf, int len)
{
HWND hwnd = FindWindow("Calculator", NULL);
DWORD pid;
GetWindowThreadProcessId(hwnd, &pid);
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid);
ReadProcessMemory(hProcess, (void*)address, buf, len, NULL);
CloseHandle(hProcess);
}

Share this post


Link to post
Share on other sites
Advertisement
Did you try debugging the program?

Did you check if the function calls succeed? (check return values, use GetLastError(), etc.)

Share this post


Link to post
Share on other sites
GetWindowThreadProcessId returned 0, ReadProcessMemory returned 0 and GetLastError returned 6.

i havnt used these functions before and i need a bit of help if possible. i dont wanna go down and write too much code to do something that can be done simply with less, i just want to get the value at the address.

Share this post


Link to post
Share on other sites
Don't use PROCESS_ALL_ACCESS, use the individual flags instead.

Also 6 is ERROR_INVALID_HANDLE, check that OpenProcess() is returning a valid handle.


Also, it might be a safer bet to use the actual process name instead of the window name. You can use CreateToolhelp32Snapshot() for this.

Share this post


Link to post
Share on other sites
i did all that and i still get that 6 error! do you think there is something wrong in the code? plz have a look and let me know.


#include <windows.h>
#include <stdio.h>

void ReadProcess(DWORD lpAddress, void* buf, int len);

int main()
{
int val = 0;

ReadProcess(0x000AA4BC, &val, sizeof(int));
printf("val is: %d\n", val);

return 0;
}

void ReadProcess(DWORD address, void* buf, int len)
{
int db;
DWORD pid;

HWND hwnd = FindWindow("calc", NULL);

db = GetWindowThreadProcessId(hwnd, &pid);
printf("pid: %li\n", pid);
printf("GetWindowThreadProcessId returned: %i\n", db);

HANDLE hProcess = OpenProcess(PROCESS_VM_READ, FALSE, pid);

db = ReadProcessMemory(hProcess, (void*)address, buf, len, NULL);
printf("ReadProcessMemory returned: %i\n", db);

db = GetLastError();
printf("GetLastError returned: %i\n\n", db);

CloseHandle(hProcess);
}

Share this post


Link to post
Share on other sites
Quote:
Original post by toony
i did all that and i still get that 6 error! do you think there is something wrong in the code? plz have a look and let me know.


Are you sure your class name is correct for Calculator in the call to FindWindow? (Class name first, then window name!) Mine is "SciCalc", not "calc" or "Calculator", on Windows XP and Vista. I'd think Windows 7 would be the same, but use Spy++ as part of the Visual Studio tools (if you have it) to verify or some other utility. Alternatively, use the window name field and verify your hwnd is not NULL.

Share this post


Link to post
Share on other sites
yes hwnd is null after calling the findwindow function, and the system error code is 2 at that point for ERROR_FILE_NOT_FOUND.

so i have to find the correct name but i dont have microsofts c++ compiler, i am using codeblocks. any other ways i might get this pid? can i use cheat engine to get this id?

changes:
HWND hwnd = FindWindow(NULL, "calc");


[Edited by - toony on July 3, 2010 6:30:22 PM]

Share this post


Link to post
Share on other sites
ok i got the process id from cheat engine and it worked but i cant be opening cheat engine everytime and manualy enter the changing process id, there must be a function to get it.

Share this post


Link to post
Share on other sites
Quote:
Original post by Drew_Benton
Quote:
Original post by toony
i did all that and i still get that 6 error! do you think there is something wrong in the code? plz have a look and let me know.


Are you sure your class name is correct for Calculator in the call to FindWindow? (Class name first, then window name!) Mine is "SciCalc", not "calc" or "Calculator", on Windows XP and Vista. I'd think Windows 7 would be the same, but use Spy++ as part of the Visual Studio tools (if you have it) to verify or some other utility. Alternatively, use the window name field and verify your hwnd is not NULL.


thanks! very bad mistake! i was using the wrong parameter.

i tried paintball because calculator was playing silly buggers and it all works now, thanks again.

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

We are the game development community.

Whether you are an indie, hobbyist, AAA developer, or just trying to learn, GameDev.net is the place for you to learn, share, and connect with the games industry. Learn more About Us or sign up!

Sign me up!