[Question] Why injection doesnt work

[sercankd]

I am new to memory editing stuff, trying to make something my own with blackmagic library. i have readed some tutorials on this forums.
this is my code, its just simple. and i run visual studio in admin mode

Code:

BlackMagic wow = new BlackMagic(); //Create new function to open wow process            wow.OpenProcessAndThread(SProcess.GetProcessFromProcessName("wow"));
            IntPtr baseWOW = wow.MainModule.BaseAddress;
            wow.WriteInt((uint)baseWOW + 0x00965AC8, 0);
            textBox1.Text = wow.ReadFloat((uint)baseWOW + 0x00965AC8).ToString();

[xalcon]

you are writing an int and reading a float - for 0 this might work, but I've no idea what you are trying to accomplish here. It would also help if you tell us what exactly is not working... does it crash? Wrong values?

[sercankd]

nope it doesnt change the value at all, its a wall climbing offset(private server). when i use it in cheat engine and change it to zero it works fine. but in this code it doesnt work, i know its float i tried everything to get it work

[Sarick]

You are trying to write Int to a float.
Try do do wow.WriteFloat(wow.ReadUInt((uint)baseWOW) + 0x00965AC8 , 0);

[sercankd]

You are trying to write Int to a float.
Try do do wow.WriteFloat(wow.ReadUInt((uint)baseWOW) + 0x00965AC8 , 0);

its not the problem, since i am writing zero as value. i am aware of that its a float type.

[Sarick]

its not the problem, since i am writing zero as value. i am aware of that its a float type.

Well try that above. Example how I write to float in my small tool for 1.12.1, black magic aswell.
wow.WriteFloat(wow.ReadUInt(wow.ReadUInt(wow.ReadUInt(playerx) + 0x20) + 0x118 ) + 0x10, 5241);

Could also be that you have the wrong address.

[sercankd]

Well try that above. Example how I write to float in my small tool for 1.12.1, black magic aswell.
wow.WriteFloat(wow.ReadUInt(wow.ReadUInt(wow.ReadUInt(playerx) + 0x20) + 0x118 ) + 0x10, 5241);

Could also be that you have wrong the address.

textBox1.Text = wow.ReadFloat((uint)baseWOW + 0x00965AC.ToString();
this part of the code gives exact value, so it cant be wrong adress.

[namreeb]

This probably isn't it, but in your original post the OpenProcessAndThread line is on the same line as and follows a single-line comment. That would have the OpenProcessAndThread statement go un-executed. Also, are you sure you don't need to do anything to adjust the page permissions?

[xalcon]

This probably isn't it, but in your original post the OpenProcessAndThread line is on the same line as and follows a single-line comment. That would have the OpenProcessAndThread statement go un-executed. Also, are you sure you don't need to do anything to adjust the page permissions?

The OpenProcessAndThread() would be my guess too, but he doesnt need to ajust page permissions, BlackMagic is handling everything internally. I would expect blackmagic would crash when you try to read/write something without actually being attached to a process, but I havn't looked into the code myself.

[Cypher]

The missing OpenProcessAndThread call sounds plausible, but wouldn't it throw then on the Read/Write call?

My other guess would be that he has ASLR disabled and 0x00965AC8 is an absolute address not a relative one.

OP, what version of WoW are you working on?

[sercankd]

i am working with 5.4.0 17399
i put a breakpoint to where it begins writing it gave me some error
+ Thrown: "WriteBytes failed! Number of bytes actually written differed from request."

[xalcon]

Then its either a problem with your OpenProcessAndThreat or a permission problem (are you really running VS as an administrator?). WriteInt calls internally WriteBytes which is defined like

Code:

public static bool WriteBytes(IntPtr hProcess, uint dwAddress, byte[] lpBytes, int nSize)
{
	IntPtr lpBuffer = IntPtr.Zero;
	int iBytesWritten = 0;

	try
	{
		lpBuffer = Marshal.AllocHGlobal(Marshal.SizeOf(lpBytes[0]) * nSize); //allocate unmanaged memory

		Marshal.Copy(lpBytes, 0, lpBuffer, nSize);

		iBytesWritten = WriteRawMemory(hProcess, dwAddress, lpBuffer, nSize);

		if (nSize != iBytesWritten)
			throw new Exception("WriteBytes failed!  Number of bytes actually written differed from request.");
	}
	catch
	{
		return false;
	}
	finally
	{
		if (lpBuffer != IntPtr.Zero)
			Marshal.FreeHGlobal(lpBuffer);
	}

	return true;
}

static int WriteRawMemory(IntPtr hProcess, uint dwAddress, IntPtr lpBuffer, int nSize)
{
	IntPtr iBytesWritten = IntPtr.Zero;
		if (!Imports.WriteProcessMemory(hProcess, dwAddress, lpBuffer, nSize, out iBytesWritten))
		return 0;

	return (int)iBytesWritten;
}

As you can see, there is no check if hProcess is actually > 0.

BlackMagic.OpenProcessAndThread returns true/false - check for that value. If it returns true, try to debug the WriteInt method you are using.
You can also try to call "GetLastError" via P/Invoke to get the errorcode after your WriteInt.

[sercankd]

But this part of code works, doesnt it mean OpenProcessAndThread is fine?
textBox1.Text = wow.ReadFloat((uint)baseWOW + 0x00965AC.ToString();

[Corthezz]

Had the same problem when I was about to program my wallclimb hack on 1.12.1.
First of all you are good to go checking the last win32 error (Marshal.GetLastWin32Error-Methode (System.Runtime.InteropServices)) after calling the writeInt function.

In my case the page of the address was set to the readonly flag making any attempt to change its value impossible. You can adjust the page permission with VirtualProtectEx:
pinvoke.net: virtualprotectex (kernel32)

[xalcon]

ah yeah, now this makes sense. Back when I used to use blackmagic I was never writing to the .text segment (like he is doing, I guess), so thats why I never had to change page protection.
Looks like blackmagic is not changing protection itself.