[VB.NET]c++ readprocessmemory function to vb.net

Discussion in 'Mixed Languages' started by stevemk14ebr, Dec 23, 2012.

  1. stevemk14ebr

    stevemk14ebr MDL Senior Member

    Jun 23, 2010
    267
    48
    10
    #1 stevemk14ebr, Dec 23, 2012
    Last edited by a moderator: Apr 20, 2017
    i have this c++ code for a function
    Code:
    DWORD ClientGameContext = 0x23bd8ac;
    DWORD buffer;
    float CurrentSpeed = 1;
    int newValue = 0;
    
    ReadProcessMemory(hProc,(LPCVOID)(ClientGameContext), &buffer, 4, NULL);
    
    ReadProcessMemory(hProc,(LPCVOID)(buffer + 0x30), (void*)&buffer, sizeof(buffer), NULL);
    ReadProcessMemory(hProc,(LPCVOID)(buffer + 0xbc), (void*)&buffer, sizeof(buffer), NULL); 
    ReadProcessMemory(hProc,(LPCVOID)(buffer + 0x3D8), (void*)&buffer, sizeof(buffer), NULL); 
    ReadProcessMemory(hProc,(LPCVOID)(buffer + 0x98), &CurrentSpeed, sizeof(CurrentSpeed), NULL);
    CurrentSpeed = CurrentSpeed * 3.6;
    Sleep(5);
    return CurrentSpeed;
    }
    and i can't figure out how to convert it to vb.net. The biggest problem is that i can't figure out what the & operator does, or how to set a variable = to the offsets such as "0x98"

    could anyone help in converting it
     
  2. splinter_

    splinter_ MDL Novice

    Dec 17, 2012
    19
    3
    0
    There is no VB equivalent to 'sizeof'
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Josh Cell

    Josh Cell MDL Developer

    Jan 8, 2011
    3,515
    7,170
    120
    #3 Josh Cell, Dec 23, 2012
    Last edited by a moderator: Apr 20, 2017
    Do you mean in reading the Address via Pointers and Offsets of a process?

    I have one solution:

    C#

    Code:
            using System.Diagnostics;
            using System.Runtime.InteropServices;
    
            public int ReadInt(string exeProc, int Pointer, int[] Offsets) //Read the integrer address using the Pointer and Offset.
                {
                int Buffer = 0; //Declaring the address buffer.
                Process[] Proc = Process.GetProcessesByName(exeProc); // Making the array of Process to the exeProc name without .exe.
                if (Proc.Length != 0) // When the process exists...
                {
                    int pHandle = Proc[0].Handle.ToInt32(); // Create the process handle...
                    if (pHandle != 0) // When the handle isn't zero...
                    {
                        foreach (int Offset in Offsets) //Search for the Offsets inside the process.
                        {
                            int r = 0; // Declaring the reader variable.
                            ReadProcessMemory(pHandle, Pointer, ref Pointer, 4, ref r); // Reading the adress.
                            Pointer += Offset; //Adding to the Offset array.
                        }
                        int r2 = 0; // Declaring a second var.
                        ReadProcessMemory(pHandle, Pointer, ref Buffer, 4, ref r2); // Validating the Offset.
                    }
                }
                return Buffer; //Returning the address.
            }
     
            [DllImport("kernel32.dll")] //Importing a Kernel32 Entry Point.
              private static extern int ReadProcessMemory(int Handle, int Addr, ref int buffer, int Size, ref int Bytes); //The method to the Entry Point.
    VB .NET

    Code:
        Imports System.Runtime.InteropServices
        Imports System.Diagnostics;
    
        Public Function ReadInt(exeProc As String, Pointer As Integer, Offsets As Integer()) As Integer
            'Read the integrer address using the Pointer and Offset.
            Dim Buffer As Integer = 0
            'Declaring the address buffer.
            Dim Proc As Process() = Process.GetProcessesByName(exeProc)
            ' Making the array of Process to the exeProc name without .exe.
            If Proc.Length <> 0 Then
                ' When the process exists...
                Dim pHandle As Integer = Proc(0).Handle.ToInt32()
                ' Create the process handle...
                If pHandle <> 0 Then
                    ' When the handle isn't zero...
                    For Each Offset As Integer In Offsets
                        'Search for the Offsets inside the process.
                        Dim r As Integer = 0
                        ' Declaring the reader variable.
                        ReadProcessMemory(pHandle, Pointer, Pointer, 4, r)
                        ' Reading the adress.
                        'Adding to the Offset array.
                        Pointer += Offset
                    Next
                    Dim r2 As Integer = 0
                    ' Declaring a second var.
                    ' Validating the Offset.
                    ReadProcessMemory(pHandle, Pointer, Buffer, 4, r2)
                End If
            End If
            Return Buffer
            'Returning the address.
        End Function
    
        'Importing a Kernel32 Entry Point.
        Private Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Integer, ByVal lpBaseAddress As Integer, ByVal lpBuffer As Integer, ByVal nSize As Integer, ByRef lpNumberOfBytesWritten As Integer) As Integer
        'The method to the Entry Point.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. stevemk14ebr

    stevemk14ebr MDL Senior Member

    Jun 23, 2010
    267
    48
    10
    Josh your code would appear to work for my purposes but i have 1 question how do i store the offsets into an integer variable, in c++ the code uses the value of 0x98 but in vb if you set an integer equal to 0x98 it gives an error, how would you do this
     
  5. Josh Cell

    Josh Cell MDL Developer

    Jan 8, 2011
    3,515
    7,170
    120
    Maybe using IntPtr or Byte?

    You also can use a cast to convert the byte to int as (int)0x98 or 0x98 as Integer.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. stevemk14ebr

    stevemk14ebr MDL Senior Member

    Jun 23, 2010
    267
    48
    10
    #6 stevemk14ebr, Dec 23, 2012
    Last edited by a moderator: Apr 20, 2017
    (OP)
    i'm not sure you understand in other memory reading examples in vb people set their offsets equal to &h and stuff like that
    Code:
    Dim offsets() As IntPtr = {&H0, &H1F8, &H8, &H84, &H0}
    so does the &h represent and how do i convert say
    Code:
    0x98
    to an &h type thing

    P.S i did try just declaring
    Code:
    Dim offset As IntPtr = 0x98
    but that doesn't work
     
  7. Josh Cell

    Josh Cell MDL Developer

    Jan 8, 2011
    3,515
    7,170
    120
    #7 Josh Cell, Dec 24, 2012
    Last edited by a moderator: Apr 20, 2017
    Maybe

    Code:
    Dim offset as Integer = Convert.ToInt32(0x98)
    Or

    Code:
    Dim offset As Integer = 0x98 as Integer
    Or

    Code:
    Dim offsets() As Integer = {&H0 as Integer, &H1F8 as Integer, &H8 as Integer, &H84 as Integer, &H0 as Integer}
    Like that.

    You need to convert the values before inserting on the var.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. stevemk14ebr

    stevemk14ebr MDL Senior Member

    Jun 23, 2010
    267
    48
    10
    #8 stevemk14ebr, Dec 24, 2012
    Last edited: Dec 24, 2012
    (OP)
    thank you i'll try that (i'm in the process of learning c++ so this translating between languages will be a thing of the past)

    it seems that &h represents the 0x part of the hex so &h98 in vb.net = 0x98 in c

    P.S you left a semicolon in after system.diagnostics in your vb.net translation ;)
     
  9. master131

    master131 MDL Novice

    Apr 12, 2011
    45
    22
    0
    #9 master131, Dec 29, 2012
    Last edited by a moderator: Apr 20, 2017
    I'm going to assume you know how to use OpenProcess.

    Code:
    Dim ClientGameContext As New IntPtr(&H23BD8AC)
    Dim currentSpeed As Single = 1
    
    <DllImport("kernel32.dll", SetLastError:=True)> _
    Public Shared Function ReadProcessMemory(ByVal hProcess As IntPtr, ByVal lpBaseAddress As IntPtr, <Out()> ByVal lpBuffer As Byte(), ByVal dwSize As IntPtr, ByRef lpNumberOfBytesRead As IntPtr) As Boolean
    End Function
    
    Private Shared Function ReadMemory(Of T)(ByVal pHandle As IntPtr, ByVal address As IntPtr) As T
    Dim bufferSize As Integer = Marshal.SizeOf(GetType(T))
    Dim buffer(bufferSize - 1) As Byte
    Dim read As IntPtr
    ReadProcessMemory(pHandle, address, buffer, New IntPtr(bufferSize), read)
    Dim gHandle As GCHandle = GCHandle.Alloc(buffer, GCHandleType.Pinned)
    Dim value As T = CType(Marshal.PtrToStructure(gHandle.AddrOfPinnedObject(), GetType(T)), T)
    gHandle.Free()
    Return value
    End Function
    
    Private Function GetCurrentSpeed() As Single
    Dim pointer As Integer = ReadMemory(Of Integer)(hProc, ClientGameContext)
    pointer = ReadMemory(Of Integer)(hProc, New IntPtr(pointer + &H30))
    pointer = ReadMemory(Of Integer)(hProc, New IntPtr(pointer + &HBC))
    pointer = ReadMemory(Of Integer)(hProc, New IntPtr(pointer + &H3D8))
    currentSpeed = ReadMemory(Of Single)(hProc, New IntPtr(pointer + &H98)) * 3.6F
    Return pointer
    End Function
     
  10. PAYMYRENT

    PAYMYRENT MDL Developer

    Jul 28, 2009
    1,460
    420
    60
    #10 PAYMYRENT, Dec 29, 2012
    Last edited by a moderator: Apr 20, 2017
    Code:
    System.Runtime.InteropServices.Marshal.SizeOf(Object)
    to OP

    & in c++ is the pointer (mem address) to the object

    my C++ lesson 1
    and my C++ lesson 2
     
  11. PAYMYRENT

    PAYMYRENT MDL Developer

    Jul 28, 2009
    1,460
    420
    60
    #11 PAYMYRENT, Dec 29, 2012
    Last edited by a moderator: Apr 20, 2017
    the type "&H" is just a hex value. i convert my hex to dec for the ease of understanding the code i write lol :D

    0x98 = &H98
     
  12. PAYMYRENT

    PAYMYRENT MDL Developer

    Jul 28, 2009
    1,460
    420
    60
    #12 PAYMYRENT, Dec 29, 2012
    Last edited by a moderator: Apr 20, 2017
    that is incorrect &H is already an integer

    vb doesnt do hex like 0x98 you need to convert it to what vb knows (&H) its better to convert the hex (base 16) to a dec (base 10)

    EDIT: Create a project and add two textboxes to a form then add this code :D

    Code:
        Private Sub TextBox1_TextChanged(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles TextBox1.TextChanged
            ' Outputs hex value for VB.NET
            ' Textbox1 is the decimal value
            ' Textbox2 is the hex value in vb that will compile
            Try
                TextBox2.Text = "&H" & Hex(TextBox1.Text)
            Catch ex As Exception
            End Try
        End Sub
     
  13. Josh Cell

    Josh Cell MDL Developer

    Jan 8, 2011
    3,515
    7,170
    120
    #13 Josh Cell, Dec 31, 2012
    Last edited by a moderator: Apr 20, 2017
    I don't know so much about Visual Basic, but I was used this pack of methods to make some memory tamperings and can be very useful for you:

    Code:
    'VB.NET Module 
    'Author : Cless 
    'How to use Read/Write Pointer 
    'Example Read 
    ' Me.Text = ReadPointerInteger(Game exe name, &HPointer,&HOffset).ToString() 
    ' 
    ' Me.Text = ReadPointerInteger("gta_sa", &HB71A38,&H540).ToString() 
    ' Or 
    ' Me.Text = ReadPointerInteger("gta_sa", &HB71A38,&H540,&H544).ToString() 
    'Example Write 
    ' WritePointerInteger(Game exe name,&HPointer,Value,&HOffset) 
    ' 
    ' WritePointerInteger("gta_sa",&HB71A38,1000,&H540) 
    ' Or 
    ' WritePointerInteger("gta_sa",&HB71A38,1000,&H540, &H544) 
    
    Module Trainer
    Private Declare Function ReadMemoryByte Lib "kernel32" Alias "ReadProcessMemory" (ByVal Handle As Integer, ByVal Address As Integer, ByRef Value As Byte, Optional ByVal Size As Integer = 2, Optional ByRef Bytes As Integer = 0) As Byte
    Private Declare Function ReadMemoryInteger Lib "kernel32" Alias "ReadProcessMemory" (ByVal Handle As Integer, ByVal Address As Integer, ByRef Value As Integer, Optional ByVal Size As Integer = 4, Optional ByRef Bytes As Integer = 0) As Integer
    Private Declare Function ReadMemoryFloat Lib "kernel32" Alias "ReadProcessMemory" (ByVal Handle As Integer, ByVal Address As Integer, ByRef Value As Single, Optional ByVal Size As Integer = 4, Optional ByRef Bytes As Integer = 0) As Single
    Private Declare Function ReadMemoryDouble Lib "kernel32" Alias "ReadProcessMemory" (ByVal Handle As Integer, ByVal Address As Integer, ByRef Value As Double, Optional ByVal Size As Integer = 8, Optional ByRef Bytes As Integer = 0) As Double
    
    Private Declare Function WriteMemoryByte Lib "kernel32" Alias "WriteProcessMemory" (ByVal Handle As Integer, ByVal Address As Integer, ByRef Value As Byte, Optional ByVal Size As Integer = 2, Optional ByRef Bytes As Integer = 0) As Byte
    Private Declare Function WriteMemoryInteger Lib "kernel32" Alias "WriteProcessMemory" (ByVal Handle As Integer, ByVal Address As Integer, ByRef Value As Integer, Optional ByVal Size As Integer = 4, Optional ByRef Bytes As Integer = 0) As Integer
    Private Declare Function WriteMemoryFloat Lib "kernel32" Alias "WriteProcessMemory" (ByVal Handle As Integer, ByVal Address As Integer, ByRef Value As Single, Optional ByVal Size As Integer = 2, Optional ByRef Bytes As Integer = 0) As Single
    Private Declare Function WriteMemoryDouble Lib "kernel32" Alias "WriteProcessMemory" (ByVal Handle As Integer, ByVal Address As Integer, ByRef Value As Double, Optional ByVal Size As Integer = 2, Optional ByRef Bytes As Integer = 0) As Double
    
    Public Function ReadByte(ByVal EXENAME As String, ByVal Address As Integer) As Byte
    Dim Value As Byte
    If Process.GetProcessesByName(EXENAME).Length <> 0 Then
    Dim Handle As Integer = Process.GetProcessesByName(EXENAME)(0).Handle
    If Handle <> 0 Then
    ReadMemoryByte(Handle, Address, Value)
    End If
    End If
    Return Value
    End Function
    
    Public Function ReadInteger(ByVal EXENAME As String, ByVal Address As Integer) As Integer
    Dim Value As Integer
    If Process.GetProcessesByName(EXENAME).Length <> 0 Then
    Dim Handle As Integer = Process.GetProcessesByName(EXENAME)(0).Handle
    If Handle <> 0 Then
    ReadMemoryInteger(Handle, Address, Value)
    End If
    End If
    Return Value
    End Function
    
    Public Function ReadFloat(ByVal EXENAME As String, ByVal Address As Integer) As Single
    Dim Value As Single
    If Process.GetProcessesByName(EXENAME).Length <> 0 Then
    Dim Handle As Integer = Process.GetProcessesByName(EXENAME)(0).Handle
    If Handle <> 0 Then
    ReadMemoryFloat(Handle, Address, Value)
    End If
    End If
    Return Value
    End Function
    
    Public Function ReadDouble(ByVal EXENAME As String, ByVal Address As Integer) As Double
    Dim Value As Double
    If Process.GetProcessesByName(EXENAME).Length <> 0 Then
    Dim Handle As Integer = Process.GetProcessesByName(EXENAME)(0).Handle
    If Handle <> 0 Then
    ReadMemoryByte(Handle, Address, Value)
    End If
    End If
    Return Value
    End Function
    
    Public Function ReadPointerByte(ByVal EXENAME As String, ByVal Pointer As Integer, ByVal ParamArray Offset As Integer()) As Byte
    Dim Value As Byte
    If Process.GetProcessesByName(EXENAME).Length <> 0 Then
    Dim Handle As Integer = Process.GetProcessesByName(EXENAME)(0).Handle
    If Handle <> 0 Then
    For Each I As Integer In Offset
    ReadMemoryInteger(Handle, Pointer, Pointer)
    Pointer += I
    Next
    ReadMemoryByte(Handle, Pointer, Value)
    End If
    End If
    Return Value
    End Function
    
    Public Function ReadPointerInteger(ByVal EXENAME As String, ByVal Pointer As Integer, ByVal ParamArray Offset As Integer()) As Integer
    Dim Value As Integer
    If Process.GetProcessesByName(EXENAME).Length <> 0 Then
    Dim Handle As Integer = Process.GetProcessesByName(EXENAME)(0).Handle
    If Handle <> 0 Then
    For Each I As Integer In Offset
    ReadMemoryInteger(Handle, Pointer, Pointer)
    Pointer += I
    Next
    ReadMemoryInteger(Handle, Pointer, Value)
    End If
    End If
    Return Value
    End Function
    
    Public Function ReadPointerFloat(ByVal EXENAME As String, ByVal Pointer As Integer, ByVal ParamArray Offset As Integer()) As Single
    Dim Value As Single
    If Process.GetProcessesByName(EXENAME).Length <> 0 Then
    Dim Handle As Integer = Process.GetProcessesByName(EXENAME)(0).Handle
    If Handle <> 0 Then
    For Each I As Integer In Offset
    ReadMemoryInteger(Handle, Pointer, Pointer)
    Pointer += I
    Next
    ReadMemoryFloat(Handle, Pointer, Value)
    End If
    End If
    Return Value
    End Function
    
    Public Function ReadPointerDouble(ByVal EXENAME As String, ByVal Pointer As Integer, ByVal ParamArray Offset As Integer()) As Double
    Dim Value As Double
    If Process.GetProcessesByName(EXENAME).Length <> 0 Then
    Dim Handle As Integer = Process.GetProcessesByName(EXENAME)(0).Handle
    If Handle <> 0 Then
    For Each I As Integer In Offset
    ReadMemoryInteger(Handle, Pointer, Pointer)
    Pointer += I
    Next
    ReadMemoryDouble(Handle, Pointer, Value)
    End If
    End If
    Return Value
    End Function
    
    Public Sub WriteByte(ByVal EXENAME As String, ByVal Address As Integer, ByVal Value As Byte)
    If Process.GetProcessesByName(EXENAME).Length <> 0 Then
    Dim Handle As Integer = Process.GetProcessesByName(EXENAME)(0).Handle
    If Handle <> 0 Then
    WriteMemoryByte(Handle, Address, Value)
    End If
    End If
    End Sub
    
    Public Sub WriteInteger(ByVal EXENAME As String, ByVal Address As Integer, ByVal Value As Integer)
    If Process.GetProcessesByName(EXENAME).Length <> 0 Then
    Dim Handle As Integer = Process.GetProcessesByName(EXENAME)(0).Handle
    If Handle <> 0 Then
    WriteMemoryInteger(Handle, Address, Value)
    End If
    End If
    End Sub
    
    Public Sub WriteFloat(ByVal EXENAME As String, ByVal Address As Integer, ByVal Value As Single)
    If Process.GetProcessesByName(EXENAME).Length <> 0 Then
    Dim Handle As Integer = Process.GetProcessesByName(EXENAME)(0).Handle
    If Handle <> 0 Then
    WriteMemoryFloat(Handle, Address, Value)
    End If
    End If
    End Sub
    
    Public Sub WriteDouble(ByVal EXENAME As String, ByVal Address As Integer, ByVal Value As Double)
    If Process.GetProcessesByName(EXENAME).Length <> 0 Then
    Dim Handle As Integer = Process.GetProcessesByName(EXENAME)(0).Handle
    If Handle <> 0 Then
    WriteMemoryDouble(Handle, Address, Value)
    End If
    End If
    End Sub
    
    Public Sub WritePointerByte(ByVal EXENAME As String, ByVal Pointer As Integer, ByVal Value As Byte, ByVal ParamArray Offset As Integer())
    If Process.GetProcessesByName(EXENAME).Length <> 0 Then
    Dim Handle As Integer = Process.GetProcessesByName(EXENAME)(0).Handle
    If Handle <> 0 Then
    For Each I As Integer In Offset
    ReadMemoryInteger(Handle, Pointer, Pointer)
    Pointer += I
    Next
    WriteMemoryByte(Handle, Pointer, Value)
    End If
    End If
    End Sub
    
    Public Sub WritePointerInteger(ByVal EXENAME As String, ByVal Pointer As Integer, ByVal Value As Integer, ByVal ParamArray Offset As Integer())
    If Process.GetProcessesByName(EXENAME).Length <> 0 Then
    Dim Handle As Integer = Process.GetProcessesByName(EXENAME)(0).Handle
    If Handle <> 0 Then
    For Each I As Integer In Offset
    ReadMemoryInteger(Handle, Pointer, Pointer)
    Pointer += I
    Next
    WriteMemoryInteger(Handle, Pointer, Value)
    End If
    End If
    End Sub
    
    Public Sub WritePointerFloat(ByVal EXENAME As String, ByVal Pointer As Integer, ByVal Value As Single, ByVal ParamArray Offset As Integer())
    If Process.GetProcessesByName(EXENAME).Length <> 0 Then
    Dim Handle As Integer = Process.GetProcessesByName(EXENAME)(0).Handle
    If Handle <> 0 Then
    For Each I As Integer In Offset
    ReadMemoryInteger(Handle, Pointer, Pointer)
    Pointer += I
    Next
    WriteMemoryFloat(Handle, Pointer, Value)
    End If
    End If
    End Sub
    
    Public Sub WritePointerDouble(ByVal EXENAME As String, ByVal Pointer As Integer, ByVal Value As Double, ByVal ParamArray Offset As Integer())
    If Process.GetProcessesByName(EXENAME).Length <> 0 Then
    Dim Handle As Integer = Process.GetProcessesByName(EXENAME)(0).Handle
    If Handle <> 0 Then
    For Each I As Integer In Offset
    ReadMemoryInteger(Handle, Pointer, Pointer)
    Pointer += I
    Next
    WriteMemoryDouble(Handle, Pointer, Value)
    End If
    End If
    End Sub
    End Module
    PS: Natively compiled for VB .NET.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  14. PAYMYRENT

    PAYMYRENT MDL Developer

    Jul 28, 2009
    1,460
    420
    60
    looks good to me... :D glad you understand hex is odd in VB :p
     
  15. Alphawaves

    Alphawaves Super Moderator/Developer
    Staff Member

    Aug 11, 2008
    6,218
    22,277
    210
  16. stevemk14ebr

    stevemk14ebr MDL Senior Member

    Jun 23, 2010
    267
    48
    10
    thanks guys you all cleared alot of my confusion up and special thanks to josh for all those methods