Hier mal für Solitaire.
Code:
#include <NomadMemory.au3>
#AutoIt3Wrapper_UseX64=y
#RequireAdmin
#include <Array.au3>
$iPID = ProcessExists("solitaire.exe")
Local $aOffsets[3] = [0, 0x50, 0x14]
$hOpen = _MemoryOpen($iPID)
$sBase = _MemoryModuleGetBaseAddress($iPID, "solitaire.exe")
$a = _MemoryPointerRead($sBase + 0xBAFA8, $hOpen, $aOffsets)
_ArrayDisplay($a)
_MemoryClose($hOpen)
Func _MemoryModuleGetBaseAddress($iPID, $sModule)
If Not ProcessExists($iPID) Then Return SetError(1, 0, 0)
If Not IsString($sModule) Then Return SetError(2, 0, 0)
Local $PSAPI = DllOpen("psapi.dll")
;Get Process Handle
Local $hProcess
Local $PERMISSION = BitOR(0x0002, 0x0400, 0x0008, 0x0010, 0x0020) ; CREATE_THREAD, QUERY_INFORMATION, VM_OPERATION, VM_READ, VM_WRITE
If $iPID > 0 Then
Local $hProcess = DllCall("kernel32.dll", "ptr", "OpenProcess", "dword", $PERMISSION, "int", 0, "dword", $iPID)
If $hProcess[0] Then
$hProcess = $hProcess[0]
EndIf
EndIf
;EnumProcessModules
Local $Modules = DllStructCreate("ptr[1024]")
Local $aCall = DllCall($PSAPI, "int", "EnumProcessModules", "ptr", $hProcess, "ptr", DllStructGetPtr($Modules), "dword", DllStructGetSize($Modules), "dword*", 0)
If $aCall[4] > 0 Then
Local $iModnum = $aCall[4] / 4
Local $aTemp
For $i = 1 To $iModnum
$aTemp = DllCall($PSAPI, "dword", "GetModuleBaseNameW", "ptr", $hProcess, "ptr", Ptr(DllStructGetData($Modules, 1, $i)), "wstr", "", "dword", 260)
If $aTemp[3] = $sModule Then
DllClose($PSAPI)
Return Ptr(DllStructGetData($Modules, 1, $i))
EndIf
Next
EndIf
DllClose($PSAPI)
Return SetError(-1, 0, 0)
EndFunc
;=================================================================================================
; Function: _MemoryPointerRead ($iv_Address, $ah_Handle, $av_Offset[, $sv_Type])
; Description: Reads a chain of pointers and returns an array containing the destination
; address and the data at the address.
; Parameter(s): $iv_Address - The static memory address you want to start at. It must be in
; hex format (0x00000000).
; $ah_Handle - An array containing the Dll handle and the handle of the open
; process as returned by _MemoryOpen().
; $av_Offset - An array of offsets for the pointers. Each pointer must have an
; offset. If there is no offset for a pointer, enter 0 for that
; array dimension.
; $sv_Type - (optional) The "Type" of data you intend to read at the destination
; address. This is set to 'dword'(32bit(4byte) signed integer) by
; default. See the help file for DllStructCreate for all types.
; Requirement(s): The $ah_Handle returned from _MemoryOpen.
; Return Value(s): On Success - Returns an array containing the destination address and the value
; located at the address.
; On Failure - Returns 0
; @Error - 0 = No error.
; 1 = $av_Offset is not an array.
; 2 = Invalid $ah_Handle.
; 3 = $sv_Type is not a string.
; 4 = $sv_Type is an unknown data type.
; 5 = Failed to allocate the memory needed for the DllStructure.
; 6 = Error allocating memory for $sv_Type.
; 7 = Failed to read from the specified process.
; Author(s): Nomad
; Note(s): Values returned are in Decimal format, unless a 'char' type is selected.
; Set $av_Offset like this:
; $av_Offset[0] = NULL (not used)
; $av_Offset[1] = Offset for pointer 1 (all offsets must be in Decimal)
; $av_Offset[2] = Offset for pointer 2
; etc...
; (The number of array dimensions determines the number of pointers)
;=================================================================================================
Func _MemoryPointerRead($iv_Address, $ah_Handle, $av_Offset, $sv_Type = 'dword')
If IsArray($av_Offset) Then
If IsArray($ah_Handle) Then
Local $iv_PointerCount = UBound($av_Offset) - 1
Else
SetError(2)
Return 0
EndIf
Else
SetError(1)
Return 0
EndIf
Local $iv_Data[2], $i
Local $v_Buffer = DllStructCreate('dword')
For $i = 0 To $iv_PointerCount
If $i = $iv_PointerCount Then
$v_Buffer = DllStructCreate($sv_Type)
If @error Then
SetError(@error + 2)
Return 0
EndIf
$iv_Address = '0x' & Hex($iv_Data[1] + $av_Offset[$i])
DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
If @error Then
SetError(7)
Return 0
EndIf
$iv_Data[1] = DllStructGetData($v_Buffer, 1)
ElseIf $i = 0 Then
DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
If @error Then
SetError(7)
Return 0
EndIf
$iv_Data[1] = DllStructGetData($v_Buffer, 1)
Else
$iv_Address = '0x' & Hex($iv_Data[1] + $av_Offset[$i])
DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
If @error Then
SetError(7)
Return 0
EndIf
$iv_Data[1] = DllStructGetData($v_Buffer, 1)
EndIf
Next
$iv_Data[0] = $iv_Address
Return $iv_Data
EndFunc ;==>_MemoryPointerRead