I am making a simple C# trainer, in which I use ReadProcessMemory.
At the moment I do it like this:
RPM(base,buffer) --> buffer+offset1=finaladdress --> RPM(finaladdress,buffer) -->
BitConverter.ToInt32(buffer, 0) = value
Now I want to automate the process using a function (because the process is to messy for multilevel pointers).
I found this:
uint []offsets = {0xDFCDD8, 0x13A8, 0x4}
getAddress(offsets);
uint getAddress(offsets[])
{
int i;
uint address;
address = readProcessMemory(offsets[0]);
for(i=1; i<(sizeof(offsets)/sizeof(uint)); i++)
{
address = ReadProcessMemory(address + offsets[i]);
}
return address;
}
But I do not understand how this works. Can anyone explain it to me or give me an other function?
That code is not quite valid C# code so that may be a little bit why you are having trouble understanding it. but basically it appears to do exactly what you where talking about doing manually, it just does a redirection for each element in the array.
Here is a re-written version that would be valid code plus a few tweaks to make it easier to describe what is going on.
int GetValueForLives()
{
uint[] offsets = {0xDFCDD8, 0x13A8, 0x4}
uint uncastValue = GetAddress(offsets);
int value = BitConverter.ToInt32(uncastValue, 0);
}
uint GetAddress(uint[] offsets)
{
int i;
uint address;
uint result = readProcessMemory(offsets[0]);
for(i=1; i < offsets.Length; i++)
{
address = result + offsets[i]
result = ReadProcessMemory(address);
}
return result;
}
So what GetAddress() is doing is basically doing your old manual method with 2 redirections.
RPM(0xDFCDD8,result) --> address = result + 0x13A8 --> RPM(address,result) -->
address = result + 0x4 --> RPM(address,result)
It then returns the value for result, after that GetValueForLives() takes that uint value and turns it into a int value then returns that int value to the caller.