#include <windows.h> #include <TlHelp32.h> #include <iostream> #include <T

1. #include <windows.h>
2. #include <TlHelp32.h>
3. #include <iostream>
4. #include <TCHAR.h>
5.  
6. using namespace std;
7.  
8. DWORD PositionOffsets[] = { 0xE0, 0x620, 0x1E8, 0x90, 0x274 }; //5 LEVEL pointer
9.  
10.  
11. DWORD_PTR dwGetModuleBaseAddress(DWORD dwProcID, TCHAR *szModuleName)
12. {
13. DWORD_PTR dwModuleBaseAddress = 0;
14. HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE | TH32CS_SNAPMODULE32, dwProcID);
15. if (hSnapshot != INVALID_HANDLE_VALUE)
16. {
17. MODULEENTRY32 ModuleEntry32;
18. ModuleEntry32.dwSize = sizeof(MODULEENTRY32);
19. if (Module32First(hSnapshot, &ModuleEntry32))
20. {
21. do
22. {
23. if (_tcsicmp(ModuleEntry32.szModule, szModuleName) == 0)
24. {
25. dwModuleBaseAddress = (DWORD_PTR)ModuleEntry32.modBaseAddr;
26. break;
27. }
28. } while (Module32Next(hSnapshot, &ModuleEntry32));
29. }
30. CloseHandle(hSnapshot);
31. }
32. return dwModuleBaseAddress;
33. }
34.  
35. //Handles Dynamic memory allocation
36. //Receives how high the pointer level is e.g. 4 levels and from that calculates the initial address
37. //the offset values and the memory addresses for those offsets
38. DWORD FindDmaAddy(int PointerLevel, HANDLE hProcHandle, DWORD Offsets[], DWORD BaseAddress)
39. {
40. //DECLARE BASE ADDRESS
41. DWORD pointer = BaseAddress; // Declare a pointer of DWORD
42. //USED TO output the contents in the pointer
43. DWORD pTemp;
44.  
45. DWORD pointerAddr;
46. for (int i = 0; i < PointerLevel; i++)
47. {
48. if (i == 0)
49. {
50. ReadProcessMemory(hProcHandle, (LPCVOID)pointer, &pTemp, 4, NULL);
51. }
52. //add first offset to that address
53. pointerAddr = pTemp + Offsets[i]; // Set p1 to content of p + offset
54.  
55. //Read memory one more time and exit the loop
56. ReadProcessMemory(hProcHandle, (LPCVOID)pointerAddr, &pTemp, 4, NULL);
57. }
58. return pointerAddr;
59. }
60.  
61.  
62.  
63.  
64. int main()
65. {
66. //Simply Finds Window ID from Name
67. DWORD pid;
68. HWND window = FindWindow(0, ("[Conquer] King-Dragon-Warrior"));
69. if (window == 0) {
70. printf("Window not found!\n");
71. char f;
72. cin >> f;
73. return 0;
74. }
75.  
76. GetWindowThreadProcessId(window, &pid);
77. HANDLE pHandle = OpenProcess(PROCESS_VM_READ, FALSE, pid);
78. DWORD modBase;
79. DWORD address = 0;
80.  
81. //Grab our module Base address
82. modBase = dwGetModuleBaseAddress(pid, _T("tqanp.dll"));
83. cout << &modBase; // This output does not match up with that in cheat engine.
84. cout << "\n";
85. modBase += 0x2D9EE0; //Add base address to the module address
86. ReadProcessMemory(pHandle, (void*)modBase, &address, sizeof(address), nullptr); //read the base address
87. DWORD xPosition = FindDmaAddy(5, pHandle, PositionOffsets, address); //Add our offsets to get to xPosition
88. cout << xPosition; //Print x Position after finding out what pointer is point to (It's wrong)
89. cout << "\n";
90.  
91. //This works Fine when reading the actuall address.
92. ReadProcessMemory(pHandle, (void*)0x58B4A64, &xPosition, sizeof(xPosition), nullptr);
93. cout << xPosition; //Correctvalue!
94.  
95.  
96. cin >> xPosition; //Just used to pause program
97. }