i am trying to read the value stored inside a memory address of a program but the value at this address is not being copied to the val variable i created. can someone that has used this function please have a look at my code? thanks.
#include <windows.h>
#include <stdio.h>
void ReadProcess(DWORD lpAddress, void* buf, int len);
int main()
{
int val = 0;
ReadProcess(0x0003f3a8, &val, sizeof(int));
printf("val is: %d\n", val);
return 0;
}
void ReadProcess(DWORD address, void* buf, int len)
{
HWND hwnd = FindWindow("Calculator", NULL);
DWORD pid;
GetWindowThreadProcessId(hwnd, &pid);
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid);
ReadProcessMemory(hProcess, (void*)address, buf, len, NULL);
CloseHandle(hProcess);
}
ReadProcessMemory not reading
Did you try debugging the program?
Did you check if the function calls succeed? (check return values, use GetLastError(), etc.)
Did you check if the function calls succeed? (check return values, use GetLastError(), etc.)
Author
GetWindowThreadProcessId returned 0, ReadProcessMemory returned 0 and GetLastError returned 6.
i havnt used these functions before and i need a bit of help if possible. i dont wanna go down and write too much code to do something that can be done simply with less, i just want to get the value at the address.
i havnt used these functions before and i need a bit of help if possible. i dont wanna go down and write too much code to do something that can be done simply with less, i just want to get the value at the address.
Don't use PROCESS_ALL_ACCESS, use the individual flags instead.
Also 6 is ERROR_INVALID_HANDLE, check that OpenProcess() is returning a valid handle.
Also, it might be a safer bet to use the actual process name instead of the window name. You can use CreateToolhelp32Snapshot() for this.
Also 6 is ERROR_INVALID_HANDLE, check that OpenProcess() is returning a valid handle.
Also, it might be a safer bet to use the actual process name instead of the window name. You can use CreateToolhelp32Snapshot() for this.
Author
i did all that and i still get that 6 error! do you think there is something wrong in the code? plz have a look and let me know.
#include <windows.h>
#include <stdio.h>
void ReadProcess(DWORD lpAddress, void* buf, int len);
int main()
{
int val = 0;
ReadProcess(0x000AA4BC, &val, sizeof(int));
printf("val is: %d\n", val);
return 0;
}
void ReadProcess(DWORD address, void* buf, int len)
{
int db;
DWORD pid;
HWND hwnd = FindWindow("calc", NULL);
db = GetWindowThreadProcessId(hwnd, &pid);
printf("pid: %li\n", pid);
printf("GetWindowThreadProcessId returned: %i\n", db);
HANDLE hProcess = OpenProcess(PROCESS_VM_READ, FALSE, pid);
db = ReadProcessMemory(hProcess, (void*)address, buf, len, NULL);
printf("ReadProcessMemory returned: %i\n", db);
db = GetLastError();
printf("GetLastError returned: %i\n\n", db);
CloseHandle(hProcess);
}
#include <windows.h>
#include <stdio.h>
void ReadProcess(DWORD lpAddress, void* buf, int len);
int main()
{
int val = 0;
ReadProcess(0x000AA4BC, &val, sizeof(int));
printf("val is: %d\n", val);
return 0;
}
void ReadProcess(DWORD address, void* buf, int len)
{
int db;
DWORD pid;
HWND hwnd = FindWindow("calc", NULL);
db = GetWindowThreadProcessId(hwnd, &pid);
printf("pid: %li\n", pid);
printf("GetWindowThreadProcessId returned: %i\n", db);
HANDLE hProcess = OpenProcess(PROCESS_VM_READ, FALSE, pid);
db = ReadProcessMemory(hProcess, (void*)address, buf, len, NULL);
printf("ReadProcessMemory returned: %i\n", db);
db = GetLastError();
printf("GetLastError returned: %i\n\n", db);
CloseHandle(hProcess);
}
Quote:Original post by toony
i did all that and i still get that 6 error! do you think there is something wrong in the code? plz have a look and let me know.
Are you sure your class name is correct for Calculator in the call to FindWindow? (Class name first, then window name!) Mine is "SciCalc", not "calc" or "Calculator", on Windows XP and Vista. I'd think Windows 7 would be the same, but use Spy++ as part of the Visual Studio tools (if you have it) to verify or some other utility. Alternatively, use the window name field and verify your hwnd is not NULL.
Author
yes hwnd is null after calling the findwindow function, and the system error code is 2 at that point for ERROR_FILE_NOT_FOUND.
so i have to find the correct name but i dont have microsofts c++ compiler, i am using codeblocks. any other ways i might get this pid? can i use cheat engine to get this id?
changes:
HWND hwnd = FindWindow(NULL, "calc");
[Edited by - toony on July 3, 2010 6:30:22 PM]
so i have to find the correct name but i dont have microsofts c++ compiler, i am using codeblocks. any other ways i might get this pid? can i use cheat engine to get this id?
changes:
HWND hwnd = FindWindow(NULL, "calc");
[Edited by - toony on July 3, 2010 6:30:22 PM]
Author
ok i got the process id from cheat engine and it worked but i cant be opening cheat engine everytime and manualy enter the changing process id, there must be a function to get it.
Author
Quote:Original post by Drew_BentonQuote:Original post by toony
i did all that and i still get that 6 error! do you think there is something wrong in the code? plz have a look and let me know.
Are you sure your class name is correct for Calculator in the call to FindWindow? (Class name first, then window name!) Mine is "SciCalc", not "calc" or "Calculator", on Windows XP and Vista. I'd think Windows 7 would be the same, but use Spy++ as part of the Visual Studio tools (if you have it) to verify or some other utility. Alternatively, use the window name field and verify your hwnd is not NULL.
thanks! very bad mistake! i was using the wrong parameter.
i tried paintball because calculator was playing silly buggers and it all works now, thanks again.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
