I tried to get the base starting address from this exe with openprocess, but I keep crashing when I run the code and I don't really see anything wrong with it.
HMODULE GetModule(HANDLE han)
{
HMODULE hMods[1024];
int i;
DWORD cbNeeded;
char szProcessName[MAX_PATH] = "Minesweeper.exe";
EnumProcessModules(han, hMods, sizeof(hMods), &cbNeeded);
for (i = 0; i < (cbNeeded / sizeof(HMODULE)); i++)
{
TCHAR szModName[MAX_PATH];
GetModuleFileNameEx(han, hMods[i], szProcessName, sizeof(szModName));
//printf(TEXT("\t%s (0x%08X)\n"), szModName, hMods[i]);
if (szModName == szProcessName)
{
cout << "FOUND" << endl;
}
}
return 0;
}
There are several issues with your code:
TCHAR, but not usingTCHARconsistently.==instead of the correct string comparison function.GetModuleFileNameExuses the wrong array.Here is a cleaned up version of your code, with corrections (not tested, but has most if not all of the issues with the code addressed):
Note that the
_T()macro is used to represent string literals. Since Microsoft has two character-set build types, and you're usingTCHAR, you should have the rest of your strings beTCHARcompatible. Using straight upchar, and relying on the character-set build type to save you from a compiler or runtime error is not the way to write the code.In addition, the
sizeofin the call toGetModuleFileNameExmust be divided bysizeof(TCHAR)to be correct.Also, to address the string comparison, the _tcscmp function is used. This function will be correct regardless of the character-set build type.