Jump to content
  • Advertisement
Sign in to follow this  
Triad_prague

Getting variable address with the source code given

This topic is 2643 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Hi. I'm practicing my old programming skill again now (been busy with university). And I came across a nice programming site, but I think I get a question that it can't answer. I read about ReadProcessMemory(), and how to watch a variable's value given an address of that variable. I then said to myself how will I get the variable's address in the first place without a helper program, but only the source code. so I got several questions for you guys out there :D :

1. Can I calculate stuffs / do anything to get a variable address given a source code for that program? (I make a simple program that looks like this)

[source='cpp']int dummy = -1;

int main(int argc, char** argv)
{
return 0;
}[/source]

can I calculate the address of the 'dummy' global variable? (without helper tools like memory scanner, but just by reading its source code? I know it sounds stupid but meh)

2. Can I catch a keypress from another program/window? it seems that WM_KEYDOWN only gets sent to my window. I'd like my program to catch a keypress from another program/window (I'm writing a keyrecorder so I know what my lil bro is doing with my PC, I suspect he's doing some ebul thing with it)

3. Do you have any suggestion on good books to read about 'dissasembler and assembler in general'? need a warm up before I get into these hot topics.

That's all there is to ask. Need your guidance coz I'm an uber n00b in this matter.
Triad_prague

Share this post


Link to post
Share on other sites
Advertisement


can I calculate the address of the 'dummy' global variable? (without helper tools like memory scanner, but just by reading its source code? I know it sounds stupid but meh)

No. There is no abstract relation between source code and binary. Transformation is defined only by compiler, linker, OS memory model, etc... Compiler is typically capable of emitting debug information (pdb, COFF, DWARF, ...) which describes this mapping. These files are then used in conjunction with debugger or perhaps certain OS syscalls to determine what is what.

2. Can I catch a keypress from another program/window? it seems that WM_KEYDOWN only gets sent to my window. I'd like my program to catch a keypress from another program/window (I'm writing a keyrecorder so I know what my lil bro is doing with my PC, I suspect he's doing some ebul thing with it)[/quote]
Different methods exist, they are painfully OS, kernel, API specific. They range from writing custom drivers, intercepting USB calls, DLL injection, code injection, heck, even custom kernel might do it.

3. Do you have any suggestion on good books to read about 'dissasembler and assembler in general'?[/quote]
For assembler, there are CPU reference manuals.
Dissasembly however is a general process which covers many techniques and various tools. It's completely language/compiler/OS specific, so there is no "Learn disassembly in 24 hours". There might however be: "Keyboard hooking via DLL injection for 32-process under Vista using Visual C++ 2005".

Also keep in mind that Vista, 7, let alone Win8 put strong guards in place to prevent this type of behavior.

Share this post


Link to post
Share on other sites

1. Can I calculate stuffs / do anything to get a variable address given a source code for that program? (I make a simple program that looks like this)

[source='cpp']int dummy = -1; int main(int argc, char** argv) { return 0; }[/source]

can I calculate the address of the 'dummy' global variable? (without helper tools like memory scanner, but just by reading its source code? I know it sounds stupid but meh)

You can create a pointer to store the address of the variable: [source='cpp']int dummy = -1; int* dummyPtr; //pointer that will hold the address dummyPtr = &dummy; //assign address to pointer[/source]
More on pointers here.

That means you'll have to recompile the program though, not sure if that is what you meant. If not, I think Antheus just gave you the answer to that.

Share this post


Link to post
Share on other sites
@mussi ah yes, I can do that. but my goal is without actually recompiling the source. but thanks anyway
@Antheus, thank you too. gonna look for more 'easier' tutorials first xD

and then I got another question :

-if I add some functions/delete functions from the source code, would the offset to the global variable change?

Share this post


Link to post
Share on other sites
Windows will give any program access to all mouse and keyboard events. I forget how you do it, but there's plenty of open source keyloggers out there.

The day I learned that it doesn't even require admin permission was the day I became even more paranoid about the programs I install from the Internet.

Share this post


Link to post
Share on other sites

@Antheus, thank you too. gonna look for more 'easier' tutorials first xD
[/quote]
There are no "easy" tutorials for this kind of thing. It is fundamentally an advanced operation to try.


-if I add some functions/delete functions from the source code, would the offset to the global variable change?
[/quote]
Potentially. Such variables are usually stored in data segments, so it depends on whether the data segment gets moved around in memory (I don't know if it would, perhaps data segments are mapped before code segments). Adding other globals or constants (e.g. string literals) has a higher chance of moving it.

Again, Antheus's post has the answers. Pick your platform and learn how executables are built, and mapped into memory.

Note that for the source code you originally posted, "dummy" might be stripped out by the compiler or linker if you compile with sufficient optimisation settings. If you instead compile the program such that it emits debug symbols, you could use this information to determine the address at runtime. This is how a debugger works.

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

GameDev.net is your game development community. Create an account for your GameDev Portfolio and participate in the largest developer community in the games industry.

Sign me up!