|
You last visited: Today at 16:50
Advertisement
Help with reading memory with offsets from game
Discussion on Help with reading memory with offsets from game within the AutoIt forum part of the Coders Den category.
11/18/2013, 19:37
|
#1
|
elite*gold: 0 
Join Date: Sep 2010
Posts: 473
Received Thanks: 104
|
Help with reading memory with offsets from game
As title say
I have next problem, i have base pointer + adress for solitaire on windows xp 32 bit
but when i enter it in script it returns me 0, but when i start computer and reload cheat engine it shows exact values from game
here is code
Code:
#include <ButtonConstants.au3>
#include <GUIConstantsEx.au3>
#include <StaticConstants.au3>
#include <WindowsConstants.au3>
#include <NomadMemory.au3>
$GUI = GUICreate("Test memory", 230, 57, 344, 300)
$score = GUICtrlCreateLabel("Curent score : ", 10, 6, 70, 17)
$displayScore = GUICtrlCreateLabel("", 80, 6, 98, 17)
$gameRunning = GUICtrlCreateLabel("", 8, 30, 134, 17)
GUISetState(@SW_SHOW)
$PID = ProcessExists("sol.exe")
$address = 0x000A9510 ; adress for score
Dim $offset[2] = [0, 0x30] ; offset
#cs
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>11</ID>
<Description>"pointerscan result"</Description>
<Color>80000008</Color>
<VariableType>4 Bytes</VariableType>
<Address>"sol.exe"+00007170</Address>
<Offsets>
<Offset>30</Offset>
</Offsets>
</CheatEntry>
</CheatEntries>
</CheatTable>
#ce
_checkprocess()
While 1
_getscore()
$nMsg = GUIGetMsg()
Switch $nMsg
Case $GUI_EVENT_CLOSE
Exit
EndSwitch
WEnd
Func _getscore()
$memOpen = _MemoryOpen($PID)
$val = _MemoryRead($address, $memOpen, 'dword') ; for this it returns me 16798882
$val2 = _MemoryPointerRead($address, $memOpen, $offset[1]) ; for this returns me 0
ConsoleWrite($val & @CRLF & $val2)
;GUICtrlSetData($displayScore, $val)
_MemoryClose($memOpen)
EndFunc
Func _checkprocess()
If $PID = 1 Then
GUICtrlSetData($gameRunning, "Game is running")
ElseIf $PID = 0 Then
GUICtrlSetData($gameRunning, "Game is not running")
EndIf
EndFunc
|
|
|
|
11/18/2013, 19:40
|
#2
|
elite*gold: 60
Join Date: Aug 2009
Posts: 2,256
Received Thanks: 815
|
Because _MemoryPointerRead returns an array where the last entry contains the value you want.
Code:
$aPointerValues = _MemoryPointerRead(...)
MsgBox(64, "", $aPointerValues[UBound($aPointerValues) - 1])
|
|
|
|
|
11/18/2013, 19:44
|
#3
|
elite*gold: 27
Join Date: Sep 2009
Posts: 5,609
Received Thanks: 1,596
|
try this
Code:
#include <ButtonConstants.au3>
#include <GUIConstantsEx.au3>
#include <StaticConstants.au3>
#include <WindowsConstants.au3>
#include <NomadMemory.au3>
$GUI = GUICreate("Test memory", 230, 57, 344, 300)
$score = GUICtrlCreateLabel("Curent score : ", 10, 6, 70, 17)
$displayScore = GUICtrlCreateLabel("", 80, 6, 98, 17)
$gameRunning = GUICtrlCreateLabel("", 8, 30, 134, 17)
GUISetState(@SW_SHOW)
$PID = ProcessExists("sol.exe")
$address = 0x000A9510 ; adress for score
Dim $offset[1] = [ 0x30] ; offset
#cs
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>11</ID>
<Description>"pointerscan result"</Description>
<Color>80000008</Color>
<VariableType>4 Bytes</VariableType>
<Address>"sol.exe"+00007170</Address>
<Offsets>
<Offset>30</Offset>
</Offsets>
</CheatEntry>
</CheatEntries>
</CheatTable>
#ce
_checkprocess()
While 1
_getscore()
$nMsg = GUIGetMsg()
Switch $nMsg
Case $GUI_EVENT_CLOSE
Exit
EndSwitch
WEnd
Func _calc_offset()
$address = 0x000A9510
$var = 0
do
$address = _MemoryRead($address, $memOpen) + $offset[$var]
$var = $var + 1
until $var = UBound($offset)
EndFunc
Func _getscore()
$memOpen = _MemoryOpen($PID)
_calc_offset()
$val = _MemoryRead($address, $memOpen, 'dword') ; for this it returns me 16798882
$val2 = _MemoryPointerRead($address, $memOpen, $offset[1]) ; for this returns me 0
ConsoleWrite($val & @CRLF & $val2)
;GUICtrlSetData($displayScore, $val)
_MemoryClose($memOpen)
EndFunc
Func _checkprocess()
If $PID = 1 Then
GUICtrlSetData($gameRunning, "Game is running")
ElseIf $PID = 0 Then
GUICtrlSetData($gameRunning, "Game is not running")
EndIf
EndFunc
|
|
|
|
|
11/18/2013, 19:45
|
#4
|
elite*gold: 0
Join Date: Sep 2010
Posts: 473
Received Thanks: 104
|
ah with that code my program just open and close it wont stay opened
maybe i have wrong NomadMemory ?
here it is
Code:
#include-once
#region _Memory
;==================================================================================
; AutoIt Version: 3.1.127 (beta)
; Language: English
; Platform: All Windows
; Author: Nomad
; Requirements: These functions will only work with beta.
;==================================================================================
; Credits: wOuter - These functions are based on his original _Mem() functions.
; But they are easier to comprehend and more reliable. These
; functions are in no way a direct copy of his functions. His
; functions only provided a foundation from which these evolved.
;==================================================================================
;
; Functions:
;
;==================================================================================
; Function: _MemoryOpen($iv_Pid[, $iv_DesiredAccess[, $iv_InheritHandle]])
; Description: Opens a process and enables all possible access rights to the
; process. The Process ID of the process is used to specify which
; process to open. You must call this function before calling
; _MemoryClose(), _MemoryRead(), or _MemoryWrite().
; Parameter(s): $iv_Pid - The Process ID of the program you want to open.
; $iv_DesiredAccess - (optional) Set to 0x1F0FFF by default, which
; enables all possible access rights to the
; process specified by the Process ID.
; $iv_InheritHandle - (optional) If this value is TRUE, all processes
; created by this process will inherit the access
; handle. Set to 1 (TRUE) by default. Set to 0
; if you want it FALSE.
; Requirement(s): None.
; Return Value(s): On Success - Returns an array containing the Dll handle and an
; open handle to the specified process.
; On Failure - Returns 0
; @Error - 0 = No error.
; 1 = Invalid $iv_Pid.
; 2 = Failed to open Kernel32.dll.
; 3 = Failed to open the specified process.
; Author(s): Nomad
; Note(s):
;==================================================================================
Func _MemoryOpen($iv_Pid, $iv_DesiredAccess = 0x1F0FFF, $iv_InheritHandle = 1)
If Not ProcessExists($iv_Pid) Then
SetError(1)
Return 0
EndIf
Local $ah_Handle[2] = [DllOpen('kernel32.dll')]
If @Error Then
SetError(2)
Return 0
EndIf
Local $av_OpenProcess = DllCall($ah_Handle[0], 'int', 'OpenProcess', 'int', $iv_DesiredAccess, 'int', $iv_InheritHandle, 'int', $iv_Pid)
If @Error Then
DllClose($ah_Handle[0])
SetError(3)
Return 0
EndIf
$ah_Handle[1] = $av_OpenProcess[0]
Return $ah_Handle
EndFunc
;==================================================================================
; Function: _MemoryRead($iv_Address, $ah_Handle[, $sv_Type])
; Description: Reads the value located in the memory address specified.
; Parameter(s): $iv_Address - The memory address you want to read from. It must
; be in hex format (0x00000000).
; $ah_Handle - An array containing the Dll handle and the handle
; of the open process as returned by _MemoryOpen().
; $sv_Type - (optional) The "Type" of value you intend to read.
; This is set to 'dword'(32bit(4byte) signed integer)
; by default. See the help file for DllStructCreate
; for all types. An example: If you want to read a
; word that is 15 characters in length, you would use
; 'char[16]' since a 'char' is 8 bits (1 byte) in size.
; Return Value(s): On Success - Returns the value located at the specified address.
; On Failure - Returns 0
; @Error - 0 = No error.
; 1 = Invalid $ah_Handle.
; 2 = $sv_Type was not a string.
; 3 = $sv_Type is an unknown data type.
; 4 = Failed to allocate the memory needed for the DllStructure.
; 5 = Error allocating memory for $sv_Type.
; 6 = Failed to read from the specified process.
; Author(s): Nomad
; Note(s): Values returned are in Decimal format, unless specified as a
; 'char' type, then they are returned in ASCII format. Also note
; that size ('char[size]') for all 'char' types should be 1
; greater than the actual size.
;==================================================================================
Func _MemoryRead($iv_Address, $ah_Handle, $sv_Type = 'dword')
If Not IsArray($ah_Handle) Then
SetError(1)
Return 0
EndIf
Local $v_Buffer = DllStructCreate($sv_Type)
If @Error Then
SetError(@Error + 1)
Return 0
EndIf
DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
If Not @Error Then
Local $v_Value = DllStructGetData($v_Buffer, 1)
Return $v_Value
Else
SetError(6)
Return 0
EndIf
EndFunc
;==================================================================================
; Function: _MemoryWrite($iv_Address, $ah_Handle, $v_Data[, $sv_Type])
; Description: Writes data to the specified memory address.
; Parameter(s): $iv_Address - The memory address which you want to write to.
; It must be in hex format (0x00000000).
; $ah_Handle - An array containing the Dll handle and the handle
; of the open process as returned by _MemoryOpen().
; $v_Data - The data to be written.
; $sv_Type - (optional) The "Type" of value you intend to write.
; This is set to 'dword'(32bit(4byte) signed integer)
; by default. See the help file for DllStructCreate
; for all types. An example: If you want to write a
; word that is 15 characters in length, you would use
; 'char[16]' since a 'char' is 8 bits (1 byte) in size.
; Return Value(s): On Success - Returns 1
; On Failure - Returns 0
; @Error - 0 = No error.
; 1 = Invalid $ah_Handle.
; 2 = $sv_Type was not a string.
; 3 = $sv_Type is an unknown data type.
; 4 = Failed to allocate the memory needed for the DllStructure.
; 5 = Error allocating memory for $sv_Type.
; 6 = $v_Data is not in the proper format to be used with the
; "Type" selected for $sv_Type, or it is out of range.
; 7 = Failed to write to the specified process.
; Author(s): Nomad
; Note(s): Values sent must be in Decimal format, unless specified as a
; 'char' type, then they must be in ASCII format. Also note
; that size ('char[size]') for all 'char' types should be 1
; greater than the actual size.
;==================================================================================
Func _MemoryWrite($iv_Address, $ah_Handle, $v_Data, $sv_Type = 'dword')
If Not IsArray($ah_Handle) Then
SetError(1)
Return 0
EndIf
Local $v_Buffer = DllStructCreate($sv_Type)
If @Error Then
SetError(@Error + 1)
Return 0
Else
DllStructSetData($v_Buffer, 1, $v_Data)
If @Error Then
SetError(6)
Return 0
EndIf
EndIf
DllCall($ah_Handle[0], 'int', 'WriteProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
If Not @Error Then
Return 1
Else
SetError(7)
Return 0
EndIf
EndFunc
;==================================================================================
; Function: _MemoryClose($ah_Handle)
; Description: Closes the process handle opened by using _MemoryOpen().
; Parameter(s): $ah_Handle - An array containing the Dll handle and the handle
; of the open process as returned by _MemoryOpen().
; Return Value(s): On Success - Returns 1
; On Failure - Returns 0
; @Error - 0 = No error.
; 1 = Invalid $ah_Handle.
; 2 = Unable to close the process handle.
; Author(s): Nomad
; Note(s):
;==================================================================================
Func _MemoryClose($ah_Handle)
If Not IsArray($ah_Handle) Then
SetError(1)
Return 0
EndIf
DllCall($ah_Handle[0], 'int', 'CloseHandle', 'int', $ah_Handle[1])
If Not @Error Then
DllClose($ah_Handle[0])
Return 1
Else
DllClose($ah_Handle[0])
SetError(2)
Return 0
EndIf
EndFunc
;==================================================================================
; Function: SetPrivilege( $privilege, $bEnable )
; Description: Enables (or disables) the $privilege on the current process
; (Probably) requires administrator privileges to run
;
; Author(s): Larry (from autoitscript.com's Forum)
; Notes(s):
; http://www.autoitscript.com/forum/index.ph...st&p=223999
;==================================================================================
Func SetPrivilege( $privilege, $bEnable )
Const $TOKEN_ADJUST_PRIVILEGES = 0x0020
Const $TOKEN_QUERY = 0x0008
Const $SE_PRIVILEGE_ENABLED = 0x0002
Local $hToken, $SP_auxret, $SP_ret, $hCurrProcess, $nTokens, $nTokenIndex, $priv
$nTokens = 1
$LUID = DLLStructCreate("dword;int")
If IsArray($privilege) Then $nTokens = UBound($privilege)
$TOKEN_PRIVILEGES = DLLStructCreate("dword;dword[" & (3 * $nTokens) & "]")
$NEWTOKEN_PRIVILEGES = DLLStructCreate("dword;dword[" & (3 * $nTokens) & "]")
$hCurrProcess = DLLCall("kernel32.dll","hwnd","GetCurrentProcess")
$SP_auxret = DLLCall("advapi32.dll","int","OpenProcessToken","hwnd",$hCurrProcess[0], _
"int",BitOR($TOKEN_ADJUST_PRIVILEGES,$TOKEN_QUERY),"int*",0)
If $SP_auxret[0] Then
$hToken = $SP_auxret[3]
DLLStructSetData($TOKEN_PRIVILEGES,1,1)
$nTokenIndex = 1
While $nTokenIndex <= $nTokens
If IsArray($privilege) Then
$priv = $privilege[$nTokenIndex-1]
Else
$priv = $privilege
EndIf
$ret = DLLCall("advapi32.dll","int","LookupPrivilegeValue","str","","str",$priv, _
"ptr",DLLStructGetPtr($LUID))
If $ret[0] Then
If $bEnable Then
DLLStructSetData($TOKEN_PRIVILEGES,2,$SE_PRIVILEGE_ENABLED,(3 * $nTokenIndex))
Else
DLLStructSetData($TOKEN_PRIVILEGES,2,0,(3 * $nTokenIndex))
EndIf
DLLStructSetData($TOKEN_PRIVILEGES,2,DllStructGetData($LUID,1),(3 * ($nTokenIndex-1)) + 1)
DLLStructSetData($TOKEN_PRIVILEGES,2,DllStructGetData($LUID,2),(3 * ($nTokenIndex-1)) + 2)
DLLStructSetData($LUID,1,0)
DLLStructSetData($LUID,2,0)
EndIf
$nTokenIndex += 1
WEnd
$ret = DLLCall("advapi32.dll","int","AdjustTokenPrivileges","hwnd",$hToken,"int",0, _
"ptr",DllStructGetPtr($TOKEN_PRIVILEGES),"int",DllStructGetSize($NEWTOKEN_PRIVILEGES), _
"ptr",DllStructGetPtr($NEWTOKEN_PRIVILEGES),"int*",0)
$f = DLLCall("kernel32.dll","int","GetLastError")
EndIf
$NEWTOKEN_PRIVILEGES=0
$TOKEN_PRIVILEGES=0
$LUID=0
If $SP_auxret[0] = 0 Then Return 0
$SP_auxret = DLLCall("kernel32.dll","int","CloseHandle","hwnd",$hToken)
If Not $ret[0] And Not $SP_auxret[0] Then Return 0
return $ret[0]
EndFunc ;==>SetPrivilege
;=================================================================================================
; Function: _MemoryPointerRead ($iv_Address, $ah_Handle, $av_Offset[, $sv_Type])
; Description: Reads a chain of pointers and returns an array containing the destination
; address and the data at the address.
; Parameter(s): $iv_Address - The static memory address you want to start at. It must be in
; hex format (0x00000000).
; $ah_Handle - An array containing the Dll handle and the handle of the open
; process as returned by _MemoryOpen().
; $av_Offset - An array of offsets for the pointers. Each pointer must have an
; offset. If there is no offset for a pointer, enter 0 for that
; array dimension.
; $sv_Type - (optional) The "Type" of data you intend to read at the destination
; address. This is set to 'dword'(32bit(4byte) signed integer) by
; default. See the help file for DllStructCreate for all types.
; Requirement(s): The $ah_Handle returned from _MemoryOpen.
; Return Value(s): On Success - Returns an array containing the destination address and the value
; located at the address.
; On Failure - Returns 0
; @Error - 0 = No error.
; 1 = $av_Offset is not an array.
; 2 = Invalid $ah_Handle.
; 3 = $sv_Type is not a string.
; 4 = $sv_Type is an unknown data type.
; 5 = Failed to allocate the memory needed for the DllStructure.
; 6 = Error allocating memory for $sv_Type.
; 7 = Failed to read from the specified process.
; Author(s): Nomad
; Note(s): Values returned are in Decimal format, unless a 'char' type is selected.
; Set $av_Offset like this:
; $av_Offset[0] = NULL (not used)
; $av_Offset[1] = Offset for pointer 1 (all offsets must be in Decimal)
; $av_Offset[2] = Offset for pointer 2
; etc...
; (The number of array dimensions determines the number of pointers)
;=================================================================================================
Func _MemoryPointerRead($iv_Address, $ah_Handle, $av_Offset, $sv_Type = 'dword')
If IsArray($av_Offset) Then
If IsArray($ah_Handle) Then
Local $iv_PointerCount = UBound($av_Offset) - 1
Else
SetError(2)
Return 0
EndIf
Else
SetError(1)
Return 0
EndIf
Local $iv_Data[2], $i
Local $v_Buffer = DllStructCreate('dword')
For $i = 0 To $iv_PointerCount
If $i = $iv_PointerCount Then
$v_Buffer = DllStructCreate($sv_Type)
If @error Then
SetError(@error + 2)
Return 0
EndIf
$iv_Address = '0x' & Hex($iv_Data[1] + $av_Offset[$i])
DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
If @error Then
SetError(7)
Return 0
EndIf
$iv_Data[1] = DllStructGetData($v_Buffer, 1)
ElseIf $i = 0 Then
DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
If @error Then
SetError(7)
Return 0
EndIf
$iv_Data[1] = DllStructGetData($v_Buffer, 1)
Else
$iv_Address = '0x' & Hex($iv_Data[1] + $av_Offset[$i])
DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
If @error Then
SetError(7)
Return 0
EndIf
$iv_Data[1] = DllStructGetData($v_Buffer, 1)
EndIf
Next
$iv_Data[0] = $iv_Address
Return $iv_Data
EndFunc ;==>_MemoryPointerRead
;=================================================================================================
; Function: _MemoryPointerWrite ($iv_Address, $ah_Handle, $av_Offset, $v_Data[, $sv_Type])
; Description: Reads a chain of pointers and writes the data to the destination address.
; Parameter(s): $iv_Address - The static memory address you want to start at. It must be in
; hex format (0x00000000).
; $ah_Handle - An array containing the Dll handle and the handle of the open
; process as returned by _MemoryOpen().
; $av_Offset - An array of offsets for the pointers. Each pointer must have an
; offset. If there is no offset for a pointer, enter 0 for that
; array dimension.
; $v_Data - The data to be written.
; $sv_Type - (optional) The "Type" of data you intend to write at the destination
; address. This is set to 'dword'(32bit(4byte) signed integer) by
; default. See the help file for DllStructCreate for all types.
; Requirement(s): The $ah_Handle returned from _MemoryOpen.
; Return Value(s): On Success - Returns the destination address.
; On Failure - Returns 0.
; @Error - 0 = No error.
; 1 = $av_Offset is not an array.
; 2 = Invalid $ah_Handle.
; 3 = Failed to read from the specified process.
; 4 = $sv_Type is not a string.
; 5 = $sv_Type is an unknown data type.
; 6 = Failed to allocate the memory needed for the DllStructure.
; 7 = Error allocating memory for $sv_Type.
; 8 = $v_Data is not in the proper format to be used with the
; "Type" selected for $sv_Type, or it is out of range.
; 9 = Failed to write to the specified process.
; Author(s): Nomad
; Note(s): Data written is in Decimal format, unless a 'char' type is selected.
; Set $av_Offset like this:
; $av_Offset[0] = NULL (not used, doesn't matter what's entered)
; $av_Offset[1] = Offset for pointer 1 (all offsets must be in Decimal)
; $av_Offset[2] = Offset for pointer 2
; etc...
; (The number of array dimensions determines the number of pointers)
;=================================================================================================
Func _MemoryPointerWrite ($iv_Address, $ah_Handle, $av_Offset, $v_Data, $sv_Type = 'dword')
If IsArray($av_Offset) Then
If IsArray($ah_Handle) Then
Local $iv_PointerCount = UBound($av_Offset) - 1
Else
SetError(2)
Return 0
EndIf
Else
SetError(1)
Return 0
EndIf
Local $iv_StructData, $i
Local $v_Buffer = DllStructCreate('dword')
For $i = 0 to $iv_PointerCount
If $i = $iv_PointerCount Then
$v_Buffer = DllStructCreate($sv_Type)
If @Error Then
SetError(@Error + 3)
Return 0
EndIf
DllStructSetData($v_Buffer, 1, $v_Data)
If @Error Then
SetError(8)
Return 0
EndIf
$iv_Address = '0x' & hex($iv_StructData + $av_Offset[$i])
DllCall($ah_Handle[0], 'int', 'WriteProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
If @Error Then
SetError(9)
Return 0
Else
Return $iv_Address
EndIf
ElseIf $i = 0 Then
DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
If @Error Then
SetError(3)
Return 0
EndIf
$iv_StructData = DllStructGetData($v_Buffer, 1)
Else
$iv_Address = '0x' & hex($iv_StructData + $av_Offset[$i])
DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
If @Error Then
SetError(3)
Return 0
EndIf
$iv_StructData = DllStructGetData($v_Buffer, 1)
EndIf
Next
EndFunc
;===================================================================================================
; Function........: _MemoryGetBaseAddress($ah_Handle, $iHD)
;
; Description.....: Reads the 'Allocation Base' from the open process.
;
; Parameter(s)....: $ah_Handle - An array containing the Dll handle and the handle of the open
; process as returned by _MemoryOpen().
; $iHD - Return type:
; |0 = Hex (Default)
; |1 = Dec
;
; Requirement(s)..: A valid process ID.
;
; Return Value(s).: On Success - Returns the 'allocation Base' address and sets @Error to 0.
; On Failure - Returns 0 and sets @Error to:
; |1 = Invalid $ah_Handle.
; |2 = Failed to find correct allocation address.
; |3 = Failed to read from the specified process.
;
; Author(s).......: Nomad. Szhlopp.
; URL.............: http://www.autoitscript.com/forum/index.php?showtopic=78834
; Note(s).........: Go to Www.CheatEngine.org for the latest version of CheatEngine.
;===================================================================================================
Func _MemoryGetBaseAddress($ah_Handle, $iHexDec = 0)
Local $iv_Address = 0x00100000
Local $v_Buffer = DllStructCreate('dword;dword;dword;dword;dword;dword;dword')
Local $vData
Local $vType
If Not IsArray($ah_Handle) Then
SetError(1)
Return 0
EndIf
DllCall($ah_Handle[0], 'int', 'VirtualQueryEx', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer))
If Not @Error Then
$vData = Hex(DllStructGetData($v_Buffer, 2))
$vType = Hex(DllStructGetData($v_Buffer, 3))
While $vType <> "00000080"
DllCall($ah_Handle[0], 'int', 'VirtualQueryEx', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer))
$vData = Hex(DllStructGetData($v_Buffer, 2))
$vType = Hex(DllStructGetData($v_Buffer, 3))
If Hex($iv_Address) = "01000000" Then ExitLoop
$iv_Address += 65536
WEnd
If $vType = "00000080" Then
SetError(0)
If $iHexDec = 1 Then
Return Dec($vData)
Else
Return $vData
EndIf
Else
SetError(2)
Return 0
EndIf
Else
SetError(3)
Return 0
EndIf
EndFunc ;==>_MemoryGetBaseAddress
#EndRegion
i get this error
C:\Documents and Settings\tea\Desktop\solitaire memory hack\test.au3 (65) : ==> Array variable has incorrect number of subscripts or subscript dimension range exceeded.:
$val2 = _MemoryPointerRead($address, $memOpen, $offset[1])
$val2 = _MemoryPointerRead($address, $memOpen, ^ ERROR
|
|
|
|
|
11/18/2013, 20:07
|
#5
|
elite*gold: 60
Join Date: Aug 2009
Posts: 2,256
Received Thanks: 815
|
Because $offset is one size big and you request the 2nd entry.
By the way the first entry has to be zero. So $offsets[2] [0, offset] would be correct.
|
|
|
|
|
11/18/2013, 20:21
|
#6
|
elite*gold: 0
Join Date: Sep 2010
Posts: 473
Received Thanks: 104
|
thx for that but i know for arrays and it is like that i fixed it now but im still on 0 result idk what to do anymore 
|
|
|
|
|
11/19/2013, 18:40
|
#7
|
elite*gold: 15
Join Date: Aug 2012
Posts: 3,041
Received Thanks: 6,397
|
It's sol.exe+7170 not 0xA9510..
|
|
|
|
|
11/19/2013, 19:42
|
#8
|
elite*gold: 64
Join Date: May 2011
Posts: 1,229
Received Thanks: 854
|
Try that:
Include by KDeluxe: 
Code:
;#AutoIt3Wrapper_UseX64=y ;For 64Bit Process Memory
#RequireAdmin
#include <KDMemory.au3>
Local $pID, $hHandle, $iBase, $mName, $iStatAddr
Dim $iOffsets[1] = [ 0x30 ]
$iStatAddr = 0x00007170
$mName = "sol.exe"
$pID = ProcessExists($mName)
$hHandle = _KDMemory_OpenProcess($pID)
$iBase = _KDMemory_GetModuleBaseAddress($hHandle, $mName) + $iStatAddr
$iRead = _KDMemory_ReadProcessMemory($hHandle, $iBase, 'DWORD', $iOffsets)
|
|
|
|
|
11/19/2013, 22:11
|
#9
|
elite*gold: 0
Join Date: Mar 2009
Posts: 7,260
Received Thanks: 33,149
|
Code:
#AutoIt3Wrapper_UseX64=n ; 32 Bit application
;~ #AutoIt3Wrapper_UseX64=y ; 64 Bit application
#RequireAdmin
#include "KDMemory.au3"
Dim $processName = "sol.exe", $handles = 0, $address = 0
Dim $offsets[1] = [0x30]
While True
;~ Sleep()
$processId = ProcessExists($processName)
If $processId == 0 Then
If IsArray($handles) Then
ToolTip("")
_KDMemory_CloseHandles($handles)
$handles = 0
$address = 0
EndIf
ContinueLoop
EndIf
If $handles == 0 Then
$handles = _KDMemory_OpenProcess($processId)
If @error Then
If MsgBox(52, "Error", "Can't open " & $processName & "! @error: " & @error) == 6 Then
$handles = 0
ContinueLoop
Else
Exit
EndIf
EndIf
EndIf
If $address == 0 Then
$address = _KDMemory_GetModuleBaseAddress($handles, $processName) + 0x00007170
If @error Then
If MsgBox(52, "Error", "Can't get ModuleBaseAddress! @error: " & @error & ", @extended: " & @extended) == 6 Then
$address = 0
ContinueLoop
Else
Exit
EndIf
EndIf
EndIf
$memoryData = _KDMemory_ReadProcessMemory($handles, $address, "DWORD", $offsets)
If @error Then
ToolTip("Can't read memory! @error: " & @error & ", @extended: " & @extended, 0, 0)
Else
ToolTip("Address: " & $memoryData[0] & @CRLF & "Value: " & $memoryData[1], 0, 0)
EndIf
WEnd
|
|
|
|
|
11/20/2013, 00:08
|
#10
|
elite*gold: 0
Join Date: Sep 2010
Posts: 473
Received Thanks: 104
|
@BladeTiger12
your code return me FALSE
@KDeluxe
your code give me this error
|
|
|
|
|
11/20/2013, 13:01
|
#11
|
elite*gold: 0
Join Date: Mar 2009
Posts: 7,260
Received Thanks: 33,149
|
The call fails, but you need a similar function to get the module address. The address is "sol.exe"+00007170 and not 000A9510. The module address is not static for Solitaire.
|
|
|
|
|
11/20/2013, 13:56
|
#12
|
elite*gold: 0
Join Date: Sep 2010
Posts: 473
Received Thanks: 104
|
ok but how do i implement that "sol.exe"+0007170 in script to show me current score ?
|
|
|
|
|
11/20/2013, 15:07
|
#13
|
elite*gold: 0
Join Date: Mar 2009
Posts: 7,260
Received Thanks: 33,149
|
Quote:
Originally Posted by KDeluxe
Code:
#AutoIt3Wrapper_UseX64=n ; 32 Bit application
;~ #AutoIt3Wrapper_UseX64=y ; 64 Bit application
#RequireAdmin
#include "KDMemory.au3"
Dim $processName = "sol.exe", $handles = 0, $address = 0
Dim $offsets[1] = [0x30]
While True
;~ Sleep()
$processId = ProcessExists($processName)
If $processId == 0 Then
If IsArray($handles) Then
ToolTip("")
_KDMemory_CloseHandles($handles)
$handles = 0
$address = 0
EndIf
ContinueLoop
EndIf
If $handles == 0 Then
$handles = _KDMemory_OpenProcess($processId)
If @error Then
If MsgBox(52, "Error", "Can't open " & $processName & "! @error: " & @error) == 6 Then
$handles = 0
ContinueLoop
Else
Exit
EndIf
EndIf
EndIf
If $address == 0 Then
$address = _KDMemory_GetModuleBaseAddress($handles, $processName) + 0x00007170
If @error Then
If MsgBox(52, "Error", "Can't get ModuleBaseAddress! @error: " & @error & ", @extended: " & @extended) == 6 Then
$address = 0
ContinueLoop
Else
Exit
EndIf
EndIf
EndIf
$memoryData = _KDMemory_ReadProcessMemory($handles, $address, "DWORD", $offsets)
If @error Then
ToolTip("Can't read memory! @error: " & @error & ", @extended: " & @extended, 0, 0)
Else
ToolTip("Address: " & $memoryData[0] & @CRLF & "Value: " & $memoryData[1], 0, 0)
EndIf
WEnd
|
But
Quote:
Originally Posted by KDeluxe
The call fails |
I can't help you because I don't know what error occurs. Replace the _KDMemory_GetModuleBaseAddress() function in the KDMemory.au3 with
Code:
;=================================================================================================
; Function: _KDMemory_GetModuleBaseAddress ( $handles, $moduleName [, $caseSensitive [, $unicode]] )
; Author(s): KDeluxe ( http://www.elitepvpers.com/forum/members/1219971-kdeluxe.html )
;=================================================================================================
Func _KDMemory_GetModuleBaseAddress($handles, $moduleName, $caseSensitive = 0, $unicode = 0)
Local $psapiDll, $modules, $bytesNeeded, $type, $suffix, $baseName, $callResult, $moduleBaseAddress
If Not IsArray($handles) Then Return SetError(1, 0, False)
If StringLen($moduleName) == 0 Then Return SetError(2, 0, False)
Local $psapiDll = DllOpen('Psapi.dll')
If $psapiDll == -1 Then Return SetError(3, 0, False)
$modules = DllStructCreate('ptr[1024]')
If @error Then Return SetError(@error + 3, 0, False)
$bytesNeeded = DllStructCreate('DWORD')
If @error Then Return SetError(@error + 7, 0, False)
If $unicode <> 1 Then
$type = 'CHAR'
$suffix = 'A'
Else
$type = 'WCHAR'
$suffix = 'W'
EndIf
$baseName = DllStructCreate($type & '[256]')
If @error Then Return SetError(@error + 11, 0, False)
$callResult = DllCall($psapiDll, 'BOOL', 'EnumProcessModules', 'ptr', $handles[1], 'ptr', DllStructGetPtr($modules), 'DWORD', DllStructGetSize($modules), 'ptr', DllStructGetPtr($bytesNeeded))
If @error Then
Return SetError(@error + 15, 0, False)
ElseIf $callResult[0] == 0 Then
$lastError = DllCall($handles[0], 'DWORD', 'GetLastError')
Return SetError(21, $lastError[0], False)
Else
For $i = 1 To DllStructGetData($bytesNeeded, 1)
$moduleBaseAddress = DllStructGetData($modules, 1, $i)
$callResult = DllCall($psapiDll, 'DWORD', 'GetModuleBaseName' & $suffix, 'ptr', $handles[1], 'ptr', $moduleBaseAddress, 'ptr', DllStructGetPtr($baseName), 'DWORD', 255)
If @error Then
Return SetError(@error + 21, $i, False)
ElseIf $callResult[0] == 0 Then
Return SetError(27, $i, False)
Else
If StringCompare(DllStructGetData($baseName, 1), $moduleName, $caseSensitive) == 0 Then
DllClose($psapiDll)
Return $moduleBaseAddress
EndIf
EndIf
Next
EndIf
DllClose($psapiDll)
Return SetError(28, 0, False)
EndFunc
The MsgBox will show you the error. I need the @error code and the @extended code.
|
|
|
|
|
11/20/2013, 15:34
|
#14
|
elite*gold: 0
Join Date: Sep 2010
Posts: 473
Received Thanks: 104
|
I replaced that code you gived me in KDMemory.au3
and now msg box says
Can't get ModuleBaseAdress! @error:21 @extended:6
|
|
|
|
|
11/20/2013, 16:48
|
#15
|
elite*gold: 0
Join Date: Mar 2009
Posts: 7,260
Received Thanks: 33,149
|
Try it with another access right. Replace
Code:
$handles = _KDMemory_OpenProcess($processId)
with
Code:
$handles = _KDMemory_OpenProcess($processId, 0, 0x001F0FFF)
|
|
|
|
 |
|
Similar Threads
|
[C#]Reading Memory / Pointer with multiple Offsets.
01/12/2013 - .NET Languages - 23 Replies
I am used to coding in AutoIt. I am trying to move my project into C# but I have only about 2-3 weeks of experience.
In AutoIt, I have this code here that reads the process memory and returns a value.
$map = _MemoryRead(0x00B5CCB8, $handle) // Pointer address 0x00B5CCB8
$map = _MemoryRead($map + 0x02, $handle) // Offset 0x02
$map = _MemoryRead($map + 0xBD, $handle) // Second Offset 0xBD
I am trying desperately to convert this to C# language and I need some help. Here is what I have...
|
[Vb.NET] WoW Memory Reading
11/20/2010 - World of Warcraft - 1 Replies
Hallo,
Ist es irgendwie möglich mit VB.NET die Memory von WoW auszulesen wie bei C# mit der BlackMagic.dll
Danke m vorraus
|
Help with memory reading. C++.
06/12/2010 - Aion - 0 Replies
Hello people, I'm kinda new to memory reading in c++. Been doing similiar stuff, and done some other stuff like packet hacks etc but anyway, to the issue.
I get weird values from AION when reading. And I'm prolly going about this totally wrong so I'll post you the code and hopefully some kind soul out there will point me in the right direction.
int address = 0xA82424;
int value;
DWORD pid;
if(!GameWindow)
{
|
Memory reading etc.
06/18/2008 - General Coding - 11 Replies
-
|
Memory reading help...
02/10/2007 - Conquer Online 2 - 1 Replies
Hi,
I need to read the amount of arrows on an archer (0-500). I have the pointer and offset, and i can get the right number in cheat engine, however whenever i try to read it from autohotkey i always get 0. Don't know why. I've always read 4 byte data before so i don't really know if i have the right code for 2 byte data. Here's the autohotkey code
ExtInt(ByRef pSource, pOffset = 0, pIsSigned = false, pSize = 4); From AutoHotKey Help
{
Loop %pSize%
result += *(&pSource +...
|
All times are GMT +1. The time now is 16:50.
|
|
