KDMemory (AutoIt 32 & 64 Bit)

alpines · 12/02/2013, 16:07

Quote:

C:\Users\xooox\Desktop\aion test memory.au3 (95) : ==> Subscript used with non-Array variable.:

It says that you try to use an index of an array which is no array.
Something like that

Code:

Local $sString = "Hello"
ConsoleWrite($sString[0])

Maybe the script couldn't read out the address.

mlukac89 · 12/02/2013, 16:10

this is from cheat engine

Code:

<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
  <CheatEntries>
    <CheatEntry>
      <ID>2</ID>
      <Description>"player name"</Description>
      <Color>80000008</Color>
      <VariableType>String</VariableType>
      <Length>50</Length>
      <Unicode>1</Unicode>
      <ZeroTerminate>1</ZeroTerminate>
      <Address>Game.dll+10A490C</Address>
    </CheatEntry>
  </CheatEntries>
</CheatTable>

and its similar for all values hp, mana, level, xp
im just have problem with this, tried with nomadMemory same thing cant get result

KDeluxe · 12/02/2013, 18:27

Learn the basics first.

Spoiler

mlukac89 · 12/02/2013, 18:58

ok ty vm work's fine now

**** idk if im stupid or what

i got problem again but this time with this + pointers
it work fine with player name because have only base address but enemy name have offsets
and i dont know where to put them

Code:

Global $eName = 0x0112C1C4 ; enemy name
Global $eNamePointer[5] = [0x0, 0x324, 0x8, 0x0, 0x270] ; enemy pointer



Func _enemyName()
	$handles = _KDMemory_OpenProcess($processId)
	$baseAddress = _KDMemory_GetModuleBaseAddress($handles, $moduleName) + $eName
	; $memoryData = _KDMemory_ReadProcessMemory($handles, $baseAddress, "WCHAR[25] (Unicode)", $eNamePointer)
	$memoryData = _KDMemory_ReadProcessString($handles, $baseAddress, 0, 1)
	If Not @error Then
		If GUICtrlRead($enemyName) <> $memoryData[1] Then GUICtrlSetData($enemyName, $memoryData[1])
	EndIf
	_KDMemory_CloseHandles($handles)
EndFunc

KDeluxe · 12/02/2013, 22:44

Quote:

_KDMemory_ReadProcessString( $handles, $baseAddress [, $offsets [, $unicode]] )

Use the third parameter. Download my example if you don't know how you should use it.

Logtetsch · 12/02/2013, 23:33

Quote:

Originally Posted by mlukac89

ok ty vm work's fine now

**** idk if im stupid or what i got problem again but this time with this + pointers
it work fine with player name because have only base address but enemy name have offsets
and i dont know where to put them

Quote:

Originally Posted by KDeluxe

Learn the basics first.

Wieso will das niemand richtig wahrnehmen ;<

BitOfHope · 12/05/2013, 09:33

I was actually looking through your 2 examples last night before I fell asleep, but it was a little confusing for me. I'm going to take another look at it later today after work, but would it be possible for you to add more ;notes explaining what some of the lines do? I felt a little lost.

landa123 · 04/18/2014, 10:56

Const $processName = "left4dead2.exe", $moduleName = "engine.dll"
Const $baseOffset = 0x66E6D8
Const $offsets[1] = [0]

---------sv_cheats in MP AN ,-)

FUNZT.
thx an den author

fear-x · 05/13/2014, 17:35

i have a problem too !

_KDMemory_GetModuleBaseAddress returns the correct address but the rest memory read after this gives wrong addres... ?

Quote:

;~ #AutoIt3Wrapper_UseX64=n ; 32 Bit application
#AutoIt3Wrapper_UseX64=y ; 64 Bit application

#RequireAdmin
#include "KDMemory.au3"

; Cheat Engine (x64) Tutorial Step 6: Pointers: (PW=098712)
Const $processName = "Aion.bin", $moduleName = "Game.dll"
Const $baseOffset = 0x00DB61F0
Const $offsets[3] = [0x0, 0x368, 0x13cc]

$processId = ProcessExists($processName)
If $processId == 0 Then
MsgBox(48, "Error", "'" & $processName & "' is not running!")
Else
$handles = _KDMemory_OpenProcess($processId)
If @error Then
MsgBox(48, "Error", "Can't open '" & $processName & "'!" & @CRLF & "@error: " & @error)
Else
$baseAddress = _KDMemory_GetModuleBaseAddress($handles, $moduleName) + $baseOffset
;~ MsgBox(0, "", $baseAddress);correct return
If @error Then
MsgBox(48, "Error", "Can't get ModuleBaseAddress ('" & $moduleName & "')!" & @CRLF & "@error: " & @error & ", @extended: " & @extended)
Else
$memoryData = _KDMemory_ReadProcessMemory($handles, $baseAddress, "BYTE", $offsets)
;~ $memoryData = _KDMemory_ReadProcessString($handles, $baseAddress, $offsets, "WCHAR[100]")
If @error Then
MsgBox(48, "Error", "Can't read memory!" & @CRLF & "@error: " & @error & ", @extended: " & @extended)
Else
MsgBox(64, "Info", "Address: " & $memoryData[0] & @CRLF & "Value: " & $memoryData[1])
EndIf
EndIf
_KDMemory_CloseHandles($handles)
EndIf
EndIf

KDeluxe · 05/18/2014, 00:02

Spoiler

Quote:

Originally Posted by fear-x

i have a problem too !

_KDMemory_GetModuleBaseAddress returns the correct address but the rest memory read after this gives wrong addres... ?

Quote:

;~ #AutoIt3Wrapper_UseX64=n ; 32 Bit application
#AutoIt3Wrapper_UseX64=y ; 64 Bit application

#RequireAdmin
#include "KDMemory.au3"

; Cheat Engine (x64) Tutorial Step 6: Pointers: (PW=098712)
Const $processName = "Aion.bin", $moduleName = "Game.dll"
Const $baseOffset = 0x00DB61F0
Const $offsets[3] = [0x0, 0x368, 0x13cc]

$processId = ProcessExists($processName)
If $processId == 0 Then
MsgBox(48, "Error", "'" & $processName & "' is not running!")
Else
$handles = _KDMemory_OpenProcess($processId)
If @error Then
MsgBox(48, "Error", "Can't open '" & $processName & "'!" & @CRLF & "@error: " & @error)
Else
$baseAddress = _KDMemory_GetModuleBaseAddress($handles, $moduleName) + $baseOffset
;~ MsgBox(0, "", $baseAddress);correct return
If @error Then
MsgBox(48, "Error", "Can't get ModuleBaseAddress ('" & $moduleName & "')!" & @CRLF & "@error: " & @error & ", @extended: " & @extended)
Else
$memoryData = _KDMemory_ReadProcessMemory($handles, $baseAddress, "BYTE", $offsets)
;~ $memoryData = _KDMemory_ReadProcessString($handles, $baseAddress, $offsets, "WCHAR[100]")
If @error Then
MsgBox(48, "Error", "Can't read memory!" & @CRLF & "@error: " & @error & ", @extended: " & @extended)
Else
MsgBox(64, "Info", "Address: " & $memoryData[0] & @CRLF & "Value: " & $memoryData[1])
EndIf
EndIf
_KDMemory_CloseHandles($handles)
EndIf
EndIf

The reason why the pointer address is wrong is because my UDF doesn't need the useless (and annoying) zero-offset. Instead of using two offsets you're using three offsets.

Code:

$memoryData = _KDMemory_ReadProcessMemory($handles, $baseAddress, "BYTE", $offsets)

This line would read a single byte (one non-Unicode char) instead of a complete string.

Code:

;~ $memoryData = _KDMemory_ReadProcessString($handles, $baseAddress, $offsets, "WCHAR[100]")

This line can't work. The fourth parameter ($unicode) can be either 0 or 1. It determines if the string is a Unicode string or not. It should be 1 in your case. This function will read the complete string, you don't have to make the decision how long the string could be.
It would also be correct if you replace the function with _KDMemory_ReadProcessMemory(), but I recommend to use the _KDMemory_ReadProcessString() function.

kellerkind123456 · 06/16/2014, 14:41

I´d like to change _MemoryRead and _MemoryScan with _KDMemory_ReadProcessMemory and _KDMemory_FindAddress.

Original source:

Code:

$pid = ProcessExists("Gw2.exe")
$handle= _MemoryOpen($pid)
$baseAddr = _MemoryModuleGetBaseAddress($pid, "Gw2.exe")
$finaladdr = _MemoryRead(_MemoryScan($handle, "FF 50 1C 85 C0 74 1B") - 4, $handle, "dword") + 0x67

Changed source:

Code:

$pid = ProcessExists("Gw2.exe")
$handle= _KDMemory_OpenProcess($pid)
$baseAddr = _KDMemory_GetModuleBaseAddress($handle, "Gw2.exe")
$finaladdr = _KDMemory_ReadProcessMemory(_KDMemory_FindAddress ($handle, "FF 50 1C 85 C0 74 1B", $startAddress, $endAddress, $getAll) - 4, $handle, "dword") + 0x67

My problems are $startAddress, $endAddress, ByRef $errors [, $getAll]
Could you give me an example how to use _KDMemory_FindAddress?

KDeluxe · 06/16/2014, 21:51

Spoiler

Do you have any idea what you're doing?

kellerkind123456 · 06/17/2014, 08:24

The original was from another forum to determine the Lootadresse.
With the help of your KDMemory I have now found another way and get the Lootpointer directly.
I had not found any example for the use of _KDMemory_FindAddress.

Thank you.

berkay2578 · 06/23/2014, 16:01

Quote:

Originally Posted by kellerkind123456

The original was from another forum to determine the Lootadresse.
With the help of your KDMemory I have now found another way and get the Lootpointer directly.
I had not found any example for the use of _KDMemory_FindAddress.

Thank you.

I was looking around this forum and saw your post a week later lol. Why not try this, uses string functions to scan for an AOB. Much much faster, just don't use unknown bytes.

Code:

#include <NomadMemory.au3>

$MemOpen = _MemoryOpen(ProcessExists("Gw2.exe"))
$aob = _AOBScan($MemOpen, "FF 50 1C 85 C0 74 1B")
_MemoryClose($MemOpen)
MsgBox(0, "", $aob)

Func _AOBScan($handle, $sig)
	$sig = StringRegExpReplace($sig, "[^0123456789ABCDEFabcdef.]", "")
	$start_addr = 0x00400000
	$end_Addr = 0x0FFFFFFF
	For $addr = $start_addr To $end_Addr Step 51200 - (StringLen($sig) / 2)
		StringRegExp(_MemoryRead($addr, $handle, "byte[51200]"), $sig, 1, 2)
		If Not @error Then
			Return StringFormat("0x%.8X", $addr + ((@extended - StringLen($sig) - 2) / 2))
		EndIf
	Next
	Return 0
EndFunc   ;==>_AOBScan

Chemist.Service · 07/06/2014, 04:00

Hey,

erstmal möchte ich mich für deine UDF bedanken, allerdings hab ich ein kleineres Problem.

Wenn ich mein Programm in 64-Bit starte wird die richtige BaseAddress herausgefunden, allerdings kann ich keine Addressen auslesen und den richtigen Wert finden. Hier der Code und Screenshots:

Spoiler

Wenn ich das Programm im 32-Bit Modus starte finde ich nicht die richtige / keine BaseAddress und dementsprechend kann ich auch keine Addressen finden. Hier der gleiche Code auf 32Bit umgestellt und die Screenshots:

Spoiler

Wär echt gut wenn irgendjemand ne Lösung für mein Problem hat!

Edit: Wichtige Frage, funktioniert das überhaupt wenn ich den StaticCast (0x025BDB80) zu den Offsets hinzufüge. Im Grunde wird diese Adresse ja genau wie die andere auch auf die BaseAddress addiert....