|
You last visited: Today at 11:04
Advertisement
CE Pointer scan to AutoIt
Discussion on CE Pointer scan to AutoIt within the AutoIt forum part of the Coders Den category.
05/18/2015, 04:49
|
#1
|
elite*gold: 0
Join Date: Mar 2009
Posts: 9
Received Thanks: 1
|
CE Pointer scan to AutoIt
I'm trying to read a pointer address. How do i transfer the pointer scan information to the code? I tried to use one of the results like this. Am I transfering the StaticOffset and CurHPOffset information correctly?
Code:
$ID=_MemoryOpen(ProcessExists("Rag2.exe"))
Global $CurHPOffset[3] = [0x7C, 0xB0, 0xB0]
$StaticOffset = 0x013F0C90
$openmem = _MemoryOpen($ID)
$baseADDR = _MemoryGetBaseAddress($openmem, 1)
$finalADDR = "0x" & Hex($baseADDR + $StaticOffset)
$HPread = _MemoryPointerRead($finalADDR, $openmem, $CurHPOffset, "char[10]")
_MemoryClose($openmem)
MsgBox(0, "Info", $HPread[1])
|
|
|
05/18/2015, 08:10
|
#2
|
elite*gold: 60
Join Date: Aug 2009
Posts: 2,256
Received Thanks: 815
|
The first element in the offset array is always zero if you're using _MemoryPointerRead. The rest looks fine, you might need elevated rights for these commands so add #RequireAdmin.
|
|
|
05/18/2015, 18:18
|
#3
|
elite*gold: 0
Join Date: Mar 2009
Posts: 9
Received Thanks: 1
|
Is there any difference if i search for level 3 offset or level 5?
|
|
|
05/18/2015, 19:37
|
#4
|
elite*gold: 60
Join Date: Aug 2009
Posts: 2,256
Received Thanks: 815
|
Just add the new offsets to the array and it should work fine. There's no difference in multilevel pointers than the amount of different offsets.
|
|
|
05/18/2015, 23:00
|
#5
|
elite*gold: 0
Join Date: Mar 2009
Posts: 9
Received Thanks: 1
|
I'm having trouble with the offset array. _MemoryPointerRead is returning 0 and @error gives me 1 (which means $CurHPOffsetis not an array)
I changed:
Code:
$CurHPOffset[4] = [0, 0x7C, 0xB0, 0xB0]
to
Code:
$CurHPOffset[4] = [Null, Dec("7C"), Dec("B0"), Dec("B0")]
because the function definition tells me to use Null in the first index of the array, but nothing really changed. Am i doing something wrong? This is the relevant code:
Code:
$ApplicationID=ProcessExists("Rag2.exe")
Global $CurHPOffset[4] = [Null, Dec("7C"), Dec("B0"), Dec("B0")]
$StaticOffset = 0x013F0C90
$OpenMem = _MemoryOpen($ApplicationID)
$BaseADDR = _MemoryGetBaseAddress($OpenMem, 1)
$FinalADDR = "0x" & Hex($BaseADDR + $StaticOffset)
Global $HPRead = _MemoryPointerRead($FinalADDR, $OpenMem, $CurHPOffset)
_MemoryClose($OpenMem)
If @error Then MsgBox(0,"TEST READ","ERROR: " & @error,0,"")
|
|
|
05/18/2015, 23:09
|
#6
|
elite*gold: 60
Join Date: Aug 2009
Posts: 2,256
Received Thanks: 815
|
The function definition tells you to set the value to 0 not Null. Also you don't have to use Dec("7C"), 0x7C will do just fine.
|
|
|
05/18/2015, 23:46
|
#7
|
elite*gold: 0
Join Date: Mar 2009
Posts: 9
Received Thanks: 1
|
Okay.. the function is now returning an address. The new problem is: it's not the right address. Tried like 4 base address and offset combinations and they all return a different address.
What should i do or how can i debug this problem? I've just scanned again for these pointers and got exactly the same table. The pointers seem to be right.
|
|
|
05/19/2015, 00:16
|
#8
|
elite*gold: 60
Join Date: Aug 2009
Posts: 2,256
Received Thanks: 815
|
Reverse the order of the offsets, go like 0, 0xB0, 0xB0, 0x7C. Maybe that was the mistake.
|
|
|
05/19/2015, 00:25
|
#9
|
elite*gold: 0
Join Date: Mar 2009
Posts: 9
Received Thanks: 1
|
Quote:
Originally Posted by alpines
Reverse the order of the offsets, go like 0, 0xB0, 0xB0, 0x7C. Maybe that was the mistake.
|
Reversing the order of the offsets gave the same address actually...
|
|
|
05/19/2015, 00:27
|
#10
|
elite*gold: 60
Join Date: Aug 2009
Posts: 2,256
Received Thanks: 815
|
Are you sure that the ModuleBaseAddress is returned properly?
|
|
|
05/19/2015, 00:33
|
#11
|
elite*gold: 0
Join Date: Mar 2009
Posts: 9
Received Thanks: 1
|
Quote:
Originally Posted by alpines
Are you sure that the ModuleBaseAddress is returned properly?
|
Uh? I think im not using that, but _MemoryGetBaseAddress
This is the current code:
Code:
$ApplicationID=ProcessExists("Rag2.exe")
Global $CurHPOffset[3] = [0, 0xB0, 0x184]
$StaticOffset = 0x013F51BC
$OpenMem = _MemoryOpen($ApplicationID)
$BaseADDR = _MemoryGetBaseAddress($OpenMem, 1)
$FinalADDR = "0x" & Hex($BaseADDR + $StaticOffset)
Global $HPRead = _MemoryPointerRead($FinalADDR, $OpenMem, $CurHPOffset, "char[10]")
$Read=StringRight ( $HPRead[0], 8); Only uses last 8 digits of string "Removes uneeded 0's"
MsgBox(0,"TEST READ","Pointer Read: " & $Read,-1,"")
$HPValue = _MemoryRead($Read, $OpenMem)
MsgBox(0,"TEST READ","HP Read: " & $HPValue,-1,"")
_MemoryClose($OpenMem)
|
|
|
05/19/2015, 10:18
|
#12
|
elite*gold: 60
Join Date: Aug 2009
Posts: 2,256
Received Thanks: 815
|
Did you try to run your script with elevated privileges such as #RequireAdmin?
|
|
|
05/19/2015, 15:39
|
#13
|
elite*gold: 0
Join Date: Mar 2009
Posts: 9
Received Thanks: 1
|
Quote:
Originally Posted by alpines
Did you try to run your script with elevated privileges such as #RequireAdmin?
|
Yes, it's running with #RequireAdmin
The full script:
EDIT1: I just found out:
1- ProcessExists("Rag2.exe") returns the right PID (checked in Task Manager)
2- _MemoryOpen is returning an empty string/array? It doesn't seem to be an error because there's no @error.
3- Because of that, _MemoryGetBaseAddress returns 0.
Any ideas?
EDIT2: _MemoryOpen also returns empty when opening notepad.exe
|
|
|
Similar Threads
|
Pointer Scan geht net?
07/05/2010 - General Coding - 3 Replies
Ich habe versucht von einem Programm den Pointer zu finden aber bis hier hin geht ja noch alles:http://www.elitepvpers.com/forum/attachment.p hp?attachmentid=53758&stc=1&d=1278343862 dann muss ich doch die edx in das suchfeld eingeben und dann sollte ein Grüner Value komme kommt aber nicht was soll ich tuhen ?
|
All times are GMT +2. The time now is 11:04.
|
|