1
I’m trying to get the Getmodulebaseddress of a process I’m trying to monitor, however I’m not getting why I have the offsets, add they however does not work, if I just access the process there yes I can, but I have to search where it is allocated every time I restart the program.
#include <windows.h>
#include <tchar.h>
#include <stdio.h>
#include <psapi.h>
#include <iostream>
#include <TlHelp32.h>
DWORD HP = 0x0072CFB0;
DWORD pid;
int value;
DWORD GetModuleBaseAddress(DWORD dwProcessIdentifier, TCHAR* lpszModuleName)
{
HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwProcessIdentifier);
DWORD dwModuleBaseAddress = 0;
if (hSnapshot != INVALID_HANDLE_VALUE)
{
MODULEENTRY32 ModuleEntry32 = { 0 };
ModuleEntry32.dwSize = sizeof(MODULEENTRY32);
if (Module32First(hSnapshot, &ModuleEntry32))
{
do
{
if (_tcscmp(ModuleEntry32.szModule, lpszModuleName) == 0)
{
dwModuleBaseAddress = (DWORD)ModuleEntry32.modBaseAddr;
break;
}
} while (Module32Next(hSnapshot, &ModuleEntry32));
}
CloseHandle(hSnapshot);
}
return dwModuleBaseAddress;
}
int main() {
HWND hWnd = FindWindowA(0, "Aplicacao");
GetWindowThreadProcessId(hWnd, &pid);
HANDLE AcessH = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid);
DWORD baseAddr = GetModuleBaseAddress(pid, "aplicacao.exe");
HP = baseAddr + 0x0072CFB0;
HP += 0x140;
HP += 0x234;
HP += 0x204;
HP += 0x10;
HP += 0x1F8;
HP += 0x248;
HP += 0x490;
std::cout << HP << std::endl;
ReadProcessMemory(AcessH, (void*)HP, &value, sizeof(value), 0);
std::cout << value << std::endl;
}