How do I get the base address of another process? (ASLR)

Question

I need to get the base address address of a .exe which has a random base address everytime its started. I've tried this, but it doesn't seem to work:

int Base = (DWORD)GetModuleHandle("Test.exe");

What is wrong?

Answer 1

I need to get the base address/entry point address of a .exe which has a random base address everytime its started. The program uses ASLR.

...

I will use it to edit certain chunks of memory inside the correct process

In order to write data into another process, you need to use WriteProcessMemory(), which requires you to open a HANDLE to the process being written to.

You get that HANDLE using OpenProcess(), requesting PROCESS_VM_OPERATION and PROCESS_VM_WRITE permissions. OpenProcess() takes a process ID as input, which you can get from:

• CreateToolhelp32Snapshot()/Process32First()/Process32Next()
• EnumProcesses().
• WTSEnumerateProcesses()

See Process Enumeration and Enumerating All Processes.

At no point do you need to determine the base address of the process that is being written to. Let the system keep track of that information for you. All you need is the open HANDLE to the process.

Answer 2

It seems you are trying to get another process's base address. Sadly, GetModuleHandle only works for modules in current process. To achieve your goal, you need to use PSAPIs or CreateToolhelp32Snapshot to extract the module list of another process. And base address is in the list.