C#~How to read MultiLevelPointer?

Question

I'm struggling a bit on this part... I want to do this in CE!(that is read the value 20 in my c# app)

However my code is not working...

[DllImport("kernel32.dll")]
        public static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] lpBuffer, int dwSize, ref IntPtr lpNumberOfBytesRead);

public int ReadInt32(IntPtr address, int[] pointers)
{
    /* FOR REFERENCE ONLY! PSEUDO-CODE
        ReadProcessMemory(..., ModuleBaseAddress + 0x010F418, Temporary, ..., ...); // -> 0x02A917F8
        ReadProcessMemory(..., 0x02A917F8+0x48, Temporary,  .....,.); // -> 0x02A9A488
        [02A9A488] = 20
     */

    IntPtr bytesRead = IntPtr.Zero;
    byte[] _buff = new byte[sizeof(int)]; 
    int offIndex = 0;
    IntPtr finalval = address;
    Console.WriteLine("[BASE] {0:x}", (int)address);
    foreach(int PointerOffs in pointers)
    {
        ReadProcessMemory(hProcess, address, _buff, _buff.Length, ref bytesRead);
        finalval += pointers[offIndex];

        Console.WriteLine("[Curr ADDRESS] {0:x}", finalval);
        offIndex++;
    }

    return BitConverter.ToInt32(_buff, 0);
}

And this is how I access the method:

 int currAmmo = (int) pReader.ReadInt32((IntPtr)LocalPlayer.BaseAddress, LocalPlayer.oMGAmmo);
            Console.Write("[AMMO] {0}\n", currAmmo);

Well how can i read that value 20 with the base address 2A917F8 and given offsets(0x48 and 0x150) in C# — Hxfs, Jan 04 '19 at 01:15

score 0 · Answer 1 · answered May 26 '19 at 01:05

Your function has enough problems to warrant a replacement, I tried to fix it but it was easier just to start fresh. By utilizing a pre increment instead of a post increment you will de-reference the first pointer before adding an offset which is ideal.

public static int ReadInt32(IntPtr hProc, IntPtr ptr, int[] offsets)
{
    IntPtr addr = ptr;
    var buffer = new byte[4];

    for (int i = 0; i < offsets.Length; ++i)
    {
        ReadProcessMemory(hProc, addr, buffer, buffer.Length, out var read1);
        addr = IntPtr.Add(new IntPtr(BitConverter.ToInt32(buffer, 0)), offsets[i]);
    }

    ReadProcessMemory(hProc, addr, buffer, 4, out var read);

    return BitConverter.ToInt32(buffer, 0);

}

I learned C# today just to answer this question :)

C#~How to read MultiLevelPointer?

1 Answers1