Menu
I'm trying to make a program that read the timer value from Minesweeper. (OS is windows 7 64bit)
Using cheat engine I found the base address of the variable, but it changes every time I run Minesweeper.
What do I need to do to find out the base address automatically?
Does it have something to do with the executable base address?
Here's my code:
#include <windows.h>
#include <iostream>
using namespace std;
int main()
{
DWORD baseAddress = 0xFF1DAA38;//always changing
DWORD offset1 = 0x18;
DWORD offset2 = 0x20;
DWORD pAddress1;
DWORD pAddress2;
float value = 0;
DWORD pid;
HWND hwnd;
hwnd = FindWindow(NULL,"Minesweeper");
if(!hwnd)//didn't find the window
{
cout <<"Window not found!\n";
cin.get();
}
else
{
GetWindowThreadProcessId(hwnd,&pid);
HANDLE phandle = OpenProcess(PROCESS_VM_READ,0,pid);//get permission to read
if(!phandle)//failed to get permission
{
cout <<"Could not get handle!\n";
cin.get();
}
else
{
ReadProcessMemory(phandle,(void*)(baseAddress),&pAddress1,sizeof(pAddress1),0);
ReadProcessMemory(phandle,(void*)(pAddress1 + offset1),&pAddress2,sizeof(pAddress2),0);
while(1)
{
ReadProcessMemory(phandle,(void*)(pAddress2 + offset2),&value,sizeof(value),0);
cout << value << "\n";
Sleep(1000);
}
}
}
}
977
A base address is an absolute address that acts as a reference point for other addresses. The base address is used in computing as a relative address of an instruction within a program or the location of a piece of data currently being worked on by the program.
To get the base address of a module(DLL or EXE) in memory you can enumerate the loaded modules using ToolHelp32Snapshot Windows API function. Microsoft provides documented source code to find the module. Basically you need 2 functions, one to grab the ProcessId and then one to get the base address.
When referring to computer memory, the base address is a memory starting point that address that references all other memory addresses. Absolute address, Memory address, Memory terms, Offset, Programming terms.
The stack base. Is the address of the top of the stack, from which the stack grows downwards. The highest location actually used by the stack is the first word below the stack base.
#pragma comment( lib, "psapi" )
DWORD GetModuleBase(HANDLE hProc, string &sModuleName)
{
HMODULE *hModules;
char szBuf[50];
DWORD cModules;
DWORD dwBase = -1;
//------
EnumProcessModules(hProc, hModules, 0, &cModules);
hModules = new HMODULE[cModules/sizeof(HMODULE)];
if(EnumProcessModules(hProc, hModules, cModules/sizeof(HMODULE), &cModules)) {
for(int i = 0; i < cModules/sizeof(HMODULE); i++) {
if(GetModuleBaseName(hProc, hModules[i], szBuf, sizeof(szBuf))) {
if(sModuleName.compare(szBuf) == 0) {
dwBase = (DWORD)hModules[i];
break;
}
}
}
}
delete[] hModules;
return dwBase;
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
