Jump to content
  • Advertisement
Sign in to follow this  
toony

getting a memory address that changes

This topic is 3087 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

hi again,

there is this memory address from a game that i need to program something, but it keeps changing when i close and restart the game. i dont know anything in c to help me with this problem and i thought maybe there are some microsoft functions out there for this purpose. does anybody know which, and can you please provide some example?

thanks for any help.

Share this post


Link to post
Share on other sites
Advertisement
Memory layout of an application instance is almost entirely dependent on the application itself, so there's no universal way to do what you want.

If you know the pattern in which the application's memory is organized around the variable, you could search for said pattern from memory. However, there may not be a coherent pattern to begin with.

You could also track the instructions that write to the address. Since such instructions are usually on the stack, the instruction address offsets do not change as commonly as the data addresses.

In any case, use ReadProcessMemory and WriteProcessMemory to access the process' memory space.

There exists a debugger designed for reverse engineering called "OllyDbg" which can help you pinpoint the relevant instructions. Do note that some EULAs and laws prohibit reverse engineering of software in this manner.

Share this post


Link to post
Share on other sites
Information which people want to change like that is usually global data (either allocated on the heap or in static memory - but that doesn't sound like the case here). There is a chance it's stored on the stack, but that's unlikely and hard to track if it is (it's likely there will be no set references to it and its location will be entirely control flow dependent). If it's on the heap clearly the program needs to know where it is, so there will be a pointer to it, or a pointer to the structure in which it's in - however this pointer may also be in a heap structure with a pointer to that etc.

As Nik02 said, look for how that memory is written to, reverse engineering is a massive topic, but you're likely to see instructions something like (formats may differ):


mov [ecx + 08h], eax

In this example eax is the data being written - ignore this, the important thing is to figure out how ecx is set as that will give you your pointer to the data structure in which your data is (here stored at an offset of 8 bytes).

Share this post


Link to post
Share on other sites
thanks for replies. i managed to get the pointer address that points to a pointer that points to the values i was looking for when added correctly in hex.

thanks a lot for the replies. ;]

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

GameDev.net is your game development community. Create an account for your GameDev Portfolio and participate in the largest developer community in the games industry.

Sign me up!