Access to memory locations

[rfavre]

I'm trying to get at some data from a running application (a game). Using a tool for hacking into games, I've managed to locate the value I want (altitude on a flying game) at memory location 005172D8. I would like to write a VB program that can read this location, and display the value of that location in a TextBox. Any help is appreciated.

Thanks

[Zaei]

[speech] This is a clean forum. We are not hackers here, and we do not welcome either people who do, or questions relating to hacking. I feel that I speak for every person who views or posts here in saying that we would like to keep this forum clean. If you want answers to a question like this in the future, please ask elsewhere. [/speech]

This would require pointers, and, since VB doesnt support them, you can't do this.

Z.

[rfavre]

Ok....[speech]
It's disheartening that a valid question can't be answered without some moral drum beater treading in where they don't belong, and with the wrong answer!!![/speech]

Yes, it can be done...I found the answer elsewhere on this forum. For those that are interested, you can use the ReadProcessMemory API to retrieve the data.

By the way...I build flight simulation cockpits. These cockpits make use of "real" instruments (altimeter, rpms..etc), and "glass" cockpit instruments. Since most games don't give you access to the data necessary to drive these gauges, I sometimes have to utilize creative methods of capturing the data.

Rob

[Zaei]

[Speech] My answer may be incorrect, but my basis for my previous speech is perfectly valid. "Using a tool for hacking into games" would lead anyone who cannot read minds to believe that you wanted to hack into whatever game you had running. So, if you really wanted to avoid this "moral drum beating", you could have a) not mentioned the methods you used, or, b) stated what you were trying to do. [/Speech]

Z.

[kedaman]

[speech]Don't listen to Zaei [/speech]
I don't think what you are doing is hacking, more like cheating, and there's loads of applications that does that, and they aren't illegal in any way. Whether you think it's wrong to cheat or not in games are your personal problems.

There's a trick you can use in vb, if you use copymemory and replace the content of a UDT containing an array, the array first element will point to that memory location which was copied.

[rfavre]

Whenever I meet or hear from people who "speak for every person who views or posts here", I just chuckle...they're usually not worth taking the time or effort to respond...in this case, I had a few minutes to kill....

kedaman...thanks for the tip on copymemory...I'll give it a shot as well.

Rob

[Zaei]

[Speech] Always listen to kedaman =P [/Speech]

vBulletin should add [Speech][/Speech] tags...

And, just as a reminder, rfavre, usually isn't always. I try to never be "usually" in anything I do.

Z.

[Jotaf98]

Hum, that seems nice, but how do you use ReadProcessMemory to pass CopyMemory the address of that variable?

[rfavre]

Here is the code I'm using, as culled from other messages on this forum:

Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long
Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hWnd As Long, lpdwProcessId As Long) As Long
Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, ByVal lpBuffer As String, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Public Const PROCESS_VM_READ = &H10
Sub Main()
x = RPMEM("WarBirds", &H5171D0, 1)
Debug.Print Asc(x)
Stop
End Sub

Public Function RPMEM(wndTitle As String, lAddress As Long, lLength As Long) As String
Dim hWnd As Long
Dim pID As Long
Dim pHandle As Long
Dim strBuffer As String
Dim succeed As Boolean

hWnd = FindWindow(vbNullString, wndTitle) ' get the handle of the window ...
If (hWnd = 0) Then Exit Function 'no handle & exit =)
GetWindowThreadProcessId hWnd, pID 'we need to get the proccess id to get the proccess handle .. *uuuummm*
pHandle = OpenProcess(PROCESS_VM_READ, False, pID) ' no comment ... =)
If (pHandle = 0) Then Exit Function 'mh. no handle. maybe we have no access to open this proccess with VM_READ
strBuffer = String(lLength, vbNullChar) 'fill the buffer
succeed = ReadProcessMemory(pHandle, lAddress, strBuffer, Len(strBuffer), 0&) 'read it out !
If Err.LastDllError = 998 Then Debug.Print "no acceess."
CloseHandle pHandle 'what we have opened we must(?) close ..
If succeed = True Then 'function succeed
RPMEM = strBuffer
Else
RPMEM = ""
End If
End Function

[Nirces]

VB does support Pointers to a limited affect.

For example it supports pointers in all API calls
(some people say it doesn't, but it does, just some API calls need you to be in process, which means you need to write a VB DLL, and Hook it into the process, which can be done)

Direct Memory access per application can be gotten as shown here, its harder to do in C++ aswell.

A tit-bit for you, by defualt all VB functions pass variables using pointers, you just don't get to access them directly.

ReadProcessMemory will work on the VB programs Process aswell.

CopyMemory has alot of power also.

VB is a VERY powerful programming Lanauage, in a few lines you can do alot more than in C++

It is Faster to Develop In aswell.

There are Speed issues, but they are very small in VB6, but most people still think of VB's Speed in terms of VB5 and below.


As for the Hacking Issue, you clearly have no idea what a hacker is. I am a hacker, despite that everything i do is legal. A hacker is a Generic Term for a Computer User who goes beyond normal programming, 'Hacking the Computer/program Directly' the term Hacker comes from ' Hacking away at a Computer Keyboard' and has nothing to do with breaking into systems.

[kedaman]

Normal programming? What's out there else than normal programming? Disassembling and software reenginering maybe? Tell me what a hacker does

[Nirces]

Thats What I do.

Its a Type of Programmer, hard to put into words.

For example.

I'm the type of programmer who when faced with a program problem that cannot be immediatly sloved will keep atempting to program it, in various ways, for days at a time until i understand it.

Other programmers go and ask someone who knows better, proberley a 'hacker' programmer, a Person who keeps hacking away at a problem until its solved.

normally I ask on here if i haven't figured it out after a couple of days.

[kedaman]

I'm the type of programmer who when faced with a program problem that cannot be immediatly sloved will keep atempting to program it, in various ways, for days at a time until i understand it.

Other programmers go and ask someone who knows better, proberley a 'hacker' programmer, a Person who keeps hacking away at a problem until its solved.

A stubborn programmer? I thought all programmers were stubborn

[Jotaf98]

Hey I like to dissect programs with notepad and sometimes WinHex (not to be confused with WinHacks ), but all I do is search for strings and stuff like that