Author Topic: WriteProcessMemory() fails  (Read 1831 times)

0 Members and 1 Guest are viewing this topic.

mesengr

  • Relentless Teamkiller
  • **
  • Posts: 51
    • View Profile
WriteProcessMemory() fails
« on: April 16, 2008, 09:09:23 pm »
I'm writing a trainer in C++ (well, modifying a trainer-template).
When I use the function WriteProcessMemory() to write to a certain memory location, the function fails (returns 0, writes 0 bytes).
Namely, I'm trying to write to location 0x4004e7 in vietcong.exe (using it as a cave).
I am able to poke this location with other trainers such as Cheat Engine... so is there some other function to write to this "read-only" location?

M. O.

  • Administrator
  • MasstKer
  • *
  • Posts: 9184
    • View Profile
    • http://www.tkc-community.net
Re: WriteProcessMemory() fails
« Reply #1 on: April 16, 2008, 09:17:39 pm »
You might have to set the permissions with VirtualProtectEx first. Other caves might work too.
Heckling is an art, and game hacking a science.

Subsky

  • Insane Joker
  • ****
  • Posts: 504
  • Subskii
    • View Profile
Re: WriteProcessMemory() fails
« Reply #2 on: April 16, 2008, 09:32:51 pm »
Lots of things can go wrong- for e.g. the process HANDLE doesn't have the necessary access rights- or the page protection, as MO pointed out; needs to be changed.  The best way to help pinpoint an error is using GetLastError().

Good work on writing a trainer in C++; thats pro dude :icon_thumbsup.

MrMedic

  • MasstKer
  • ********
  • Posts: 8900
  • programmer/dev/software engineer
    • View Profile
Re: WriteProcessMemory() fails
« Reply #3 on: April 16, 2008, 10:19:58 pm »
 good start , move as far away from visual basic as you can get , vb should be renamed to pile of shit made by the devil , well not literally but bill does hold the pc world by the balls , and as wel all know , pc's will one day controll the planet..

i'm not sure if its still there as im out of dev section for it but i posted a direct dll hack sourcecode for vc 2 in the vc 2 developement section it would be a good idea to see if someone still has it , then ask them for it as it will help you gain ac cess into the world of dll environments.

anyway well done mess :) hope you get it working

btw dont look at virtualprotectex instead look into virtualprotect , as virtualprotectex is when your inside the process

virtualprotect is when using an outside programme so look into this, which you are making.
EnCoded Message: i3iy9yl8kr2xf3g2Txs3pr6ye3ya7jg5ty2z

https://www.youtube.com/watch?v=62_7-AYfdkQ
you need a paypal account for the private versions.

Website:
http://bit.ly/medic101

Teamspeak 3: 85.236.101.5:10157

mesengr

  • Relentless Teamkiller
  • **
  • Posts: 51
    • View Profile
Re: WriteProcessMemory() fails
« Reply #4 on: April 16, 2008, 10:40:22 pm »
another related question:

When I use Cheat Engine to "Allocate Memory" to use it for a code cave, it will return a range of memory filled with 00 00... (sometimes 20 20...).
If I use this address in the future for the same process, is it guaranteed to be free memory (i.e., memory I can use for code caving without any complications)?
Maybe something related to dynamic binding/linking/loading/libraries/??...

Also, if anyones know what MrM is talking about (direct dll hack sourcecode for vc2), please hook me up. I'll put it to good use. :)

mesengr

  • Relentless Teamkiller
  • **
  • Posts: 51
    • View Profile
Re: WriteProcessMemory() fails
« Reply #5 on: April 16, 2008, 11:44:28 pm »
thx everyone for answering my first question. MO was right on the money:

Code: [Select]
int prevAccessProtection = 0;        //needed in VirtualProtectEx()
int bytes = 0;                       //used (not necessary) in WriteProcessMemory()

VirtualProtectEx(hand,                   //the handle to the process we want to modify
                 (void*)0x4004e7,        //the address in the process we want to modify
                 18,                     //number of bytes
                 0x40,                   //read-write-execute
                 &prevAccessProtection); //catches the old access protection status

WriteProcessMemory(hand, (void*)0x4004e7, &caveCode, 18, &bytes); //do your poking

Works perfect. :D

Subsky

  • Insane Joker
  • ****
  • Posts: 504
  • Subskii
    • View Profile
Re: WriteProcessMemory() fails
« Reply #6 on: April 17, 2008, 06:49:18 am »
When I use Cheat Engine to "Allocate Memory" to use it for a code cave, it will return a range of memory filled with 00 00... (sometimes 20 20...).
If I use this address in the future for the same process, is it guaranteed to be free memory (i.e., memory I can use for code caving without any complications)?

No, you'll have to re-allocate the memory each time; and there is absolutely no garentee that your received pointer will point to the address you previously had.

Subsky

ZOldDude

  • The Unknown Rank!
  • Administrator
  • MasstKer
  • *
  • Posts: 20874
  • Old School TKC
    • View Profile
    • Admin
Re: WriteProcessMemory() fails
« Reply #7 on: April 17, 2008, 09:16:57 am »
Medic said (rightly):
Quote
vb should be renamed to pile of shit made by the devil
When the hell are you ever on TS?
I will be starting to move my household in just over 3 weeks.

I will also be running for public office sometime in the next four years in the new location.

Z
Quote
Codename "Project TKC"
We are TKC. We are Legion. We do not forgive. We do not forget.
We will be heard.
Expect us!
« Last Edit: April 17, 2008, 09:22:41 am by ZOldDude »

*While we crash and burn, small, low tech, agrarian societies such as the Hmong in the mountains of Laos will continue on without so much as blinking an eye.*

MrMedic

  • MasstKer
  • ********
  • Posts: 8900
  • programmer/dev/software engineer
    • View Profile
Re: WriteProcessMemory() fails
« Reply #8 on: April 17, 2008, 07:52:00 pm »
When I use Cheat Engine to "Allocate Memory" to use it for a code cave, it will return a range of memory filled with 00 00... (sometimes 20 20...).
If I use this address in the future for the same process, is it guaranteed to be free memory (i.e., memory I can use for code caving without any complications)?



there is an easier way to find a cave , search for a long ascii string in the game memory , something like a error message that never shows etc , and use that space to write your cave in.

then if/on update you could sig scan for that string and store your code there , simple.
EnCoded Message: i3iy9yl8kr2xf3g2Txs3pr6ye3ya7jg5ty2z

https://www.youtube.com/watch?v=62_7-AYfdkQ
you need a paypal account for the private versions.

Website:
http://bit.ly/medic101

Teamspeak 3: 85.236.101.5:10157

MrMedic

  • MasstKer
  • ********
  • Posts: 8900
  • programmer/dev/software engineer
    • View Profile
Re: WriteProcessMemory() fails
« Reply #9 on: April 17, 2008, 07:55:32 pm »
btw you should start looking at nt undocumented api's .
EnCoded Message: i3iy9yl8kr2xf3g2Txs3pr6ye3ya7jg5ty2z

https://www.youtube.com/watch?v=62_7-AYfdkQ
you need a paypal account for the private versions.

Website:
http://bit.ly/medic101

Teamspeak 3: 85.236.101.5:10157

Rav3n

  • Klass Klown
  • ***
  • Posts: 419
    • View Profile
Re: WriteProcessMemory() fails
« Reply #10 on: April 23, 2008, 09:58:23 pm »
@Medic + MesEngr i still have the VC2 source  :icon_shifty

MesEngr try implementing this in the template i sent you, it should find the game no matter what.....  be able to open the trainer then the game etc

        HWND   gamehWnd      = NULL;
   DWORD   dwProcId      = NULL;
   HANDLE   hHandle         = NULL;
   

   gamehWnd = FindWindow( _T("process window name here"), _T("process window name here") );
   GetWindowThreadProcessId( gamehWnd, &dwProcId );
   hHandle = OpenProcess( PROCESS_VM_OPERATION|PROCESS_VM_READ, FALSE, dwProcId );
   CloseHandle( hHandle );

Free Rapidshare Prem Accounts
http://rapidshare dot com/files/111551586/Free-PremAccs.rar

MrMedic

  • MasstKer
  • ********
  • Posts: 8900
  • programmer/dev/software engineer
    • View Profile
Re: WriteProcessMemory() fails
« Reply #11 on: April 23, 2008, 10:12:13 pm »
trainers are dead simple , im going to unmystify it

this is how simple they are , this took me 2 minutes  .. included the sourcecode have fun

btw it works with notepad but you can change it to whatever you wish.


edit attached , very simple one for you experts to learn from.
« Last Edit: April 23, 2008, 11:02:34 pm by MrMedic »
EnCoded Message: i3iy9yl8kr2xf3g2Txs3pr6ye3ya7jg5ty2z

https://www.youtube.com/watch?v=62_7-AYfdkQ
you need a paypal account for the private versions.

Website:
http://bit.ly/medic101

Teamspeak 3: 85.236.101.5:10157

Rav3n

  • Klass Klown
  • ***
  • Posts: 419
    • View Profile
Re: WriteProcessMemory() fails
« Reply #12 on: April 24, 2008, 10:52:24 pm »
GOD DAMN!!!

that was too simple.................

:icon_laugh

Free Rapidshare Prem Accounts
http://rapidshare dot com/files/111551586/Free-PremAccs.rar