search

Andoryuuta / kiwi

A package for memory editing in go.
MIT License
38 stars 7 forks source link

Getting error `Module32First: %!w(<nil>)` when calling `GetModuleBase` #13

Open finicu212 opened 1 year ago

finicu212 commented 1 year ago

Hi, here is the small code I'm trying to run, on Windows 11 (tried as Administrator too)

package main

import (
    "github.com/Andoryuuta/kiwi"
    "log"
)

func addOffsets(proc kiwi.Process, addr uintptr, ofs ...uintptr) (uintptr, error) {
    for _, o := range ofs {
        var nextAddr uintptr
        nextAddrUint64, err := proc.ReadUint64(addr + o)
        nextAddr = uintptr(nextAddrUint64)
        if err != nil {
            return 0, err
        }
        addr = nextAddr
    }
    return addr, nil
}

const (
    OffsetWaterCtrl = uintptr(0xC18)
)

var (
    offsetsToPlayerStruct = []uintptr{0x48, 0x1A8, 0x430, 0x40, 0x280, 0x320, 0x578, 0x118}
)

func main() {
    // Get a handle to the process.
    proc, err := kiwi.GetProcessByFileName("atg-steam-engine-demo.exe")
    if err != nil {
        panic(err)
    }

    log.Println(proc.PID)

    // Base pointer = "atg-steam-engine-demo.exe"+00097A90
    base, err := proc.GetModuleBase("atg-steam-engine-demo.exe")
    if err != nil {
        panic(err)
    }

    base += 0x00097A90 // Add the base offset.

    finalAddr, err := addOffsets(proc, base, offsetsToPlayerStruct...)
    if err != nil {
        panic(err)
    }

    finalAddr += OffsetWaterCtrl // Add the final offset without reading it.

    w, err := proc.ReadFloat64(finalAddr)
    if err != nil {
        panic(err)
    }

    log.Printf("Got base: %f\n", w)
}

Here is the output:

(today's-date) 21856
panic: Module32First: %!w(<nil>)

goroutine 1 [running]:
main.main()
        C:/.../main.go:41 +0x194

I took a look "under the hood" and this is the line which returns the error:

func (p *Process) GetModuleBase(moduleName string) (uintptr, error) {
...
    if !w32.Module32First(snap, &me32) {
        return 0, fmt.Errorf("Module32First: %w", windows.GetLastError())
    }
...
}

Any idea what could cause this? windows.GetLastError() is nil.

Andoryuuta commented 1 year ago

Hello!

To be completely honest, I added that 7 years ago and I don't know if it was ever tested.

Are the target process (atg-steam-engine-demo.exe) and the Go binary with Kiwi the same bitness (32-bit or 64-bit)?