let's say your address is nfsw.exe+AA14 and your process is nfsw.exe. That means you need to add 0xAA14 to the base address of the nfsw.exe module which runs under the nfsw.exe process. then you just pass it to the $iv_Address parameter..
Code:
$addr = _MemoryModuleGetBaseAddress(ProcessExists("nfsw.exe"), "nfsw.exe") + 0xAA14
;or you can use the function from the _ProcessListFunctions
;~ $base = StringTrimLeft(_ProcessGetModulemBaseAddress(ProcessExists("nfsw.exe"), "nfsw.exe"), 2) ;removes the 0x at the start
;~ $addr = Dec($base) + Dec("AA14")
;MemoryWrite($addr, *), MemoryRead($addr, *) etc..
Edit: just tell me your address/pointer and I'll give you an example.
Sorry for the late reply. Had school and extra classes.
The client which I wanna hack is ac_client.exe
The address is : 02CA8F90. Offset is : 378.
The second one is : 004DF73C. Offset = F4.
#RequireAdmin
#include <NomadMemory.au3>
Func _MemoryModuleGetBaseAddress($iPID, $sModule)
If Not ProcessExists($iPID) Then Return SetError(1, 0, 0)
If Not IsString($sModule) Then Return SetError(2, 0, 0)
Local $PSAPI = DllOpen("psapi.dll")
;Get Process Handle
Local $hProcess
Local $PERMISSION = BitOR(0x0002, 0x0400, 0x0008, 0x0010, 0x0020) ; CREATE_THREAD, QUERY_INFORMATION, VM_OPERATION, VM_READ, VM_WRITE
If $iPID > 0 Then
Local $hProcess = DllCall("kernel32.dll", "ptr", "OpenProcess", "dword", $PERMISSION, "int", 0, "dword", $iPID)
If $hProcess[0] Then
$hProcess = $hProcess[0]
EndIf
EndIf
;EnumProcessModules
Local $Modules = DllStructCreate("ptr[1024]")
Local $aCall = DllCall($PSAPI, "int", "EnumProcessModules", "ptr", $hProcess, "ptr", DllStructGetPtr($Modules), "dword", DllStructGetSize($Modules), "dword*", 0)
If $aCall[4] > 0 Then
Local $iModnum = $aCall[4] / 4
Local $aTemp
For $i = 1 To $iModnum
$aTemp = DllCall($PSAPI, "dword", "GetModuleBaseNameW", "ptr", $hProcess, "ptr", Ptr(DllStructGetData($Modules, 1, $i)), "wstr", "", "dword", 260)
If $aTemp[3] = $sModule Then
DllClose($PSAPI)
Return Ptr(DllStructGetData($Modules, 1, $i))
EndIf
Next
EndIf
DllClose($PSAPI)
Return SetError(-1, 0, 0)
EndFunc
$proc = ProcessExists("ac_client.exe")
$access = _MemoryOpen($proc)
$addr = _MemoryModuleGetBaseAddress($proc, "ac_client.exe") + 0x2CA8F90
$addr = _MemoryRead($addr, $access) + 0x378
;~ if you found the pointer with CE Pointer Scan, there is a high chance this is a decimal.. but I used it as hex
;~ if it is decimal, use 0x17A
$result = _MemoryRead($addr, $access)
ConsoleWrite("Address: " & Hex($addr, 8) & @CRLF & "Result: " & $result & @CRLF)
_MemoryClose($access)
;~ to write to the pointer just use _MemoryWrite($addr, *) after the pointer is read
I think you are making things harder than they truly are, berkay.
Why don't you simply do a MemWrite at the specified adress ? If he only wants to write to an adress he found with CE, there is no need for all of this BaseAdress stuff.
(You "only" need the base address if you're using the memory viewer)
I think you are making things harder than they truly are, berkay.
Why don't you simply do a MemWrite at the specified adress ? If he only wants to write to an adress he found with CE, there is no need for all of this BaseAdress stuff.
(You "only" need the base address if you're using the memory viewer)
Maybe because they are static addresses and for them to work you need to add the given offset to the base address in order to find *the* address. He didn't mention them just being an address so I thought they were static. So I think I know my fcking way around.
And the thing you wrote, "memory viewer" thing, yea that's the stupidest thing I have ever seen/heard.
Maybe because they are static addresses and for them to work you need to add the given offset to the base address in order to find *the* address. He didn't mention them just being an address so I thought they were static. So I think I know my fcking way around.
And the thing you wrote, "memory viewer" thing, yea that's the stupidest thing I have ever seen/heard.
They are static addresses.
Plus, I followed up your post but it ain't working, i used both the decimal and hex one and still no.
#RequireAdmin
#include <NomadMemory.au3>
Func _MemoryModuleGetBaseAddress($iPID, $sModule)
If Not ProcessExists($iPID) Then Return SetError(1, 0, 0)
If Not IsString($sModule) Then Return SetError(2, 0, 0)
Local $PSAPI = DllOpen("psapi.dll")
;Get Process Handle
Local $hProcess
Local $PERMISSION = BitOR(0x0002, 0x0400, 0x0008, 0x0010, 0x0020) ; CREATE_THREAD, QUERY_INFORMATION, VM_OPERATION, VM_READ, VM_WRITE
If $iPID > 0 Then
Local $hProcess = DllCall("kernel32.dll", "ptr", "OpenProcess", "dword", $PERMISSION, "int", 0, "dword", $iPID)
If $hProcess[0] Then
$hProcess = $hProcess[0]
EndIf
EndIf
;EnumProcessModules
Local $Modules = DllStructCreate("ptr[1024]")
Local $aCall = DllCall($PSAPI, "int", "EnumProcessModules", "ptr", $hProcess, "ptr", DllStructGetPtr($Modules), "dword", DllStructGetSize($Modules), "dword*", 0)
If $aCall[4] > 0 Then
Local $iModnum = $aCall[4] / 4
Local $aTemp
For $i = 1 To $iModnum
$aTemp = DllCall($PSAPI, "dword", "GetModuleBaseNameW", "ptr", $hProcess, "ptr", Ptr(DllStructGetData($Modules, 1, $i)), "wstr", "", "dword", 260)
If $aTemp[3] = $sModule Then
DllClose($PSAPI)
Return Ptr(DllStructGetData($Modules, 1, $i))
EndIf
Next
EndIf
DllClose($PSAPI)
Return SetError(-1, 0, 0)
EndFunc
$proc = ProcessExists("ac_client.exe")
$access = _MemoryOpen($proc)
$addr = _MemoryModuleGetBaseAddress($proc, "ac_client.exe") + 0x2CA8F90
$addr = _MemoryRead($addr, $access) + 0x17A
;~ if you found the pointer with CE Pointer Scan, there is a high chance this is a decimal.. but I used it as hex
;~ if it is decimal, use 0x17A
$result = _MemoryRead($addr, $access)
ConsoleWrite("Address: " & Hex($addr, 8) & @CRLF & "Result: " & $result & @CRLF)
_MemoryWrite($addr,$proc,'5000','ptr')
;~ to write to the pointer just use _MemoryWrite($addr, *) after the pointer is read
The result is 0 and the address seems too off, it is 0000017A
Well, nevermind, Berkay2578.
You're gonna get irritated by a single person. It is better just to request a close on this topic.
Thanks for all your help.
#RequestClose.
You are using the memorypointerwrite wrongly.. not even going to mention that you are trying to write 5000(ptr?) to a process' pid. and you forgot to get the base address, add the offset(in this case 2CA8F90) and then write to it.
basic concepts 05/04/2013 - CO2 PServer Guides & Releases - 4 Replies i don't really think if i should post this to define some basic concepts AS i think even after that people will still ask dumb questions but ill do it anyway
im so open minded , if you want to rephrase anything , add or remove sentences please commend with what you want to edit for better understanding for others
GM/PM commands : a gm/pm commands or commands in general are just a chat packet with special char (most common @) at the very first that process some data to the source to take...
[News] Neue APB Concepts 03/28/2012 - All Points Bulletin - 2 Replies (auf spoiler klicken und thx nich vergessen ;))
http://www.abload.de/img/menu_loginscreen90kxh.jp g
http://www.abload.de/img/ui3wqk45.jpg
http://www.abload.de/img/map1cjjvc.jpg
http://www.abload.de/img/map2uakjr.jpg
http://www.abload.de/img/ui2v5kcm.jpg
http://www.abload.de/img/ui495jut.jpg
http://www.abload.de/img/ui5qrji0.jpg
[CLEARING] 09/14/2010 - Soldier Front Hacks, Bots, Cheats & Exploits - 3 Replies Clear ko lng ung mga nag comment dun sa Thread ni kua Match*Star
about release.bat and renew.bat kung d nyo mapagana b COz default as Notepad ...
just simply open the "release.bat" then file>save as>release.cmd then save.
same operation to "renew .bat"
open first the release then renew then play,
you can play w/ wallhack without DC
