Hi,
Just started reading the Memory Editing section of this forum, did some searches, and read some instructions. It's pretty amazing what some people have made, my compliments. My programming language of choice is Delphi(Pascal). I've programmed in Delph about 8 years ago, for 2 years, and I want to pick it up again and make a simple radar tool. So basically a tool that only reads information from the WoW process.
So far, I started by reading the base memory address from the WoW process. In this test-app i'm filling the edit1-box with the pID.
I did that doing the following (not yet optimized code):
Code:
unit UnitMain;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, PsAPI, StdCtrls;
type
TForm2 = class(TForm)
Button1: TButton;
Edit1: TEdit;
Memo1: TMemo;
procedure Button1Click(Sender: TObject);
private
{ Private declarations }
function GetModuleBaseAddress(ProcessID: Cardinal; MName: String): Pointer;
public
{ Public declarations }
end;
var
Form2: TForm2;
implementation
{$R *.dfm}
{ TForm2 }
procedure TForm2.Button1Click(Sender: TObject);
var
WHandle : HWND;
Address: DWORD;
ProcessID : Cardinal;
begin
if Edit1.Text <> '' then
begin
Address := Integer(GetModuleBaseAddress(StrToInt(Edit1.Text), '')) + Integer($21212);
end;
showmessage(IntToStr(Address));
end;
function TForm2.GetModuleBaseAddress(ProcessID: Cardinal; MName: String): Pointer;
var
Modules : Array of HMODULE;
cbNeeded, i : Cardinal;
ModuleInfo : TModuleInfo;
ModuleName : Array[0..MAX_PATH] of Char;
PHandle : THandle;
begin
Result := nil;
SetLength(Modules, 1024);
PHandle := OpenProcess(PROCESS_QUERY_INFORMATION + PROCESS_VM_READ, False, ProcessID);
if (PHandle <> 0) then
begin
EnumProcessModules(PHandle, @Modules[0], 1024 * SizeOf(HMODULE), cbNeeded);
SetLength(Modules, cbNeeded div SizeOf(HMODULE));
for i := 0 to Length(Modules) - 1 do
begin
GetModuleBaseName(PHandle, Modules[i], ModuleName, SizeOf(ModuleName));
GetModuleInformation(PHandle, Modules[i], @ModuleInfo, SizeOf(ModuleInfo));
Result := ModuleInfo.lpBaseOfDll;
CloseHandle(PHandle);
Exit;
end;
end;
end;
end.
From this point I would like to go further and read the current Playername from the process. From the Info Dump Thread i read the
playername can be found at memory/hex 0x9BD070.
My question, hopefully someone can point me in the right direction: What do I do from here? Should I call ReadProcessMemory? Am I forgetting mayor things?
Any help would be great!
Grtz,
J.