C ++从指针获取地址

Question

I'm trying to understand C++ way of Reading/Writing in memory. What I have is, I'm trying to get an address off of a pointer. I have the pointer which will point to my desired address. Like I have the current address I want to use to read the value, let's say the address is 14C9862 but as every time I run the program again this address changes. I have the pointer which writes to this address (I'm using cheat engine) and it says the pointer is equal to eax+ePSXE.exe+A82020 as for eax = 77420 and ePSXE.exe = 1718 (ignoring the zeros), so how could I write this in C++ in a way that I can get the ADDRESS every time I run the program again.

Current code:

int readTest {}       
ReadProcessMemory(handle, (LPBYTE*)ePSXe+pointer?, &readTest, sizeof(readTest), 0);
        std::cout << readTest << std::endl;

As I'm thinking now LPBYTE is a pointer to a byte so couldn't it be like (A82020*)???? I'm just going insane I don't know how to do it.

Answer 1

It looks like your target address can be calculated if you know the base address of the ePSXE.exe module.

You could get it with use of the following code:

#include <windows.h>
#include <TlHelp32.h> 

DWORD procId = 0;   // <-- Replace with real process ID
MODULEENTRY32 lpModuleEntry = {0};
HANDLE hSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, procId);
if(!hSnapShot)
{
  return NULL;
}

DWORD baseAddress = 0;
lpModuleEntry.dwSize = sizeof(lpModuleEntry);
BOOL bModule = Module32First( hSnapShot, &lpModuleEntry );
while(bModule)
{
  if(!strcmp( lpModuleEntry.szModule, "ePSXE.exe") )
  {
    CloseHandle( hSnapShot );
    baseAddress = reinterpret_cast<DWORD>(lpModuleEntry.modBaseAddr);
  }
  bModule = Module32Next( hSnapShot, &lpModuleEntry );
}
CloseHandle( hSnapShot );

Finally you need to combine static part of address with the module base address:

ReadProcessMemory(handle, reinterpret_cast<LPVOID>(baseAddress + 0xA82020), &readTest, sizeof(readTest), NULL);