Home of Gamehacking - Archiv

Home of Gamehacking - Archiv > Coding > Visual Basic 6, VB.NET > Trainermodul problem auf Prozess 64Bit
Normale Version: Trainermodul problem auf Prozess 64Bit
Sie sehen gerade eine vereinfachte Darstellung unserer Inhalte. Normale Ansicht mit richtiger Formatierung.
Seiten: 1 2 3

Xiantrius

29.11.2016, 20:09
(29.11.2016, 17:11)iNvIcTUs oRCuS schrieb: [ -> ]Find ich jetzt eigentlich nicht allzu schwer...
Einfach zu jeder ausgelesenen Adresse ein weiteres Label oder Edit Feld in die Anwendung integriert und anzeigen lassen.
Genauso wie die Infos zur Prozess ID und die Basisadresse des Moduls.
Denn irgendwo in dieser Kette scheint ja ein Fehler drin zu sein und der Rückgabewert ist 0.
Könnte vielleicht auch sein das die Runtimes auf dem 2. Rechner nicht aktuell sind oder gänzlich fehlen.

Warum? Bei mir geht doch alles. Wie soll ich das ohne ihn sein Rechner Testen?
Auf seinen PC kommt der Wert 0 und nicht bei mir. Vor allem hatte er am ende den allergleichen Code kompiliert. Entweder an sein PC ist wirklich was faul, oder der Trainer bugt bei ihm und kommt mit seiner Hardware nicht richtig klar.

Xiantrius

30.11.2016, 00:09
So mein Kollege ist heute on und wir haben über Teamviewer das versucht.
Wir haben darunter auch Solitaire getestet weil das auch 64bit ist um fehler auszuschliessen.
Da funktioniert das Pointern einwandfrei im Code und wird auch korrekt ausgelesen.
Bei 7 Days To Die so heisst das Spiel, da soll er ein Pointer auslesen. Da liest er nur bis zum vorletzten offset wenn er alle offsets mit baseadresse lesen soll, dann zeigt er den Wert 0 an. Was bei mir aber nicht der fall ist. Irgendwas stimmt bei ihm nicht.
Jedenfalls nach wie vor Cheat Engine arbeitet bei ihm korrekt und wir haben mehrfach auf fehlerhafte Eingabe geprüft und keine Fehler gehabt in der hinsicht.
Der Code ist genau gleich in die Pointer sind auch gleich gewesen dann haben wir andere Pointer geprüft die kleiner als 5 Offsets waren trotzdem sobald er den ganzen Pointer auslesen soll kommt wieder Wert 0 raus. Wir haben auch die direkte Adresse ausgelesen ohne Pointern, da kommt auch nur Wert 0 raus.

Zusätzlicher Test.
Wir haben andere Ziel Adressen ins Visier genommen, zb.: Lebenspunkte anzeige.
Wir haben festgestellt das komischerweise diese Adresse direkt und mit Pointer ausgelesen werden kann.
Könnte die andere Adresse ein Speicherschutz haben? Wenn das wirklich der fall ist, warum kann das dann mein PC lesen mit dem Trainermodul und Cheat Engine.
Bei mein Kollegen schafft das nur Cheat Engine, aber nicht das Trainermodul. Was fehlt bei ihm was ich habe... Visual C++ vielleicht nochmal drüber installieren? Was für ein Grund könnte es noch sein?

DNA

30.11.2016, 23:27
Hat er bei Visual Basic die gleiche .NET Framework Version eingestellt? Hatte damit auch schonmal Probleme.

Xiantrius

01.12.2016, 02:53
(30.11.2016, 23:27)DNA schrieb: [ -> ]Hat er bei Visual Basic die gleiche .NET Framework Version eingestellt? Hatte damit auch schonmal Probleme.

ja wie bereits gesagt alles war gleich, das betrifft auch die Netframework Version.
Wir haben sogar mal kurz auf 2.0 runter geswitcht und wieder auf 4.0 zurück gesetzt damit der PC das frisch übernimmt, kann ja sein das es bugt da er ja von mir das projekt bekommen hat.
Leider gab es da keine Wirkung.

Xiantrius

10.12.2016, 02:21
Hallo zusammen Smiling .
So ich habe jetzt was ganz blödes festgestellt. Das mein Trainermodul trotzdem das er auf 64Bit gestellt ist nur 32Bit Ziel Adressen lesen kann, was darüber liegt liest er immer den Wert 0.

So sieht derweile mein Code aus und möchte versuchen das es auch ohne probleme auf 64Bit Spiele ansprechen kann.

Könnt ihr mir bei der Umstellung behilflich sein?
DNA falls du mal Zeit hast könntest du mir da helfen?

Falls ich es selber hinbekomme, werde ich mich rechtzeitig melden.






Visual Basic Code 
Option Strict Off
'ACHTUNG dieser Code ist für Computer mit 64Bit Windowsbetriebsystem geeignet.
'Ausserdem kann man damit nur Programme/Spiele im Speicher auslesen/beschreiben wenn man ein Prozess mit 64bit auswählt.
'Hinweis dein Projekt muss ebenfalls auf 64Bit umgestellt werden und sollte mindestens Netframework 4.0 nutzen.
Module Trainermodul_64Bit
#Region "Deklarationen"
   Private process_id As Int32 = 0
   Private Const ACCESS_RIGHTS_ALL = &H1F0FFF
   Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Int32, ByVal bInerhitHandle As Int32, ByVal dwProcessId As Int32) As Int32
   Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Int32) As Int32
   '&H1F0FFF
   '&H1F00FF00

#Region "64Bit API"
   'API Lesefunktion 64Bit
   '1 Liest 1 Byte bis 127 Wert
   Private Declare Function RPM Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As Int32, ByVal lpBaseAddress As Int64, ByRef lpBuffer As SByte, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As SByte
   '2 Liest 1 Byte bis 255 Wert
   Private Declare Function RPM Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As Int32, ByVal lpBaseAddress As Int64, ByRef lpBuffer As Byte, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As Byte
   '3 Liest 2 Byte bis 32767
   Private Declare Function RPM Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As Int32, ByVal lpBaseAddress As Int64, ByRef lpBuffer As Int16, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As Int16
   '4 Liest 2 Byte bis 65535
   Private Declare Function RPM Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As Int32, ByVal lpBaseAddress As Int64, ByRef lpBuffer As UInt16, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As UInt16
   '5 Liest 4 Byte bis 2147483647 Wert
   Private Declare Function RPM Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As Int32, ByVal lpBaseAddress As Int64, ByRef lpBuffer As Int32, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As Int32
   '6 Liest 4 Byte bis 4294967295
   Private Declare Function RPM Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As Int32, ByVal lpBaseAddress As Int64, ByRef lpBuffer As UInt32, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As UInt32
   '7 Liest 8 Byte bis 9223372036854775807
   Private Declare Function RPM Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As Int32, ByVal lpBaseAddress As Int64, ByRef lpBuffer As Int64, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As Int64
   'Liest Single Bytes aus
   Private Declare Function RPM Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As Int32, ByVal lpBaseAddress As Int64, ByRef lpBuffer As Single, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As Single
   '8. Liest Double Bytes
   Private Declare Function RPM Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As Int32, ByVal lpBaseAddress As Int64, ByRef lpBuffer As Double, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As Double

   Private Declare Function RPM Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As Int64, ByVal lpBaseAddress As Int64, ByRef lpBuffer As Int64, ByVal nSize As Int64, ByRef lpNumberOfBytesWritten As Int64) As Int64

   'API Schreibfunktion 64Bit
   '1 Schreibt 1 Byte bis 127 Wert
   Private Declare Function WPM Lib "kernel32" Alias "WriteProcessMemory" (ByVal hProcess As Int32, ByVal lpBaseAddress As Int64, ByRef lpBuffer As SByte, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As SByte
   '2 Schreibt 1 Byte bis 255 Wert
   Private Declare Function WPM Lib "kernel32" Alias "WriteProcessMemory" (ByVal hProcess As Int32, ByVal lpBaseAddress As Int64, ByRef lpBuffer As Byte, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As Byte
   '3 Schreibt 2 Byte bis 32767 Wert
   Private Declare Function WPM Lib "kernel32" Alias "WriteProcessMemory" (ByVal hProcess As Int32, ByVal lpBaseAddress As Int64, ByRef lpBuffer As Int16, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As Int16
   '4 Schreibt 2 Byte bis 65535 Wert
   Private Declare Function WPM Lib "kernel32" Alias "WriteProcessMemory" (ByVal hProcess As Int32, ByVal lpBaseAddress As Int64, ByRef lpBuffer As UInt16, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As UInt16
   '5 Schreibt 4 Byte bis 2147483647 Wert
   Private Declare Function WPM Lib "kernel32" Alias "WriteProcessMemory" (ByVal hProcess As Int32, ByVal lpBaseAddress As Int64, ByRef lpBuffer As Int32, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As Int32
   '6 Schreibt 4 Byte bis 4294967295 Wert
   Private Declare Function WPM Lib "kernel32" Alias "WriteProcessMemory" (ByVal hProcess As Int32, ByVal lpBaseAddress As Int64, ByRef lpBuffer As UInt32, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As UInt32
   '7 Schreibt 8 Byte bis 9223372036854775807 Wert
   Private Declare Function WPM Lib "kernel32" Alias "WriteProcessMemory" (ByVal hProcess As Int32, ByVal lpBaseAddress As Int64, ByRef lpBuffer As Int64, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As Int64
   '8. Schreibt Double Byte
   Private Declare Function WPM Lib "kernel32" Alias "WriteProcessMemory" (ByVal hProcess As Int32, ByVal lpBaseAddress As Int64, ByRef lpBuffer As Double, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As Double
#End Region

   Private Declare Function VirtualAllocEx Lib "kernel32.dll" (ByVal hProcess As IntPtr, ByVal lpAddress As IntPtr, ByVal dwSize As IntPtr, ByVal flAllocationType As Integer, ByVal flProtect As Integer) As IntPtr
   Private Declare Function VirtualProtectEx Lib "kernel32.dll" (ByVal hProcess As IntPtr, ByVal lpAddress As IntPtr, ByVal dwSize As IntPtr, ByVal newProtect As Integer, ByRef oldProtect As Integer) As Boolean
   Public Declare Function IsDebuggerPresent Lib "KERNEL32" () As Boolean

#End Region

   'Hotkeys habe ich ins Trainermodul geschoben, um den eigentliche Trainercode sauber zu halten.
#Region "Hotkeys"
   Public Declare Function GetAsyncKeyState Lib "user32" (ByVal vkey As Long) As Integer
   Public Const VK_NUMPAD0 = &H60
   Public Const VK_NUMPAD1 = &H61
   Public Const VK_NUMPAD2 = &H62
   Public Const VK_NUMPAD3 = &H63
   Public Const VK_NUMPAD4 = &H64
   Public Const VK_NUMPAD5 = &H65
   Public Const VK_NUMPAD6 = &H66
   Public Const VK_NUMPAD7 = &H67
   Public Const VK_NUMPAD8 = &H68
   Public Const VK_NUMPAD9 = &H69
   Public Const VK_MULTIPLY = &H6A
   Public Const VK_ADD = &H6B
   Public Const VK_SUBSTRACT = &H6D
   Public Const VK_DIVIDE = &H6F
   Public Const VK_F1 = &H70
   Public Const VK_F2 = &H71
   Public Const VK_F3 = &H72
   Public Const VK_F4 = &H73
   Public Const VK_F5 = &H74
   Public Const VK_F6 = &H75
   Public Const VK_F7 = &H76
   Public Const VK_F8 = &H77
   Public Const VK_F9 = &H78
   Public Const VK_F10 = &H79
   Public Const VK_F11 = &H7A
   Public Const VK_F12 = &H7B
   Public Const VK_CONTROL = &H11
#End Region

   Public Const ProcName = "64Bit Spiel"
   'Kann immer noch nur bis 32 Bit Adressen auslesen 7FFFFFFF
   'Es gibt aber Adressen die sind wesentlich grösser und können nicht gelesen werden mit 32Bit und darum kommt der Wert 0 raus obwohl dort was ist.
   Dim BaseAddress_EXE As Int64
   Dim BaseAddress_DLL As Int64

   Public Function GetModuleBase_64Bit(ByVal ProcName As String, ByVal ModuleName As String)
       Dim BaseAddress As Int64
       For Each PM As ProcessModule In Process.GetProcessesByName(ProcName)(0).Modules
           If ModuleName.ToLower = PM.ModuleName.ToLower Then
               BaseAddress = PM.BaseAddress
           End If
       Next
       Return BaseAddress
   End Function

   Public Function GetProcessId(ByVal ProcName As String)
       For Each Proc In Process.GetProcesses()
           If Proc.ProcessName = ProcName Then
               process_id = Proc.Id
           End If
       Next
       Return process_id
   End Function

#Region "Direkte Lesefunktion"
   'Liest 1 Bytes 127 & 255
   'Beispiel: >>> gültigen variable O. TextBox.text  O. NumericUpDown.value hinter dem istzeichen = Read_1Byte_32Bit(&H123456) <<<
   Public Function Read_1Byte_SByte(ByVal address As Int64) As SByte
       Dim process_handle As Int32, value As SByte
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           RPM(process_handle, address, value, 1, 0)
       End If
       CloseHandle(process_handle)
       Return value
   End Function
   Public Function Read_1Byte_Byte(ByVal address As Int64) As Byte
       Dim process_handle As Int32, value As Byte
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           RPM(process_handle, address, value, 1, 0)
       End If
       CloseHandle(process_handle)
       Return value
   End Function
   'Liest 2 Bytes 32767 & 65535
   Public Function Read_2Byte_Int16(ByVal address As Int64) As Int16
       Dim process_handle As Int32, value As Int16
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           RPM(process_handle, address, value, 2, 0)
       End If
       CloseHandle(process_handle)
       Return value
   End Function
   Public Function Read_2Byte_UInt16(ByVal address As Int64) As UInt16
       Dim process_handle As Int32, value As UInt16
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           RPM(process_handle, address, value, 2, 0)
       End If
       CloseHandle(process_handle)
       Return value
   End Function
   'Liest 4 Bytes
   Public Function Read_4Byte_Int32(ByVal address As Int64) As Int32
       Dim process_handle As Int32, value As Int32
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           RPM(process_handle, address, value, 4, 0)
       End If
       CloseHandle(process_handle)
       Return value
   End Function
   Public Function Read_4Byte_UInt32(ByVal address As Int64) As UInt32
       Dim process_handle As Int32, value As UInt32
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           RPM(process_handle, address, value, 4, 0)
       End If
       CloseHandle(process_handle)
       Return value
   End Function
   'Liest 8 Bytes
   Public Function Read_8Byte_Int64(ByVal address As Int64) As Int64
       Dim process_handle As Int32, value As Int64
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           RPM(process_handle, address, value, 8, 0)
       End If
       CloseHandle(process_handle)
       Return value
   End Function

   Public Function Read_8Byte_Int64_Test(ByVal address As Int64, ByVal nSize As Int64) As Int64
       Dim process_handle As Int64, value As Int64
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           RPM(process_handle, address, value, 8, 0)
       End If
       CloseHandle(process_handle)
       Return value
   End Function
   'Float Kommastellen auf oder abrunden auslesen
   Public Function Read_Float_NoKomma(ByVal address As Int64) As Int64
       Dim process_handle As Int32, value As Int32
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           RPM(process_handle, address, value, 4, 0)
       End If
       CloseHandle(process_handle)
       Return value
   End Function
   'Float Kommastellen auslesen
   Public Function Read_Float_Komma(ByVal address As Int64) As Single
       Dim process_handle As Int32, value As Int32
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           RPM(process_handle, address, value, 4, 0)
       End If
       CloseHandle(process_handle)
       Return value
   End Function
   'Double Ohne Kommastellen auslesen
   Public Function Read_Double_NOKomma(ByVal address As Int64) As Int64
       Dim process_handle As Int32, value As Double
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           RPM(process_handle, address, value, 8, 0)
       End If
       CloseHandle(process_handle)
       Return value
   End Function
   Public Function Read_Double_Komma(ByVal address As Int64) As Double
       Dim process_handle As Int32, value As Double
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           RPM(process_handle, address, value, 8, 0)
       End If
       CloseHandle(process_handle)
       Return value
   End Function
   'Liest einen String
   Public Function Read_String(ByVal length As Int32, ByVal address As Int64)
       Dim value As Int32
       Dim str As String = ""
       For i = 0 To length - 1
           value = Read_1Byte_Byte(address + i)
           str &= Convert.ToChar(value)
       Next
       Return str
   End Function
#End Region
#Region "Pointer Lesefunktion"
   'Pointer lesen
   'Beispiel: >>> gültigen variable O. TextBox.text  O. NumericUpDown.value hinter dem istzeichen = Read_Pointer_1Byte_32Bit(BaseAddress_EXE + &H123456, {&H123}) <<<
   'Liest 1 Bytes 127 & 255
   Public Function Read_Pointer_1Byte_SByte(ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       If Not IsNothing(Offset) Then
           address = Read_4Byte_Int32(address)
           For i = 0 To Offset.Length - 2
               address = Read_4Byte_Int32(address + Offset(i))
           Next
           address = Read_1Byte_SByte(address + Offset(Offset.Length - 1))
       Else
           address = Read_1Byte_SByte(address)
       End If
       Return address
   End Function
   Public Function Read_Pointer_1Byte_Byte(ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       If Not IsNothing(Offset) Then
           address = Read_4Byte_Int32(address)
           For i = 0 To Offset.Length - 2
               address = Read_4Byte_Int32(address + Offset(i))
           Next
           address = Read_1Byte_Byte(address + Offset(Offset.Length - 1))
       Else
           address = Read_1Byte_Byte(address)
       End If
       Return address
   End Function
   'Liest 2 Bytes
   Public Function Read_Pointer_2Byte_Int16(ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       If Not IsNothing(Offset) Then
           address = Read_4Byte_Int32(address)
           For i = 0 To Offset.Length - 2
               address = Read_4Byte_Int32(address + Offset(i))
           Next
           address = Read_2Byte_Int16(address + Offset(Offset.Length - 1))
       Else
           address = Read_2Byte_Int16(address)
       End If
       Return address
   End Function
   Public Function Read_Pointer_2Byte_UInt16(ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       If Not IsNothing(Offset) Then
           address = Read_4Byte_Int32(address)
           For i = 0 To Offset.Length - 2
               address = Read_4Byte_Int32(address + Offset(i))
           Next
           address = Read_2Byte_UInt16(address + Offset(Offset.Length - 1))
       Else
           address = Read_2Byte_UInt16(address)
       End If
       Return address
   End Function
   'Liest 4 Bytes
   Public Function Read_Pointer_4Byte_Int32(ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       address = Read_4Byte_Int32(address)
       If Not IsNothing(Offset) Then
           For i = 0 To Offset.Length - 2
               address = Read_4Byte_Int32(address + Offset(i))
           Next
           address = Read_4Byte_Int32(address + Offset(Offset.Length - 1))
       Else
           address = Read_4Byte_Int32(address)
       End If
       Return address
   End Function
   Public Function Read_Pointer_4Byte_UInt32(ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       address = Read_4Byte_Int32(address)

       If Not IsNothing(Offset) Then
           For i = 0 To Offset.Length - 2
               address = Read_4Byte_Int32(address + Offset(i))
           Next
           address = Read_4Byte_UInt32(address + Offset(Offset.Length - 1))
       Else
           address = Read_4Byte_UInt32(address)
       End If
       Return address
   End Function
   'Liest 8 Bytes
   Public Function Read_Pointer_8Byte_Int64(ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       If Not IsNothing(Offset) Then
           address = Read_4Byte_Int32(address)
           For i = 0 To Offset.Length - 2
               address = Read_4Byte_Int32(address + Offset(i))
           Next
           address = Read_8Byte_Int64(address + Offset(Offset.Length - 1))
       Else
           address = Read_8Byte_Int64(address)
       End If
       Return address
   End Function
   'Liest 4Byte (Float)
   Public Function Read_Pointer_Float_NoKomma(ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       If Not IsNothing(Offset) Then
           address = Read_4Byte_Int32(address)
           For i = 0 To Offset.Length - 1
               address = Read_4Byte_Int32(address + Offset(i))
           Next
       End If
       Return address
   End Function
   Public Function Read_Pointer_Float_Komma(ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       If Not IsNothing(Offset) Then
           address = Read_4Byte_Int32(address)
           For i = 0 To Offset.Length - 1
               address = Read_4Byte_Int32(address + Offset(i))
           Next
       End If
       Return address
   End Function
   'Liest 8 Bytes (Double)
   Public Function Read_Pointer_Double_NoKomma(ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       If Not IsNothing(Offset) Then
           address = Read_4Byte_Int32(address)
           For i = 0 To Offset.Length - 1
               address = Read_4Byte_Int32(address + Offset(i))
           Next
       End If
       Return address
   End Function
   Public Function Read_Pointer_Double_Komma(ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       If Not IsNothing(Offset) Then
           address = Read_4Byte_Int32(address)
           For i = 0 To Offset.Length - 1
               address = Read_4Byte_Int32(address + Offset(i))
           Next
       End If
       Return address
   End Function
   'Liest einen String
   Public Function Read_Pointer_String(ByVal length As Int32, ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       Dim str As String = ""
       If Not IsNothing(Offset) Then
           address = Read_4Byte_Int32(address)
           For i = 0 To Offset.Length - 2
               address = Read_4Byte_Int32(address + Offset(i))
           Next
           str = CStr(Read_String(length, address + Offset(Offset.Length - 1)))
       Else
           str = CStr(Read_String(length, address))
       End If
       Return str
   End Function
#End Region

#Region "Direkte Schreibfunktion"
   'Bitte drauf achten wenn es um Zahlen geht das die TextBox oder NumericUpDown Objekte nicht Leer sind mindestens 0 oder höher muss drin sein, sonst kommt Fehler
   'Beispiel: >>> Write Funktion Beispiel Write_1Byte_32Bit(&H123456, TextBox1.text) oder gültiger variablen oder direkte zahl <<<
   'Schreibt 1 Byte
   Public Sub Write_1Byte_SByte(ByVal address As Int32, ByVal value As SByte)
       Dim process_handle As Int32
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           WPM(process_handle, address, value, 1, 0)
       End If
       CloseHandle(process_handle)
   End Sub
   Public Sub Write_1Byte_Byte(ByVal address As Int32, ByVal value As Byte)
       Dim process_handle As Int32
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           WPM(process_handle, address, value, 1, 0)
       End If
       CloseHandle(process_handle)
   End Sub
   'Schreibt 2 Bytes
   Public Sub Write_2Byte_Int16(ByVal address As Int32, ByVal value As Int16)
       Dim process_handle As Int32
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           WPM(process_handle, address, value, 2, 0)
       End If
       CloseHandle(process_handle)
   End Sub
   Public Function Write_2Byte_UInt16(ByVal address As Int32, ByVal value As UInt16)
       Dim process_handle As Int32
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           WPM(process_handle, address, value, 2, 0)
       End If
       Return process_handle
       CloseHandle(process_handle)
   End Function
   'Schreibt 4 Bytes
   Public Sub Write_4Byte_Int32(ByVal address As Int32, ByVal value As Int32)
       Dim process_handle As Int32
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           WPM(process_handle, address, value, 4, 0)
       End If
       CloseHandle(process_handle)
   End Sub
   Public Sub Write_4Byte_UInt32(ByVal address As Int32, ByVal value As UInt32)
       Dim process_handle As Int32
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           WPM(process_handle, address, value, 4, 0)
       End If
       CloseHandle(process_handle)
   End Sub
   'Schreibt 8 Bytes
   Public Sub Write_8Byte_Int64(ByVal address As Int32, ByVal value As Int64)
       Dim process_handle As Int32
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           WPM(process_handle, address, value, 8, 0)
       End If
       CloseHandle(process_handle)
   End Sub
   'Schreibt Double
   Public Sub Write_Double(ByVal address As Int32, ByVal value As Double)
       Dim process_handle As Int32
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           WPM(process_handle, address, value, 8, 0)
       End If
       CloseHandle(process_handle)
   End Sub
   'Schreibt einen String
   Public Sub Write_String(ByVal address As Int32, ByVal value As String)
       Dim bytes(0) As Byte
       Dim i As Int32 = 0
       bytes = System.Text.Encoding.ASCII.GetBytes(value)
       For Each b As Byte In bytes
           Write_1Byte_SByte(address + i, b)
           i += 1
       Next
       For l = i To 64
           Write_1Byte_SByte(address + l, 0)
       Next
   End Sub

   Public Sub Write_TextfromString(ByVal address As Int32, ByVal value As Byte)
       Dim bytes(0) As Byte
       Dim i As Int32 = 0
       'bytes = System.Text.Encoding.Default.GetBytes(value)
       For Each b As Byte In bytes
           Write_1Byte_Byte(address + i, b)
           i += 1
       Next
       For l = i To 64
           Write_1Byte_Byte(address + l, 0)
       Next
   End Sub

   Public Sub autopatcher(ByVal address As Int32, ByVal value As Byte())
       Dim i As Byte
       For i = LBound(value) To UBound(value)
           Write_1Byte_SByte(address + i, value(i))
       Next
   End Sub
#End Region
#Region "Pointer Schreibfunktion" 'Pointer schreiben
   'Bitte drauf achten wenn es um Zahlen geht das die TextBox oder NumericUpDown Objekte nicht Leer sind mindestens 0 oder höher muss drin sein, sonst kommt Fehler
   'Beispiel: >>> Write_Pointer_1Byte_32Bit(Zahl eingeben -> 255 O. TextBox.text  O. NumericUpDown.value hier hinter dem Komma, BaseAddress_EXE + &H123456, {&H123}) <<<
   'Schreibt 1 Bytes
   Public Function Write_Pointer_1Byte_SByte(ByVal WhatToWrite As Int32, ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       If Not IsNothing(Offset) Then
           address = Read_4Byte_Int32(address)
           For i = 0 To Offset.Length - 2
               address = Read_4Byte_Int32(address + Offset(i))
           Next
           Write_1Byte_SByte(CInt(address + Offset(Offset.Length - 1)), CSByte(WhatToWrite))
       Else
           Write_1Byte_SByte(CInt(address), CSByte(WhatToWrite))
       End If
       Return address
   End Function
   Public Function Write_Pointer_1Byte_Byte(ByVal WhatToWrite As Int32, ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       If Not IsNothing(Offset) Then
           address = Read_4Byte_Int32(address)
           For i = 0 To Offset.Length - 2
               address = Read_4Byte_Int32(address + Offset(i))
           Next
           Write_1Byte_Byte(CInt(address + Offset(Offset.Length - 1)), CByte(WhatToWrite))
       Else
           Write_1Byte_Byte(CInt(address), CByte(WhatToWrite))
       End If
       Return address
   End Function
   'Schreibt 2 Bytes
   Public Function Write_Pointer_2Byte_Int16(ByVal WhatToWrite As Int32, ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       If Not IsNothing(Offset) Then
           address = Read_4Byte_Int32(address)
           For i = 0 To Offset.Length - 2
               address = Read_4Byte_Int32(address + Offset(i))
           Next
           Write_2Byte_Int16(CInt(address + Offset(Offset.Length - 1)), CShort(WhatToWrite))
       Else
           Write_2Byte_Int16(CInt(address), CShort(WhatToWrite))
       End If
       Return address
   End Function
   Public Function Write_Pointer_2Byte_UInt16(ByVal WhatToWrite As Int32, ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       If Not IsNothing(Offset) Then
           address = Read_4Byte_Int32(address)
           For i = 0 To Offset.Length - 2
               address = Read_4Byte_Int32(address + Offset(i))
           Next
           Write_2Byte_UInt16(CInt(address + Offset(Offset.Length - 1)), CUShort(WhatToWrite))
       Else
           Write_2Byte_UInt16(CInt(address), CUShort(WhatToWrite))
       End If
       Return address
   End Function
   'Schreibt 4 Bytes
   Public Function Write_Pointer_4Byte_Int32(ByVal WhatToWrite As Int32, ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       If Not IsNothing(Offset) Then
           address = Read_4Byte_Int32(address)
           For i = 0 To Offset.Length - 2
               address = Read_4Byte_Int32(address + Offset(i))
           Next
           Write_4Byte_Int32(CInt(address + Offset(Offset.Length - 1)), WhatToWrite)
       Else
           Write_4Byte_Int32(CInt(address), WhatToWrite)
       End If
       Return address
   End Function
   Public Function Write_Pointer_4Byte_UInt32(ByVal WhatToWrite As Int32, ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       If Not IsNothing(Offset) Then
           address = Read_4Byte_Int32(address)
           For i = 0 To Offset.Length - 2
               address = Read_4Byte_Int32(address + Offset(i))
           Next
           Write_4Byte_UInt32(CInt(address + Offset(Offset.Length - 1)), CUInt(WhatToWrite))
       Else
           Write_4Byte_UInt32(CInt(address), CUInt(WhatToWrite))
       End If
       Return address
   End Function
   'Schreibt 8 Bytes
   Public Function Write_Pointer_8Bytes_Int64(ByVal WhatToWrite As Int64, ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       If Not IsNothing(Offset) Then
           address = Read_4Byte_Int32(address)
           For i = 0 To Offset.Length - 2
               address = Read_4Byte_Int32(address + Offset(i))
           Next
           Write_8Byte_Int64(CInt(address + Offset(Offset.Length - 1)), WhatToWrite)
       Else
           Write_8Byte_Int64(CInt(address), WhatToWrite)
       End If
       Return address
   End Function
   'Schreibt 4 Byte (Float)
   Public Function Write_Pointer_Float(ByVal WhatToWrite As Single, ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       If Not IsNothing(Offset) Then
           address = Read_4Byte_Int32(address)
           For i = 0 To Offset.Length - 2
               address = Read_4Byte_Int32(address + Offset(i))
           Next
           Write_4Byte_Int32(CInt(address + Offset(Offset.Length - 1)), CInt(Float2Long(WhatToWrite)))
       Else
           Write_4Byte_Int32(CInt(address), CInt(Float2Long(WhatToWrite)))
       End If
       Return address
   End Function
   'Schreibt 8 Bytes (Double)
   Public Function Write_Pointer_Double(ByVal WhatToWrite As Double, ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       If Not IsNothing(Offset) Then
           address = Read_4Byte_Int32(address)
           For i = 0 To Offset.Length - 2
               address = Read_4Byte_Int32(address + Offset(i))
           Next
           Write_8Byte_Int64(CInt(address + Offset(Offset.Length - 1)), CLng(DoubletoInt64(WhatToWrite)))
       Else
           Write_8Byte_Int64(CInt(address), CLng(DoubletoInt64(WhatToWrite)))
       End If
       Return address
   End Function
   'Beispiel: >>> Write_Pointer_String(Zahl oder String eingeben O. TextBox.text  O. NumericUpDown.value hier hinter dem Komma, BaseAddress_EXE + &H123456, {&H123}) <<<
   'Schreibt einen String
   Public Function Write_Pointer_String(ByVal WhatToWrite As String, ByVal address As Int64, Optional ByVal Offset() As Int32 = Nothing)
       If Not IsNothing(Offset) Then
           address = Read_4Byte_Int32(address)
           For i = 0 To Offset.Length - 2
               address = Read_4Byte_Int32(address + Offset(i))
           Next
           Write_String(CInt(address + Offset(Offset.Length - 1)), WhatToWrite)
       Else
           Write_String(CInt(address), WhatToWrite)
       End If
       Return address
   End Function
#End Region

#Region "Teleporter"
   'Die Teleporter Klassen
   Public Class Teleporter_32Bit
       Public XKoord_32Bit As Int32
       Public YKoord_32Bit As Int32
       Public ZKoord_32Bit As Int32
   End Class

   Public Class Teleporter_64Bit
       Public XKoord_64Bit As Int64
       Public YKoord_64Bit As Int64
       Public ZKoord_64Bit As Int64
   End Class
   'Liest die Koordinaten aus und gibt die Koordinaten per Klasse zurück.
   Public Function Read_Koord_32Bit(ByVal address As Int32, ByVal Offset As Int32, ByVal SMA As Boolean) As Teleporter_32Bit
       Dim Koord As New Teleporter_32Bit
       Dim KoordBase As Int32
       If SMA = 0 Then
           KoordBase = Read_4Byte_Int32(address)
       ElseIf SMA = 1 Then
           KoordBase = address
       End If
       Koord.XKoord_32Bit = Read_4Byte_Int32(KoordBase + Offset)
       Koord.YKoord_32Bit = Read_4Byte_Int32(KoordBase + Offset + 4)
       Koord.ZKoord_32Bit = Read_4Byte_Int32(KoordBase + Offset + 8)
       Return Koord
   End Function
   Public Function Read_Koord_64Bit(ByVal address As Int32, ByVal Offset As Int32, ByVal SMA As Boolean) As Teleporter_64Bit
       Dim Koord As New Teleporter_64Bit
       Dim KoordBase As Int32
       If SMA = 0 Then
           KoordBase = Read_4Byte_Int32(address)
       ElseIf SMA = 1 Then
           KoordBase = address
       End If
       Koord.XKoord_64Bit = Read_4Byte_UInt32(KoordBase + Offset)
       Koord.YKoord_64Bit = Read_4Byte_UInt32(KoordBase + Offset + 4)
       Koord.ZKoord_64Bit = Read_4Byte_UInt32(KoordBase + Offset + 8)
       Return Koord
   End Function

   'Schreibt Koordinaten
   Public Function Write_Koord_32Bit(ByVal address As Int32, ByVal Offset As Int32, ByVal SMA As Boolean, ByVal Position As Teleporter_32Bit)
       Dim KoordBase As Int32
       If SMA = 0 Then
           KoordBase = Read_4Byte_Int32(address)
       ElseIf SMA = 1 Then
           KoordBase = address
       End If
       Write_4Byte_Int32(KoordBase + Offset, Position.XKoord_32Bit)
       Write_4Byte_Int32(KoordBase + Offset + 4, Position.YKoord_32Bit)
       Write_4Byte_Int32(KoordBase + Offset + 8, Position.ZKoord_32Bit)
       Return KoordBase
   End Function
   Public Function Write_Koord_64Bit(ByVal address As Int32, ByVal Offset As Int32, ByVal SMA As Boolean, ByVal Position As Teleporter_64Bit)
       Dim KoordBase As Int32
       If SMA = 0 Then
           KoordBase = Read_4Byte_Int32(address)
       ElseIf SMA = 1 Then
           KoordBase = address
       End If
       Write_4Byte_UInt32(KoordBase + Offset, Position.XKoord_64Bit)
       Write_4Byte_UInt32(KoordBase + Offset + 4, Position.YKoord_64Bit)
       Write_4Byte_UInt32(KoordBase + Offset + 8, Position.ZKoord_64Bit)
       Return KoordBase
   End Function
#End Region

#Region "Memory Function"
   'Weist neuen, virtuellen Speicher zu und gibt die Startadresse zurück.
   Public Function AllocMem(ByVal ProcessName As String) As Integer 'Allocates memory in the process and returns the starting address of the allocated area
       Dim startaddress As IntPtr
       For Each p As Process In Process.GetProcessesByName(ProcessName)
           Const MEM_COMMIT As Integer = &H1000
           Const PAGE_EXECUTE_READWRITE As Integer = &H40
           Dim pBlob As IntPtr = VirtualAllocEx(p.Handle, New IntPtr(), New IntPtr(2048), MEM_COMMIT, PAGE_EXECUTE_READWRITE)
           If pBlob = IntPtr.Zero Then
               startaddress = CType(0, IntPtr)
           Else : startaddress = pBlob
           End If
       Next
       Return CInt(startaddress)
   End Function
   'Hebt den Speicherschutz auf.
   Sub RemoveProtection(ByVal ProcessName As String, ByVal AddressOfStart As Integer, ByVal SizeToRemoveProtectionInBytes As Integer)
       For Each p As Process In Process.GetProcessesByName(ProcessName)
           Const PAGE_EXECUTE_READWRITE As Integer = &H40
           Dim oldProtect As Integer
           If Not VirtualProtectEx(p.Handle, New IntPtr(AddressOfStart), New IntPtr(SizeToRemoveProtectionInBytes), PAGE_EXECUTE_READWRITE, oldProtect) Then Throw New Exception
           p.Dispose()
       Next
   End Sub
   'ByteSignature Scanner.
   Public Function SigScan(ByVal ProcName As String, ByVal ModuleName As String, ByVal Sig As Byte()) As Int32
       Dim BaseAddress, EndAddress As Int32
       For Each PM As ProcessModule In Process.GetProcessesByName(ProcName)(0).Modules
           If ModuleName = PM.ModuleName Then
               BaseAddress = PM.BaseAddress
               EndAddress = BaseAddress + PM.ModuleMemorySize
           End If
       Next
       If BaseAddress = 0 Then
           Return 0
           Exit Function
       End If
       Dim curAddr As Int32 = BaseAddress
       Do
           For i As Integer = 0 To Sig.Length - 1
               If Read_1Byte_SByte(curAddr + i) = Sig(i) Then
                   If i = Sig.Length - 1 Then
                       Return curAddr
                   End If
                   Continue For
               End If
               Exit For
           Next
           curAddr += 1
       Loop While curAddr < EndAddress
       Return 0
   End Function
   Public Sub JmpToCave(ByVal DestinationAddi As Int32, ByVal sourceaddi As Int32, Optional ByVal NumberOfNops As Int32 = 0)
       Dim JmpBytes As Int32 = DestinationAddi - sourceaddi - 5
       Write_1Byte_Byte(sourceaddi, &HE9)
       Write_4Byte_Int32(sourceaddi + 1, JmpBytes)
       For i = 0 To NumberOfNops - 1
           Write_1Byte_Byte(sourceaddi + 5 + i, &H90)
       Next
   End Sub
   Public Function GetJmpBytes(ByVal DestinationAddi As Int32, ByVal SourceAddi As Int32)
       Dim JmpBytes As Int32 = DestinationAddi - SourceAddi - 5
       Return JmpBytes
   End Function
#End Region

#Region "Converter"
   'Wandelt einen per Read_Long ausgelesenen Wert in eine Fließkommazahl um.
   Public Function Long2Float(ByVal Value As Int32)
       Dim floatnumber As Single
       Dim floatbytes() As Byte = BitConverter.GetBytes(Value)
       floatnumber = BitConverter.ToSingle(floatbytes, 0)
       Return floatnumber
   End Function
   'Wandelt eine Fließkommazahl in einen Integer Wert um, der dann wieder per Write_Pointer_Long/Write_Long geschrieben werden kann.
   Public Function Float2Long(ByVal Value As Single)
       Dim Longvalue As Int32
       Dim longbytes() As Byte = BitConverter.GetBytes(Value)
       Longvalue = BitConverter.ToInt32(longbytes, 0)
       Return Longvalue
   End Function
   'Wandelt einen Int64 in einen Double Wert um.
   Public Function Int64toDouble(ByVal Value As Int64)
       Dim doublevalue As Double
       Dim doublebytes() As Byte = BitConverter.GetBytes(Value)
       doublevalue = BitConverter.ToDouble(doublebytes, 0)
       Return doublevalue
   End Function
   'Wandelt einen Double Wert in einen Int64 Wert um, der dann wieder per Write_Pointer_8Bytes geschrieben werden kann.
   Public Function DoubletoInt64(ByVal Value As Double)
       Dim Int64number As Single
       Dim Int64bytes() As Byte = BitConverter.GetBytes(Value)
       Int64number = BitConverter.ToInt64(Int64bytes, 0)
       Return Int64number
   End Function
#End Region

#Region "Zusatzfunktionen"
   'Public Function UnicodeToString(ByVal str1 As String) As String
   '    'Dim str1 As String = Read_Pointer_String(56, BaseAddress_EXE + &H62E4FC, {&H9CC, &H1BA8, &HDA8})
   '    Dim char1() As Char = str1.ToCharArray
   '    Dim Text As New System.Text.StringBuilder
   '    Text = Text.Append("")
   '    For I As Integer = 0 To char1.Length - 1
   '        'MessageBox.Show(char1(I))
   '        'TextBox1.Text &= char1(I)
   '        Return Text.AppendLine(char1(I)).ToString
   '    Next
   'End Function
#End Region
End Module



Wäre echt dankbar, wenn jemand hilft den es gibt mittlerweile immer mehr Spiele die 64Bit fähig sind.
DNA hat gesagt damals es lohnt sich noch nicht soweit ich mal was gelesen habe, aber ich bin der meinung ab jetzt wäre der geeignete Zeitpunkt und wir würden alle hier profitieren.

mfg.
Xiantrius

iNvIcTUs oRCuS

10.12.2016, 04:36
Also wenn ich das richtig lese dann sind bei deinem Trainermodul sämtliche ProcessHandles als 32 Bit Integer definiert.
In erster Linie sind Process Handles nur positive Zahlen. Demzufolge also UInt32. Allerdings sind auf 64 Bit Betriebssystemen die Handles als UInt64 definiert bzw. können diese Größe annehmen.
Vielleicht hilft das schon hier diese Definitionen anzupassen...
Ansonsten wäre dann DNA hier wieder das Genie welcher sich mit VB am besten auskennt.

Xiantrius

10.12.2016, 17:45
Du meinst sicherlich HProcess auf UInt64 stellen, wenn es sich um ein 64 Bit Prozess handelt oder?
Das habe ich gemacht und trotzdem kommt nur der Wert 0 raus bei höheren Ziel Adressen.

Visual Basic Code 
    Private Declare Function RPM Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As UInt64, ByVal lpBaseAddress As Int64, ByRef lpBuffer As SByte, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As SByte
   
   Private Declare Function RPM Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As UInt64, ByVal lpBaseAddress As Int64, ByRef lpBuffer As Byte, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As Byte
   
   Private Declare Function RPM Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As UInt64, ByVal lpBaseAddress As Int64, ByRef lpBuffer As Int16, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As Int16
   
   Private Declare Function RPM Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As UInt64, ByVal lpBaseAddress As Int64, ByRef lpBuffer As UInt16, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As UInt16
   
   Private Declare Function RPM Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As UInt64, ByVal lpBaseAddress As Int64, ByRef lpBuffer As Int32, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As Int32
   
   Private Declare Function RPM Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As UInt64, ByVal lpBaseAddress As Int64, ByRef lpBuffer As UInt32, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As UInt32
   
   Private Declare Function RPM Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As UInt64, ByVal lpBaseAddress As Int64, ByRef lpBuffer As Int64, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As Int64
   
   Private Declare Function RPM Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As UInt64, ByVal lpBaseAddress As Int64, ByRef lpBuffer As Single, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As Single
   
   Private Declare Function RPM Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As UInt64, ByVal lpBaseAddress As Int64, ByRef lpBuffer As Double, ByVal nSize As Int32, ByRef lpNumberOfBytesWritten As Int32) As Double


Damit das bisschen veranschaulicht ist hab ich eine Listbox gemacht und möchte euch den Code posten wie ich das ausführe als kleines beispiel und ein Screenshot meiner Form zeigen wie es aussieht.

Visual Basic Code 
    Private Function DoesProcessExists(ByVal PName As String) As Boolean
        Return System.Diagnostics.Process.GetProcessesByName(PName).Length >= 1
    End Function

    Public Const ProcName = "7DaysToDie"
    Dim BaseAddress_EXE As Int64
    Dim BaseAddress_DLL As Int64

    Public Function Does7DaysToDie_EXE(ByVal Test As Boolean) As Boolean
        BaseAddress_EXE = GetModuleBase_64Bit(ProcName, ProcName & ".exe")
        GetProcessId(ProcName)
        Return BaseAddress_EXE
    End Function

    Public Function Does7DaysToDie_DLL(ByVal Test As Boolean) As Boolean
        BaseAddress_DLL = GetModuleBase_64Bit(ProcName, "mono.dll")
        GetProcessId(ProcName)
        Return BaseAddress_DLL
    End Function

    Private Sub Button1_Click(sender As System.Object, e As System.EventArgs) Handles Button1.Click
        If DoesProcessExists("7DaysToDie") = True Then
            BaseAddress_EXE = GetModuleBase_64Bit(ProcName, ProcName & ".exe")
            GetProcessId(ProcName)
            ListBox1.Items.Clear()
            ListBox1.Items.Add("Processname:" & ProcName)
            ListBox1.Items.Add("ProcessID:" & GetProcessId(ProcName))
            Dim TestexeAddresse As Int64 = GetModuleBase_64Bit(ProcName, "7DaysToDie.exe")
            ListBox1.Items.Add("Process Adresse:" & Hex(TestexeAddresse))
            Dim TestdllAddresse As Int64 = (GetModuleBase_64Bit(ProcName, "mono.dll"))
            ListBox1.Items.Add("Process Adresse + DLL:" & Hex(TestdllAddresse))
            Dim Zieladresse32Bit As Int32 = &H7FFF3FEF
            ListBox1.Items.Add("Ist noch in den 32Bit Hexadresse=7FFF3FEF: Wert=" & Read_8Byte_Int64(Zieladresse32Bit))
            Dim Zieladresse64Bit As Int64 = &H80000002
            ListBox1.Items.Add("Ist schon über den 32Bit limit Hexadresse=80000002: Wert=" & Read_8Byte_Int64(Zieladresse64Bit))
        End If
    End Sub



[Bild: beispielj0p3laf1c5.png]

Ihr seht die Process Adresse wird ausgelesen, genauso die ID des Prozesses und eine DLL die eine sehr lange Hexzahl als Adresse hat. Ich weis nur nicht warum es bei direkten adressen immer Wert 0 ergibt wenn diese dann über die 32Bit schwelle kommen das selbe problem habe ich auch wenn es um eine Pointeradresse mit Offsets geht die eine Zieladresse anvisieren sollen da kommt der Wert ebenfalls auf 0.
HProcess habe ich auf UInt64 gemacht.

Nun weis ich auch warum es bei mir mal zufällig ging, weil er mal Adressen im Pointer als Ziel genommen hat die in der 32Bit schwelle waren. Bei mein kollegen war das dann halt immer Pech, bis es mich dann getroffen hat. Nun weis ich es...

Nur ich weis nicht was man an den Trainermodul noch ändern soll.

DNA

10.12.2016, 22:26
Hey, du musst im Trainermodul bei sämtlichen Schreib- und Lesefunktionen folgendes abändern
(gilt nur für 64bit!)


Public Function Read_1Byte_SByte(ByVal address As Int64) As SByte
       Dim process_handle As Int32, value As SByte
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           RPM(process_handle, address&, value, 1, 0)
       End If
       CloseHandle(process_handle)
       Return value
   End Function

Xiantrius

11.12.2016, 14:13
(10.12.2016, 22:26)DNA schrieb: [ -> ]Hey, du musst im Trainermodul bei sämtlichen Schreib- und Lesefunktionen folgendes abändern
(gilt nur für 64bit!)


Public Function Read_1Byte_SByte(ByVal address As Int64) As SByte
       Dim process_handle As Int32, value As SByte
       process_handle = OpenProcess(ACCESS_RIGHTS_ALL, False, process_id)
       If process_handle <> 0 Then
           RPM(process_handle, address&, value, 1, 0)
       End If
       CloseHandle(process_handle)
       Return value
   End Function

Ok soviel ich verstanden hab soll das so aussehen >>> RPM(process_handle, address&, value, 1, 0) <<<
Allerdings meckert er mich voll das address& nicht deklariert ist verknüpft mit anderen Meldungen in einen Fehlerprotokoll.
Naja ehrlich gesagt wird das & zeichen nicht hinter dem variablename als ankettung akzeptiert.

Ich habe es auch schon so probiert.

Code: 
RPM(process_handle, address&, value, 1, 0)

RPM(process_handle, address &, value, 1, 0)

RPM(process_handle, address & value, 1, 0)


Was willst du mir mit dem & Zeichen sagen?

Xiantrius

12.12.2016, 06:26
Wie versprochen Smiling
So nach langer und harter Arbeit an den Trainermodul trägt es endlich langsam Früchte und ist nun zum vollen testen einsatzbereit. Ich habe soviel getestet wie ich konnte und Fehler hier und da ausgebügelt und Anpassungen gemacht.
Auch DNA war beteiligt und hat mit geholfen, daher geht mein dank auch an ihm.
Ich werde nun die erste Trainermodul_64Bit version für Spiele die über 64Bit Prozess laufen anbieten.
7 Days To Die ist eines davon und man kann dort den Trainermodul gut testen.
Wenn irgendwelche Fehler in mein Trainermodul noch sind, dann teilt sie hier bitte mit.
amsonsten wäre hier das Thema abgeschlossen, sollte die nexte Zeit kein nextes problem darüber anbahnen.


Hier ist der Download Link >>> Trainermodul_64Bit <<< Wünsche euch damit viel Spass. Wink

Ich gehe jetzt ins Bett hab bis heute früh durch geackert damit gute Nacht.


mfg.
Xiantrius
Seiten: 1 2 3
Home of Gamehacking - Archiv > Coding > Visual Basic 6, VB.NET > Trainermodul problem auf Prozess 64Bit