Incorporating base memory addresses in C++

Question

The base address I found for a memory location in an application was in the syntax "application_name.exe" + 0007856 (<- or any other number, this is just an example). My question is, how would I find the address for "application_name.exe" in C++? I'm not sure but this was the method I used:

HANDLE proc_handle = OpenProcess(//parameters go here to open the process);
void * base_add = (void*)proc_handle;    //to store the address of the process

If that method is correct, the first question I asked on how to get the application's address is answered which leads me to my second question: since the base address for the specific memory location was "application_name.exe" + 0007856, can I just do this?:

DWORD specific_memory_base_add = (DWORD)base_add + 0x0007856

Can I use the address I found from "application_name.exe" and add it to 0x0007856 using +? I've tried it and it didn't seem to work. If that is not correct, what is the correct method?

Answer 1

Retrieving the base address of a module in another process requires to enumerate the process' modules and retrieve the module names to find a match.

To enumerate the modules loaded into a process call EnumProcessModules. Once you have the list of modules call GetModuleBaseName for each module to find the one you are looking for (application_name.exe). The HMODULE for this module is a pointer (in the target process' address space) to the beginning of the module, it's base address. You can use this to add your offset.

Answer 2

Assuming you're talking about Windows (should you have tagged winapi?) you can get the base address of a loaded module with GetModuleHandle(). A module doesn't have a base address until it is loaded (although the linker can specify a preferred base address, the loader doesn't have to use/respect this).