Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Memory Hacking/Modifying in C++ [closed]

Tags:

c++

memory

So, I'm trying to write a program in C++, to modify a value in another program. In my case, the Windows' Calculator. Here's the code:

#include <iostream>
#include <windows.h>

using namespace std;

int main(void) {

    int nVal = 2000;

    HWND hWnd = FindWindowA(0, "Calculator");
    if(hWnd == 0){
        cerr << "Could not find window." << endl;
    } else {
        DWORD PID;
        GetWindowThreadProcessId(hWnd, &PID);
        HANDLE hProc = OpenProcess(PROCESS_ALL_ACCESS, false, PID);

        if(!hProc) {
            cerr << "Cannot open process." << endl;
        } else {
            int stat = WriteProcessMemory(hProc, (LPVOID)0xC6A0EB922C, &nVal, (DWORD)sizeof(nVal), NULL);

            if(stat > 0){
                clog << "Memory written to process." << endl;
            } else {
                cerr << "Memory couldn't be written to process." << endl;
            }

            CloseHandle(hProc);

            cin.get();

        }

    }

    return 0;
}

The program tries to overwrite one value, stored with the 'MS' button in the Calculator. The problem is that the program can't do this. I tried to run the executable as administrator, but nothing changes. I found this code on a YouTube video, the guy was using XP, I am using Windows 8.

I found the 0xC6A0EB922C address using Cheat Engine, and also tried to modify the value inside and it worked perfectly!

If anyone can help me out, please do. Thanks!

like image 949
jndok Avatar asked Sep 23 '13 19:09

jndok


1 Answers

Juding from your hardcoded address, your calculator is running as a 64-bit application.

If your program is compiled as 32-bit, the hard coded address (LPVOID)0xC6A0EB922C will get truncated to 32-bit and thus be wrong.

To solve this you should either compile your program as 64-bit or use the 32-bit calculator as a test target. It is located in C:\Windows\SysWOW64\calc.exe.

WinAPI functions can fail and they do more ofter than one may want. Always check the return values and call GetLastError() if an error occured, so you know why it failed.

Remember to run your program as administrator or turn off UAC when opening other processes.

like image 151
typ1232 Avatar answered Sep 19 '22 16:09

typ1232