is this right?

**joshww** · 03-28-2011

ok first off let me start by saying this is my first attempt at messing with memory for wow... and im doing for a friend that is trying to learn.

that being said.. im trying to do a basic function to get the base address.

here is my module with the functions and such iv made.
iv done this all blinded (meaning im just going from the knowledge i have )
iv done this sorta stuff in other games

Code:

Option Explicit
Private Const TH32CS_SNAPMODULE As Long = &H8
Private Type MODULEENTRY32W
dwSize As Long
th32ModuleID As Long
th32ProcessID As Long
GlblcntUsage As Long
ProccntUsage As Long
modBaseAddr As Long
modBaseSize As Long
hModule As Long
szModule(511) As Byte
szExePath(519) As Byte
End Type

Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function CreateToolhelp32Snapshot Lib "kernel32" (ByVal dwFlags As Long, ByVal th32ProcessID As Long) As Long
Private Declare Function Module32FirstW Lib "kernel32" (ByVal hSnapshot As Long, ByRef uModule As Any) As Long
Private Declare Function Module32NextW Lib "kernel32" (ByVal hSnapshot As Long, ByRef uModule As Any) As Long
Private Declare Function GetWindow Lib "user32" (ByVal hWnd As Long, ByVal wCmd As Long) As Long
Private Declare Function GetWindowText Lib "user32" Alias "GetWindowTextA" (ByVal hWnd As Long, ByVal lpString As String, ByVal cch As Long) As Long
Private Declare Function GetForegroundWindow Lib "user32.dll" () As Long
Private Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hWnd As Long, lpdwProcessId As Long) As Long
Private Const GW_HWNDNEXT = 2
Private Const GW_CHILD = 5

Public Function GetModule(proc As String, szDllName As String)
Dim hWnd As Long
Dim dwPid As Long
Dim uModule As MODULEENTRY32W, lModuleSnapshot&
Dim Module As String

hWnd = FindWindowLike(proc)
GetWindowThreadProcessId hWnd, dwPid
lModuleSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwPid)
uModule.dwSize = LenB(uModule)

If lModuleSnapshot > 0 Then
If Module32FirstW(lModuleSnapshot, uModule) <> 0 Then
Do
Form1.Text1.Text = uModule.szModule
If Form1.Text1.Text = szDllName Then
GetModule = Hex(uModule.modBaseAddr)
Exit Function
End If
Loop Until Module32NextW(lModuleSnapshot, uModule) = 0
End If

'Close handle of the snapshot
CloseHandle lModuleSnapshot
End If
End Function

Function FindWindowLike(strPartOfCaption As String) As Long
Dim hWnd As Long
Dim strCurrentWindowText As String
Dim r As Integer

hWnd = GetForegroundWindow

Do Until hWnd = 0
strCurrentWindowText = Space$(255)
r = GetWindowText(hWnd, strCurrentWindowText, 255)
strCurrentWindowText = Left$(strCurrentWindowText, r)
'hWnd = GetWindow(hWnd, GW_CHILD)
If InStr(1, LCase(strCurrentWindowText), LCase(strPartOfCaption)) <> 0 Then GoTo Found
hWnd = GetWindow(hWnd, GW_HWNDNEXT)
Loop

Exit Function
Found:
FindWindowLike = hWnd
End Function



Public Function LongToHex(plngValue As Long) As String
    Dim a As String, b As String, c As Long, d As Long
    a = Hex$(plngValue)
    c = Len(a)
    If c < 8 Then
        d = 8 - c
        b = String$(d, "0") & a
    Else
        b = a
    End If
    LongToHex = "&H" & b
End Function

'&H041E3AD0
with that being said here is my call

Code:

Dim test As Long
test = GetModule("World of Warcraft", "dbghelp.dll")
Text2 = LongToHex(test)

now this is returning "&H041E3AD0" as the base witch does not look right to me but i could be wrong.. again im doing this blindly with out looking else where.

now i shall address the flaming that may come, yes i know easyer in c++ and if it where for me it would be. it is for a friend and he only knows the basics right now he is learning.

tbh iv not coded anything that messed with memory in a few years.

Thanks for the help, nice community btw wish there was something like this when i was mucking about ages ago! Cheers