0

I was trying to read memory from a game ,so that i can get some values and make a good Bot. But i have always the int 0 returned,I didn't find any error. It's my first time that i try to code these things with C#,i hope we can find a solution,thanks for your answers.

PS: If the software where i try to read the memory is "running with administrator privileges" i have an error on : "UInt32 Base = (UInt32)game.MainModule.BaseAddress.ToInt32();".

this is the code:

public partial class Form1 : Form
{
    public Form1()
    {
        InitializeComponent();
    }


    [DllImport("kernel32.dll")]
    public static extern Int32 ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress,
    [In, Out] byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesRead);

    public static byte[] ReadBytes(IntPtr Handle, Int64 Address, uint BytesToRead)
    {
        IntPtr ptrBytesRead;
        byte[] buffer = new byte[BytesToRead];
        ReadProcessMemory(Handle, new IntPtr(Address), buffer, BytesToRead, out ptrBytesRead);
        return buffer;
    }

    public static int ReadInt32(long Address, uint length = 4, IntPtr? Handle = null)
    {
        return BitConverter.ToInt32(ReadBytes((IntPtr)Handle, Address, length), 0);
    }

    public static string ReadString(long Address, uint length = 32, IntPtr? Handle = null)
    {
        string temp3 = ASCIIEncoding.Default.GetString(ReadBytes((IntPtr)Handle, Address, length));
        string[] temp3str = temp3.Split('\0');
        return temp3str[0];
    }




    private void btnLeggi_Click(object sender, EventArgs e)
    {
        UInt32 Address = 0x00075140;
        // get process
        Process game = Process.GetProcessesByName("Prison Architect")[0];
        // dump base

        UInt32 Base = (UInt32)game.MainModule.BaseAddress.ToInt32();
        // read pointer

        UInt32 Ptr1 = (UInt32)ReadInt32(Address + Base, 4, game.Handle);

        UInt32 Ptr2 = (UInt32)ReadInt32(Ptr1 + 0x300, 4, game.Handle);

        UInt32 Ptr3 = (UInt32)ReadInt32(Ptr2 + 0x88, 4, game.Handle);

        UInt32 Ptr4 = (UInt32)ReadInt32(Ptr3 + 0x26c, 4, game.Handle);

        UInt32 Ptr5 = (UInt32)ReadInt32(Ptr4 + 0x70, 4, game.Handle);

        UInt32 Ptr6 = (UInt32)ReadInt32(Ptr5 + 0x328, 4, game.Handle);

        // read memory pointer points to
        int PtrRead = ReadInt32(Ptr6, 255, game.Handle);


        txtDato.Text = Convert.ToString( PtrRead);









    }
}
Walkirio
  • 11
  • 3
  • This has nothing to do with `ReadProcesssMemory`, you could simplify your example program to just the 2nd and 3rd lines of code in the Click event. – Scott Chamberlain Nov 16 '16 at 22:45
  • @ScottChamberlain Thanks for your reply.I will update the code,do you know why I always have "0" returned? – Walkirio Nov 16 '16 at 22:49
  • http://stackoverflow.com/questions/8263135/finding-the-correct-baseaddress – Dan Wilson Nov 16 '16 at 22:53
  • @DanWilson do you have any example relative to my code ? Because I didn't understand the "P/Invoke " that you linked. – Walkirio Nov 16 '16 at 23:06

1 Answers1

0

If the software where i try to read the memory is "running with administrator privileges" i have an error on UInt32 Base = (UInt32)game.MainModule.BaseAddress.ToInt32();.

If the target process is running as administrator, you must also be running as administrator. To make your app require administrator permissions, then right click your project and select add new item and select manifest file, it will use a default one with "asInvoker" as the requestedExecutionLevel.

Change it to look like this:

<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />

Once you run it as administrator, Process.MainModule.BaseAddress will have the correct address.

GuidedHacking
  • 3,628
  • 1
  • 9
  • 59