Digitally_Neon

mem.cpp - C++ library to use for manipulating memory of a singleplayer game, "Supreme Commander"

Jan 20th, 2021
1,101
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #include <iostream>
  2. #include <Windows.h>
  3. #include <Psapi.h>
  4. #include <thread>
  5. #include <vector>
  6. #include <tlhelp32.h>
  7. #include <tchar.h>
  8. using namespace std;
  9. extern "C"
  10. {
  11.     DWORD GetProcessBaseAddress(HANDLE processHandle)
  12.     {
  13.         DWORD   baseAddress = 0;
  14.         HMODULE* moduleArray;
  15.         LPBYTE      moduleArrayBytes;
  16.         DWORD       bytesRequired;
  17.  
  18.         if (processHandle)
  19.         {
  20.             if (EnumProcessModules(processHandle, NULL, 0, &bytesRequired))
  21.             {
  22.                 if (bytesRequired)
  23.                 {
  24.                     moduleArrayBytes = (LPBYTE)LocalAlloc(LPTR, bytesRequired);
  25.  
  26.                     if (moduleArrayBytes)
  27.                     {
  28.                         unsigned int moduleCount;
  29.  
  30.                         moduleCount = bytesRequired / sizeof(HMODULE);
  31.                         moduleArray = (HMODULE*)moduleArrayBytes;
  32.  
  33.                         if (EnumProcessModules(processHandle, moduleArray, bytesRequired, &bytesRequired))
  34.                         {
  35.                             baseAddress = (DWORD)moduleArray[0];
  36.                         }
  37.  
  38.                         LocalFree(moduleArrayBytes);
  39.                     }
  40.                 }
  41.             }
  42.  
  43.             CloseHandle(processHandle);
  44.         }
  45.  
  46.         return baseAddress;
  47.     }
  48.  
  49.     char* GetModuleBase(const wchar_t* ModuleName, DWORD procID)
  50.     {
  51.         MODULEENTRY32 ModuleEntry = { 0 };
  52.         HANDLE SnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE | TH32CS_SNAPMODULE32, procID);
  53.  
  54.         if (!SnapShot) return NULL;
  55.  
  56.         ModuleEntry.dwSize = sizeof(ModuleEntry);
  57.  
  58.         if (!Module32First(SnapShot, &ModuleEntry)) return NULL;
  59.  
  60.         do
  61.         {
  62.             if (!wcscmp(ModuleEntry.szModule, ModuleName))
  63.             {
  64.                 CloseHandle(SnapShot);
  65.                 return (char*)ModuleEntry.modBaseAddr;
  66.             }
  67.         } while (Module32Next(SnapShot, &ModuleEntry));
  68.  
  69.         CloseHandle(SnapShot);
  70.         return NULL;
  71.     }
  72.  
  73.     HANDLE procHandle;
  74.     DWORD entityAddr;
  75.     DWORD baseAddr;
  76.     //string checkAgainst = "d:/game stuff/steam/steam ui/steamapps/common/supreme commander/schook/lua/aibrain.lua";
  77.     //BYTE checkAgainstBT[] = { 0x64,0x3A,0x2F,0x67,0x61,0x6D,0x65,0x20,0x73,0x74,0x75,0x66,0x66,0x2F,0x73,0x74,0x65,0x61,0x6D,0x2F,0x73,0x74,0x65,0x61,0x6D,0x20,0x75,0x69,0x2F,0x73,0x74,0x65,0x61,0x6D,0x61,0x70,0x70,0x73,0x2F,0x63,0x6F,0x6D,0x6D,0x6F,0x6E,0x2F,0x73,0x75,0x70,0x72,0x65,0x6D,0x65,0x20,0x63,0x6F,0x6D,0x6D,0x61,0x6E,0x64,0x65,0x72,0x2F,0x73,0x63,0x68,0x6F,0x6F,0x6B,0x2F,0x6C,0x75,0x61,0x2F,0x61,0x69,0x62,0x72,0x61,0x69,0x6E,0x2E,0x6C,0x75,0x61 };
  78.     BYTE checkAgainstBT[] = { 0x45,0x52,0x52,0x4F,0x52,0x3A,0x20,0x41,0x74,0x74,0x65,0x6D,0x70,0x74,0x20,0x74,0x6F,0x20,0x61,0x64,0x64,0x20,0x55,0x6E,0x69,0x74,0x42,0x75,0x69,0x6C,0x74,0x50,0x65,0x72,0x63,0x65,0x6E,0x74,0x61,0x67,0x65,0x43,0x61,0x6C,0x6C,0x62,0x61,0x63,0x6B,0x20,0x62,0x75,0x74,0x20,0x69,0x6E,0x76,0x61,0x6C,0x69,0x64,0x20,0x64,0x61,0x74,0x61,0x20,0x67,0x69,0x76,0x65,0x6E,0x00 };
  79.     DWORD offsetFromBYTEArr = 0x63;
  80.     DWORD scanAllProcMem(DWORD startAddr, DWORD endAddr)
  81.     {
  82.         //
  83.  
  84.         // FIND AN EFFICIENT WAY TO DO THIS THAT DOESNT TAKE MORE THAN 10 SECONDS PLEASE
  85.  
  86.         //
  87.         //cout << hex << GetProcessBaseAddress(procHandle) + 0x30DA0D43 << endl;
  88.         //for (int i = baseAddr + 0x309A0D43;; i++)
  89.         DWORD curAddr;
  90.         BYTE read[sizeof(checkAgainstBT) * 1500];
  91.         ReadProcessMemory(procHandle, (LPCVOID)(startAddr), &read, sizeof(read), NULL);
  92.         for(int i = 0; i < endAddr; i++)
  93.         {
  94.             if (i > sizeof(checkAgainstBT) * 1500)
  95.                 ReadProcessMemory(procHandle, (LPCVOID)(startAddr + i), &read, sizeof(read), NULL);
  96.             if (memcmp(checkAgainstBT, read, sizeof(checkAgainstBT)) == 0)
  97.             {
  98.                 return startAddr + i + offsetFromBYTEArr;
  99.             }
  100.             /*if (memcmp(checkAgainstBT, read, sizeof(checkAgainstBT)) == 0)
  101.                 return i - 0xF0;*/
  102.  
  103.             /*char read[86];
  104.             string cur;
  105.             for (int x = 0; x < sizeof(read); x++)
  106.             {
  107.  
  108.  
  109.                 cur += read[x];
  110.                 if (cur.length() > 172)
  111.                     cur = cur.substr(1, 172);
  112.                 if (cur == checkAgainst)
  113.                     return i;
  114.             }*/
  115.         }
  116.         //return scanAllProcMem(startAddr, endAddr);
  117.         return NULL;
  118.     }
  119.     __declspec(dllexport) int maxEnergy()
  120.     {
  121.         if (entityAddr != NULL && procHandle != NULL)
  122.         {
  123.             int data = 500;
  124.             ReadProcessMemory(procHandle, (LPCVOID)(entityAddr + 0x28), &data, sizeof(data), 0);
  125.             float dataF = data;
  126.             WriteProcessMemory(procHandle, (LPVOID)entityAddr, &dataF, sizeof(dataF), NULL);
  127.         }
  128.         else
  129.             return 0;
  130.     }
  131.     __declspec(dllexport) int maxMass()
  132.     {
  133.         if (entityAddr != NULL && procHandle != NULL)
  134.         {
  135.             int data = 500;
  136.             ReadProcessMemory(procHandle, (LPCVOID)(entityAddr + 0x30), &data, sizeof(data), 0);
  137.             float dataF = data;
  138.             WriteProcessMemory(procHandle, (LPVOID)(entityAddr + 0x04), &dataF, sizeof(dataF), NULL);
  139.         }
  140.         else
  141.             return 0;
  142.     }
  143.     // FreeER's code
  144.     DWORD readPointerChain(HANDLE phandle, DWORD base, int* offsets, size_t numOffsets)
  145.     {
  146.         DWORD addr = base;
  147.         SIZE_T read;
  148.         for (size_t i = 0; i < numOffsets; i++)
  149.         {
  150.             BOOL success = ReadProcessMemory(phandle, (void*)addr, &addr, sizeof(addr), &read);
  151.             if (!success) { cout << "failed to read " << hex << addr; return 0; }
  152.             addr += offsets[i];
  153.             //cout << "end address " << hex << addr << endl;
  154.         }
  155.         return addr;
  156.     }
  157.     __declspec(dllexport) int scanForProc()
  158.     {
  159.         baseAddr = GetProcessBaseAddress(procHandle);
  160.         HWND hGameWin = FindWindowA(NULL, "Supreme Commander");
  161.         if (hGameWin == NULL)
  162.         {
  163.             procHandle = NULL;
  164.             cout << "no sup com open, dummy!" << endl;
  165.         }
  166.         else
  167.         {
  168.             DWORD procID;
  169.             GetWindowThreadProcessId(hGameWin, &procID);
  170.             procHandle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, procID);
  171.  
  172.             // [[[[baseaddr] + 0x00994378] + 0x34] + 0x10] + 0x588
  173.            
  174.             int offsets[] = { 0x920, 0x0, 0x100, 0x10, 0x18, 0x9c, 0x48 };
  175.             entityAddr = readPointerChain(procHandle, (DWORD)(GetModuleBase(L"MohoEngine.dll", procID) + 0x00991030), offsets, sizeof(offsets) / 4) - 0x30;// + 0x00994378 + 0x34 + 0x0 + 0x10 + 0x588;
  176.             int newval = 5000;
  177.             WriteProcessMemory(procHandle, (LPVOID)entityAddr, &newval, sizeof(newval), NULL);
  178.             //entityAddr = scanAllProcMem(0x30B90F77, 0x40000000);
  179.             cout << hex << entityAddr << endl;
  180.             //WriteProcessMemory(procHandle, (LPVOID)0x33981CA8, &newval, sizeof(newval), NULL);
  181.         }
  182.         return entityAddr;
  183.     }
  184. }
RAW Paste Data