Matthew Souza Matthew Souza - 12 days ago 7
C++ Question

C++ Get an address off of a pointer

I'm trying to understand C++ way of Reading/Writing in memory.
What I have is, I'm trying to get an address off of a pointer. I have the pointer which will point to my desired address.
Like I have the current address I want to use to read the value, let's say the address is 14C9862 but as every time I run the program again this address changes. I have the pointer which writes to this address (I'm using cheat engine) and it says the pointer is equal to eax+ePSXE.exe+A82020 as for eax = 77420 and ePSXE.exe = 1718(ignoring the zeros), so how could I write this in C++ in a way that I can get the ADDRESS every time I run the program again.

Current code:

int readTest {}
ReadProcessMemory(handle, (LPBYTE*)ePSXe+pointer?, &readTest, sizeof(readTest), 0);
std::cout << readTest << std::endl;


As I'm thinking now LPBYTE is a pointer to a byte so couldn't it be like
(A82020*)????
I'm just going insane I don't know how to do it.

Answer

It looks like your target address can be calculated if you know the base address of the ePSXE.exe module.

You could get it with use of the following code:

#include <windows.h>
#include <TlHelp32.h> 

DWORD procId = 0;   // <-- Replace with real process ID
MODULEENTRY32 lpModuleEntry = {0};
HANDLE hSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, procId);
if(!hSnapShot)
{
  return NULL;
}

DWORD baseAddress = 0;
lpModuleEntry.dwSize = sizeof(lpModuleEntry);
BOOL bModule = Module32First( hSnapShot, &lpModuleEntry );
while(bModule)
{
  if(!strcmp( lpModuleEntry.szModule, "ePSXE.exe") )
  {
    CloseHandle( hSnapShot );
    baseAddress = reinterpret_cast<DWORD>(lpModuleEntry.modBaseAddr);
  }
  bModule = Module32Next( hSnapShot, &lpModuleEntry );
}
CloseHandle( hSnapShot );

Finally you need to combine static part of address with the module base address:

ReadProcessMemory(handle, reinterpret_cast<LPVOID>(baseAddress + 0xA82020), &readTest, sizeof(readTest), NULL);
Comments