Hello everybody,
I've written code that can read information from another processes memory using ReadProcessMemory API... and I get this as my output:
...
16 - 24
17 - 248
18 - 126
19 - 29
20 - 0
21 - 0
22 - 0
23 - 0
24 - 98
...
How would I use this information to read more information from the address
Below is the code I'm using to generate the output I posted above:
Process[] Proc = Process.GetProcessesByName("Game"); if ( EnablePrivilege(Process.GetCurrentProcess().Handle.ToInt32()) ){
byte[] buff = new byte[100];
int bytesRead = 0;
ReadProcessMemory(Proc[0].Handle, (IntPtr)0x6FBCC1E0, buff, 100, out bytesRead); for ( int i = 0; i <= buff.Length - 1; i++ )
{
Console.WriteLine(i + " - " + buff
);}
}
How to read more memory with ReadProcessMemory
CarmenM
What's the big picture for what you're trying to do here
If you read a buffer of 100 bytes from 0x6FBCC1E0 in the target process, and buf[19] = 29, then you know (BYTE*) (0x6FBCC1E0+19) = 29, which would be "the exact location of where its found in memory"
Where did the 0x6FBCC1E0 come from
If you want to find the semantic meaning of that '29' (ie, why is the value 29 as opposed to something else), and you don't have symbols or source to the program, it's going to be very hard.
Christophe Vedel
The information returned from reading "0x6FBCC1E0."
The byte[] buff held 100 members, and, for instance buff[19] was equal to 29. Is there a way to get anymore information on the number 29 by reading the exact location of where its found in the memory
In other words, and this is just a wild guess, but what I think I need to do is create a pointer to 29, and read from that to be able to find more information about it... and am I completely wrong
MF Recruit
What information and which address