Ok, this little commandline tool gets the base address for all running eqgame.exe processes. You should be able to easily pull in the bits that would be needed for MySEQ to obtain the info as well. It's really just a minor update to the normal method of getting the process handle.
Code:
// get_process_info.cpp : finds the base address of running eqgame.exe processes
//
#include "stdafx.h"
#include <windows.h>
#include <stdio.h>
#include <psapi.h>
bool AdjustPrivileges();
int _tmain(int argc, _TCHAR* argv[])
{
AdjustPrivileges();
DWORD dwBase = -1;
DWORD aProcesses[1024], cbNeeded, cProcesses;
WCHAR processName[MAX_PATH] = L"<Unknown";
if (!EnumProcesses( aProcesses, sizeof(aProcesses), &cbNeeded ))
return 0;
cProcesses = cbNeeded / sizeof(DWORD);
for (unsigned int i= 0; i < cProcesses; i++) {
HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION |
PROCESS_VM_READ,
FALSE,
aProcesses[i] );
if (NULL != hProcess ) {
HMODULE hMod;
DWORD cbNeeded;
if (EnumProcessModules( hProcess, &hMod, sizeof(hMod), &cbNeeded)) {
GetModuleBaseName( hProcess, hMod, processName, sizeof(processName)/sizeof(WCHAR));
if (lstrcmp(processName, L"eqgame.exe") == 0) {
wprintf(L"Process: %s (PID: %u) dwBase = 0x%X\n", processName, aProcesses[i], (DWORD)hMod);
}
}
}
}
return 0;
}
bool AdjustPrivileges() {
HANDLE hToken;
TOKEN_PRIVILEGES tp;
TOKEN_PRIVILEGES oldtp;
DWORD dwSize = sizeof(TOKEN_PRIVILEGES);
LUID luid;
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
{
if (GetLastError() == ERROR_CALL_NOT_IMPLEMENTED)
return true;
printf("OpenProcessToken() failed.");
return false;
}
if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &luid))
{
printf("LookupPrivilege() failed.");
CloseHandle(hToken);
return false;
}
ZeroMemory(&tp, sizeof(tp));
tp.PrivilegeCount = 1;
tp.Privileges[0].Luid = luid;
tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
/* Adjust Token Privileges */
if (!AdjustTokenPrivileges (hToken, FALSE, &tp, sizeof(TOKEN_PRIVILEGES), &oldtp, &dwSize))
{
printf("AdjustTokenPrivileges() failed.");
CloseHandle(hToken);
return false;
}
return true;
}
So once you find the base address, to calculate your offsets you simply do:
newOffset = eqgame.exe + (IDAOffset - 0x400000)
For example, pTarget:
currentpTarget = eqgame.exe + 0x944778 # (0xD44778-0x400000)
So if you want to make it easy, you can keep the config files using the IDA offsets like they do now, and just find the eqgame.exe base and do the math (including subtracting 0x400000) in the MySEQ code.