Getting SC2 Process base address

This is a discussion on Getting SC2 Process base address within the Starcraft 2 Coding board part of the Starcraft 2 forum category; If anyone wants to write a basic trainer is AHK, as of 2.0.4 you will need to find the base ...

Results 1 to 6 of 6
  1. #1
    madBovine123 is offline Hacker


    Array
    Join Date
    Jun 2012
    Posts
    164
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    10
    Reputation
    513

    Getting SC2 Process base address

    If anyone wants to write a basic trainer is AHK, as of 2.0.4 you will need to find the base address of SC2. You can use this function to achieve this.



    Code:
    getProcessBaseAddress(WindowTitle, Hex=1, MatchMode=3)    ;WindowTitle can be anything ahk_exe ahk_class etc
    {
        SetTitleMatchMode, %MatchMode%    ;mode 3 is an exact match
        WinGet, hWnd, ID, %WindowTitle%
        ; AHK32Bit A_PtrSize = 4 | AHK64Bit - 8 bytes
        BaseAddress := DllCall(A_PtrSize = 4
            ? "GetWindowLong" 
            : "GetWindowLongPtr", "Uint", hWnd, "Uint", -6) 
        if Hex
            return dectohex(BaseAddress)
        else return BaseAddress
    }
    e.g.
    Base := getProcessBaseAddress("StarCraft II")

    Cheers.
    Last edited by madBovine123; 01-23-2014 at 02:00 PM.

  2. The Following 5 Users Say Thank You to madBovine123 For This Useful Post:


  3. #2
    Nekokami is offline Advanced Hacker


    Array
    Join Date
    Nov 2011
    Posts
    439
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    10
    Reputation
    230
    Another method(C#)

    Code:
     public static void OpenProcess()
            {
                Process[] procs = Process.GetProcessesByName("SC2");
                if (procs.Length == 0)
                {
                    proccID = 0;
                }
                else
                {
                    proccID = procs[0].Id;
                    pHandle = OpenProcess(0x1F0FFF, false, proccID);
    
    
    
                    ProcessModuleCollection modules = procs[0].Modules;
                    foreach (ProcessModule module in modules)
                    {
                        if (module.ModuleName == "SC2.exe")
                        {
                            base_address = module.BaseAddress.ToInt32();
                        }
                    }
    
                }
    Last edited by Nekokami; 02-22-2013 at 01:47 PM. Reason: Fixed a typo

  4. The Following 2 Users Say Thank You to Nekokami For This Useful Post:


  5. #3
    bellaPatricia's Avatar
    bellaPatricia is offline Legend




    Array
    Join Date
    Oct 2010
    Posts
    1,408
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    15
    Reputation
    1133
    Quote Originally Posted by Vallz View Post
    Another method(C#)

    Code:
     public static void OpenProcess()
            {
                Process[] procs = Process.GetProcessesByName("SC2");
                if (procs.Length == 0)
                {
                    proccID = 0;
                }
                else
                {
                    proccID = procs[0].Id;
                    pHandle = OpenProcess(0x1F0FFF, false, proccID);
    
    
    
                    ProcessModuleCollection modules = procs[0].Modules;
                    foreach (ProcessModule module in modules)
                    {
                        if (module.ModuleName == "SC2.exe")
                        {
                            base_address = module.BaseAddress.ToInt32();
                        }
                    }
    
                }
    You don't need to open the process to get the baseaddress.
    Btw. why would you open a process with all Access? I'm not sure but 0x1F0FFF seems to be ALLACCESS but I'm not sure.

    I catch my baseaddress like this:
    Code:
    Process.GetProcessByName("SC2)[0].MainModule.BaseAddress;
    Of course with various exceptions and checks if the process is available.


  6. The Following 3 Users Say Thank You to bellaPatricia For This Useful Post:


  7. #4
    Nekokami is offline Advanced Hacker


    Array
    Join Date
    Nov 2011
    Posts
    439
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    10
    Reputation
    230
    Quote Originally Posted by bellaPatricia View Post
    You don't need to open the process to get the baseaddress.
    Btw. why would you open a process with all Access? I'm not sure but 0x1F0FFF seems to be ALLACCESS but I'm not sure.

    I catch my baseaddress like this:
    Code:
    Process.GetProcessByName("SC2)[0].MainModule.BaseAddress;
    Of course with various exceptions and checks if the process is available.
    To get the base address, you don't have to, but it's part of my class where I do other things then getting the base address.
    All access since my class has both read and write functions.
    For read only you could do
    Code:
    pHandle = OpenProcess(0x0010, false, proccID); //
    List of process handle restriction address:
    Code:
    PROCESS_ALL_ACCESS (0x1F0FFF)            
    PROCESS_CREATE_PROCESS (0x0080)                  
    PROCESS_CREATE_THREAD (0x0002)                   
    PROCESS_DUP_HANDLE (0x0040)              
    PROCESS_QUERY_INFORMATION (0x0400)               
    PROCESS_QUERY_LIMITED_INFORMATION (0x1000)               
    PROCESS_SET_QUOTA (0x0100)               
    PROCESS_SET_INFORMATION (0x0200)                
    PROCESS_SUSPEND_RESUME (0x0800)                  
    PROCESS_TERMINATE (0x0001)              
    PROCESS_VM_OPERATION (0x0008)            
    PROCESS_VM_READ (0x0010)                 
    PROCESS_VM_WRITE (0x0020)
    Last edited by Nekokami; 02-22-2013 at 01:51 PM.

  8. The Following 2 Users Say Thank You to Nekokami For This Useful Post:


  9. #5
    bellaPatricia's Avatar
    bellaPatricia is offline Legend




    Array
    Join Date
    Oct 2010
    Posts
    1,408
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    15
    Reputation
    1133
    Thanks for posting the operations.
    It's a pain to catch them if you don't have a C/ C++ compiler on your PC.
    Find them in the internet takes ages. ^^


  10. #6
    madBovine123 is offline Hacker


    Array
    Join Date
    Jun 2012
    Posts
    164
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    10
    Reputation
    513
    I was bored, so decided to have a go at finding the base address via iterating the modules.

    AHK code
    Code:
    /*
    _MODULEINFO:    LPVOID lpBaseOfDll
                    DWORD  SizeOfImage
                    LPVOID EntryPoint
    */
    getProcessBassAddressFromModules(process)
    {
        Process, Exist, %process%
        if ErrorLevel                             ; PROCESS_QUERY_INFORMATION + PROCESS_VM_READ 
            hProc := DllCall("OpenProcess", "UInt", 0x0400 | 0x0010 , "Int", 0, "UInt", ErrorLevel)
        if !hProc
            return -2
        VarSetCapacity(mainExeNameBuffer, 2048 * (A_IsUnicode ? 2 : 1))
        DllCall("psapi\GetModuleFileNameEx", "UInt", hProc, "UInt", 0
                    , "Ptr", &mainExeNameBuffer, "UInt", 2048 / (A_IsUnicode ? 2 : 1))
        mainExeName := StrGet(&mainExeNameBuffer)
        ; mainExeName = main executable module of the process
        size := VarSetCapacity(lphModule, 4)
        loop 
        {
            DllCall("psapi\EnumProcessModules", "UInt", hProc, "Ptr", &lphModule
                    , "UInt", size, "UInt*", reqSize)
            if ErrorLevel
                return -3, DllCall("CloseHandle","UInt",hProc) 
            else if (size >= reqSize)
                break
            else 
                size := VarSetCapacity(lphModule, reqSize)    
        }
        VarSetCapacity(lpFilename, 2048 * (A_IsUnicode ? 2 : 1))
        loop % reqSize / A_PtrSize ; sizeof(HMODULE) - enumerate the array of HMODULEs
        {
            DllCall("psapi\GetModuleFileNameEx", "UInt", hProc, "UInt", numget(lphModule, (A_index - 1) * 4)
                    , "Ptr", &lpFilename, "UInt", 2048 / (A_IsUnicode ? 2 : 1))
            if (mainExeName = StrGet(&lpFilename))
            {
                VarSetCapacity(MODULEINFO, 12)
                DllCall("psapi\GetModuleInformation", "UInt", hProc, "UInt", numget(lphModule, (A_index - 1) * 4)
                    , "Ptr", &MODULEINFO, "UInt", 12)
                return numget(MODULEINFO, 0, "UInt"), DllCall("CloseHandle","UInt",hProc)
            }
        }
        return -1, DllCall("CloseHandle","UInt",hProc) ; not found
    }
    Last edited by madBovine123; 01-29-2014 at 01:48 AM.

  11. The Following 2 Users Say Thank You to madBovine123 For This Useful Post:


Similar Threads

  1. [Help] Camera Base Address?
    By h4344 in forum Starcraft 2 Coding
    Replies: 3
    Last Post: 10-04-2012, 04:12 PM
  2. How to get addresses of process
    By bellaPatricia in forum Starcraft 2 Coding
    Replies: 19
    Last Post: 01-23-2012, 10:03 PM
  3. [VB Code] How to kill a process
    By Smoogel in forum Development
    Replies: 2
    Last Post: 09-11-2010, 04:19 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •