First off, this is my first ever post here, even though I've been using this forum for 3+ years.
So...
I've been having an issue reading the base address of a DLL for a hack. I fixed it by calling a c# program and that program writes it in a file, but I want to improve it.
I've tried all the functions I could find, here are some:
Code: Select all
GetDllBase(DllName, PID = 0)
{
TH32CS_SNAPMODULE := 0x00000008
INVALID_HANDLE_VALUE = -1
VarSetCapacity(me32, 548, 0)
NumPut(548, me32)
snapMod := DllCall("CreateToolhelp32Snapshot", "Uint", TH32CS_SNAPMODULE
, "Uint", PID)
If (snapMod = INVALID_HANDLE_VALUE) {
Return 0
}
If (DllCall("Module32First", "Uint", snapMod, "Uint", &me32)){
while(DllCall("Module32Next", "Uint", snapMod, "UInt", &me32)) {
If !DllCall("lstrcmpi", "Str", DllName, "UInt", &me32 + 32) {
DllCall("CloseHandle", "UInt", snapMod)
Return NumGet(&me32 + 20)
}
}
}
DllCall("CloseHandle", "Uint", snapMod)
Return 0
}
Memory_GetModuleBase(process_id, module_name)
{
snapshot_handle := DllCall("CreateToolhelp32Snapshot", "UInt", 0x00000008, "UInt", process_id) ; TH32CS_SNAPMODULE
If (snapshot_handle = INVALID_HANDLE_VALUE)
{
Return, False
}
VarSetCapacity(me32, 548, 0) ; MODULEENTRY32_SIZE
NumPut(548, me32) ; MODULEENTRY32_SIZE
If (DllCall("Module32First", "UInt", snapshot_handle, "UInt", &me32))
{
While (DllCall("Module32Next", "UInt", snapshot_handle, "UInt", &me32))
{
If (module_name == StrGet(&me32 + 32, 256, "CP0")) ; MODULEENTRY32_szModule
;If (DllCall("lstrcmpi", "Str", module_name, "UInt", &me32 + 32) = -1)
{
DllCall("CloseHandle", "UInt", snapshot_handle)
Return, NumGet(&me32, 20) ; MODULEENTRY32_modBaseAddr
}
}
}
DllCall("CloseHandle", "UInt", snapshot_handle)
Return, False
}
What am I doing wrong?
BTW I want to read the address of "client_panorama.dll" inside csgo.exe, but I also tried doing it with notepad.exe and explorer.exe and nothing works.
Thanks in advance
