Base Address + pointer + offset = 0 :(

[Jadd]

I am learning C# I installed visual studio and have been reading up and learning about the language all day. I am switching over from vb to C# but I am trying to figure out why this C# code isn't giving the right base address. Is it because I have to convert it, or change it somehow ? I'm reading the code, and everything seems to make sense so I'm stuck at this point :\ I am using this line here

listBox1.Items.Add("BaseAddress: " + oProcess.MainModule.BaseAddress);

which adds it to the listbox, but my guess is I'm either not converting it to the right type before adding to the listbox, or there is something I'm missing.

If you want to convert a number to string, simply write <variable>.ToString(), or <variable>.ToString( "X" ) to display it as a hexidecimal number. Read this:

0x00000000013A0000 = 20578304

&H in VB6 defines a number as hexidecimal, right? In C#, it's 0x - 13A0000 (hexidecimal) == 20578304 (decimal).

[Frosttall]

Btw I am using a 64 bit OS .. So the C# code is right BUT how do you get 20578304 out of 0x00000000013A0000 ? that's my question now lol

I'm sorry that it's in German, but you should understand it anyways

[mrdennis87]

I should of thought of that You guys are so much smarter than me ^_^ So I am trying that now.. I am using this line

listBox1.Items.Add("BaseAddress: " + oProcess.MainModule.BaseAddress.ToString()); (Still shows me decimal value)

Unless I need to declare a variable, and then do like
Variable.tostring(oProcess.MainModule.BaseAddress) ?

[Xartrick]

I should of thought of that You guys are so much smarter than me ^_^ So I am trying that now.. I am using this line

listBox1.Items.Add("BaseAddress: " + oProcess.MainModule.BaseAddress.ToString()); (Still shows me decimal value)

Unless I need to declare a variable, and then do like
Variable.tostring(oProcess.MainModule.BaseAddress) ?

String.ToString Method (IFormatProvider) (System)

Use the format parameter.

Code:

listBox1.Items.Add("BaseAddress: " + oProcess.MainModule.BaseAddress.ToString("X"));

[mrdennis87]

I definitely misunderstood lol I thought where X was. I would replace it what I wanted to convert :\ I Understand how it works now, thank you guys And I just realized I should not be asking how to convert it to hexadecimal, because I am going to continue to make my bot in C# and should be able to use the decimal value to read from the memory in C#. So Now I am off to learn how to use readprocessmemory for C# I hope someone who is new to this stuff can read this thread and learn as much as I have. Once again guys, thank you. And if you would like to help me learn about reading from memory in C# I am all ears to learn and listen, mean while I will be studying and learning as much as I can on my own also.

[Xartrick]

For API use, you can read pinvoke.net's wiki !

pinvoke.net: the interop wiki!

[mrdennis87]

I was checking that out. Not really understanding the Pinvoke exactly..

I believe you would have this code in a .cs file ? And call the function from code inside your form.
This is from Pinvoke (:

[DllImport("kernel32.dll", SetLastError = true)]
static extern bool ReadProcessMemory(
IntPtr hProcess,
IntPtr lpBaseAddress,
[Out] byte[] lpBuffer,
int dwSize,
out int lpNumberOfBytesRead
);

[DllImport("kernel32.dll", SetLastError = true)]
static extern bool ReadProcessMemory(
IntPtr hProcess,
IntPtr lpBaseAddress,
[Out, MarshalAs(UnmanagedType.AsAny)] object lpBuffer,
int dwSize,
out int lpNumberOfBytesRead
);

[DllImport("kernel32.dll", SetLastError = true)]
static extern bool ReadProcessMemory(
IntPtr hProcess,
IntPtr lpBaseAddress,
IntPtr lpBuffer,
int dwSize,
out int lpNumberOfBytesRead
);

So Something like this ?

private void button2_Click(object sender, EventArgs e)
{

txthpvalue.Text = ReadProcessMemory(IntPtr hProcess,IntPtr lpBaseAddress,[Out] byte[] lpBuffer,int dwSize, out int lpNumberOfBytesRead);

}
Of course filling in the values in the parenthsis.

There is also this below..?
[C#]Making a Game Trainer

Also this one, looks nice?
http://www.jarloo.com/reading-and-writing-to-memory/

[Xartrick]

You took several forms of ReadProcessMemory, but just one can be use.

ReadProcessMemory take a pointer to a byte array (keyword out), and write read data to it.
When you read the memory, you have to convert these bytes to your data type (int for example).

Code:

byte[] bBytes     = new byte[4];
int    iReadBytes = 0;
int    iData      = 0;

ReadProcessMemory(0x1337, 0xdeadbeef, out bBytes, 4, iReadBytes);

iData = BitConverter.ToInt32(bBytes, 0);

You give a handle, a memory address, a byte array, a size (int is 4 bytes) and a variable where the read data will be stored.

[mrdennis87]

You took several forms of ReadProcessMemory, but just one can be use.

ReadProcessMemory take a pointer to a byte array (keyword out), and write read data to it.
When you read the memory, you have to convert these bytes to your data type (int for example).

Code:

byte[] bBytes     = new byte[4];
int    iReadBytes = 0;
int    iData      = 0;

ReadProcessMemory(0x1337, 0xdeadbeef, out bBytes, 4, iReadBytes);

iData = BitConverter.ToInt32(bBytes, 0);

You give a handle, a memory address, a byte array, a size (int is 4 bytes) and a variable where the read data will be stored.

So just to make sure I'm understanding it correctly

0x1337 is the handle (I read the process handle and it changes every time I read it..So I'm thinking maybe window handle or a different handle.)

0xdeadbeef is the memory address I want to read from.

Out bBytes, this is an array to temporarily store the bytes until they're put together to get the full value?

4 is how many bytes to read (because it's 32bit app)

and iReadBytes is where it will store the final value (only numbers, like my hp ) because it's an integer.

The only thing I'm guessing I would need is to import a dll (Kernel32?) or library to use this function.

[_Mike]

So just to make sure I'm understanding it correctly

0x1337 is the handle (I read the process handle and it changes every time I read it..So I'm thinking maybe window handle or a different handle.)

Process handle, not window handle. Use kernel32!OpenProcess()

and iReadBytes is where it will store the final value (only numbers, like my hp ) because it's an integer.

It's the number of successfully read bytes after the function call completes.

The only thing I'm guessing I would need is to import a dll (Kernel32?) or library to use this function.

You have the function signature(s) from PInvoke.net. Just copy-paste it into a class and you're good to go.

[mrdennis87]

Process handle, not window handle. Use kernel32!OpenProcess()

It's the number of successfully read bytes after the function call completes.

You have the function signature(s) from PInvoke.net. Just copy-paste it into a class and you're good to go.

I'm going to sound so dumb Forgive me, I just started to teach myself C# Today.. I created a new class, but where to post the function signatures?

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;




namespace LookMaNoHands
{

class Class1
{


}

}

And I see what you mean by Process Handle. Would this be ok?
LabelHP.Text = (oProcess.Handle.ToString("X"));

Or should it be like handle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, getPid());

I appreciate the patience guys I'm probably trying to learn to much in one day. I've been reading non stop for 12 hours almost now, but I'm learning so much ^_^

[Xartrick]

Please learn C#.NET first before doing this, it's for you.
I don't know any good english tutorial (I'm french), but this one sound good: Tutorial start - C# Tutorial.

[_Mike]

Read the documentation. Search msdn.com for DllImportAttribute, System.Diagnostics.Process.Handle, and OpenProcess. It will give you usage examples and in the case of Process.Handle tell you about it's limitations.

[maclone]

Please learn C#.NET first before doing this, it's for you.
I don't know any good english tutorial (I'm french), but this one sound good: Tutorial start - C# Tutorial.

And I will close this thread here with this.
This section is for advanced users, not beginners. And there are enough examples for beginners here already, use search.