0

I'm creating a simple HACK for educational purpose only. A simple Triggerbot that reads from memory the value of player aiming to enemy YES = 1 or NO = 0. I have made some other similar HACKS however I never found this problem .. in Rainbow Six Siege I have the memory address both static or dynamic however cheat engine read it well but when I try to read it from my C++ Program it does't work. Not sure why if it had work with other games. I'm new to this and maybe I did something wrong.

#include "stdafx.h"
#include <iostream>
#include <windows.h>
#define F6Key 0x75
using namespace std ;
int value ;
int main()
{
    cout << "Open Game .." << endl ;
    system("Pause") ;
    LPCWSTR gameone = L"Rainbow Six";
    HWND hwnd = FindWindow(0, gameone);
    if (gameone == 0)
    {
        cout << "Not Found." << endl ;
        system("Pause") ;
    }
    else
    {
        cout << "Success finding game." << endl;
        DWORD processid ;
        GetWindowThreadProcessId(hwnd, &processid) ;
        HANDLE process = OpenProcess(PROCESS_ALL_ACCESS, FALSE, processid) ;
        cout << processid ;

        if (!ReadProcessMemory(process, (void *)0x25421AD9D6C, (void *)&value, sizeof(value), NULL)) {
            cout << "Unable to read memory proccess";
        }
        else {
            cout << "\n Read: " << value;
        }
        system("Pause");
    }
    return 0 ;
}

Here is the code simple Find the Window by name, gets its PID fine no problem. OpenProcess then when I call the method ReadProcessMemory with the process, address pointer value by parameter is unable to read it print the if condition and never the else of value read.

If I remove the function from the If condition just for testing if at least points to something it gives some random values... is weird that I'm unable to read memory It always work ::( Can someone help me out? It is some king of security software or something?

Giovannie Sanchez Diaz
  • 67
  • 9

1 Answers1

0

First of all, you have to check OpenProcess return value. If your process does not have sufficient rights, it will return NULL and any attempts to use this handle will fail. Use GetLastError function to determine error reason. Most likely it will be ERROR_ACCESS_DENIED.

Secondary, to successfully access external process memory space, you should open its handle with PROCESS_VM_READ right or enable seDebugPrivilege for you process token. Example how to do that you could see in the MSDN.

And lastly. If memory address (0x25421AD9D6C in your case) is invalid, ReadProcessMemory will fail. In that case value variable would not be initialized and any attempts to use it is an undefined behavior.

Also, if you managed to get process handle, it should be closed using CloseHandle function when you finish using it.

Upd: If ReadProcessMemory returns FALSE and GetLastError - ERROR_PARTIAL_COPY that means that a page fault has occured, you are trying to read from a buffer and at least part of it is not assigned to the physical memory. If you know your value offset, get module load address using PSAPI GetModuleInformation function and add offset to the lpBaseOfDll field of the MODULEINFO structure.

Ari0nhh
  • 5,720
  • 3
  • 28
  • 33
  • OK This is the base address without the Offsets. "RainbowSix.exe"+06090F50 . I run the GetLastError method and I'm getting Error 299 Partial copy meaning: https://msdn.microsoft.com/en-us/library/windows/desktop/ms681382(v=vs.85).aspx – Giovannie Sanchez Diaz Jun 09 '16 at 04:41