|
You last visited: Today at 14:23
Advertisement
"??" [Problems]
Discussion on "??" [Problems] within the AutoIt forum part of the Coders Den category.
06/08/2015, 02:19
|
#1
|
elite*gold: 37 
Join Date: May 2014
Posts: 1,835
Received Thanks: 9,833
|
"??" [Problems]
#Solved
|
|
|
|
06/08/2015, 12:55
|
#2
|
elite*gold: 280
Join Date: May 2007
Posts: 2,818
Received Thanks: 3,483
|
Quote:
Originally Posted by HaMaDa..
Why autoit don't "??"
|
you might try to explain what you are actually talking about.
what are you trying to do, and what are the problems you've got while trying to do that...
|
|
|
|
|
06/08/2015, 17:49
|
#3
|
elite*gold: 37
Join Date: May 2014
Posts: 1,835
Received Thanks: 9,833
|
Sorry, i mean why autoit dont support "??" For the aob scan 
|
|
|
|
|
06/08/2015, 19:50
|
#4
|
elite*gold: 0
Join Date: Apr 2011
Posts: 363
Received Thanks: 167
|
What?, that depends on the function that u use or you code to do array of bytes search here's a simple example of how to implement. Sorry for the awful code 
Code:
#include <NomadMemory.au3>
#include <WinAPI.au3>
#include <WinAPIProc.au3>
#include <Array.au3>
Global $open = _MemoryOpen(ProcessExists("Test.exe")); test exe is a c++ test program
#cs
Test.cpp
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
int main()
{
float life = 100;
printf("Hit shift to downgrade life \n");
printf("Your current life is: %.2f",life);
srand(time(NULL));
while(1)
{
Sleep(20);
if (GetAsyncKeyState(VK_SHIFT)&1)
{
system("cls");
life -= rand()%10;
if (life < 0)
{
printf("you are dead :( \n");
break;
}else
printf("U get hurt, your life now is %.2f",life);
}
}
system("pause");
return 0;
}
#ce
$yourPattern = "\0x00\0x00\0x00\0x42\0x60\0x19\0x40" ;search with cheat engine or something
$byteMask = "???xxxx"
$Addr = FindPattern($yourPattern, $byteMask,0x0022FAFF,0x4000000) ;(pattern,mask,initAddr,finalAddr)
MsgBox(0, "", "pattern finded at: " & Hex($Addr, 8))
Func GetModuleInfo($pid)
$str = _WinAPI_GetModuleInformation($pid[1], Null)
Return $str
EndFunc ;==>GetModuleInfo
Func FindPattern($pattern, $mask,$from,$to)
$ModuleData = GetModuleInfo($open)
$lpBase = DllStructGetData($ModuleData,1)
$sizeOfImage = DllStructGetData($ModuleData, 2)
$EntryPoint = DllStructGetData($ModuleData, 3) ;some data sometimes useful don't know :p
Local $Pat = PattArray($pattern)
Local $M = MaskArray($mask)
MsgBox(0,"","LPBASE: " & $lpBase & @CRLF & _
"size: " & $sizeOfImage & @CRLF & _
"Entry point: "& $EntryPoint )
$patternLen = StringLen($mask)
For $i = $from To $to;$sizeOfImage - $patternLen - 1
$found = True
ToolTip("Searching: " & Hex($lpBase + $i, 8), 0, 0)
For $j = 0 To $patternLen - 1
$bool = $M[$j] = "?" Or Hex($Pat[$j], 2) = MemReadHexChar($lpBase + $i + $j) ;our bool expresion, will be 1 if the byte that we are reading is a ? in the mask, or are the same bytes, else is a 0
$found = BitAND($found, $bool) ;we and the values , if all the bytes match then we find our pattern, else we don't
Next
If $found Then Return $lpBase + $i ;founded ? yey
Next
EndFunc ;==>FindPattern
Func PattArray($pattern) ;crap func to make the pattern an array to work with
$split = StringSplit(StringMid($pattern, 2, StringLen($pattern)), "\", 2)
Return $split
EndFunc ;==>PattArray
Func MaskArray($mask) ;crap func to make the mask an array to work with
Local $array[StringLen($mask)]
For $i = 0 To UBound($array) - 1
$array[$i] = StringMid($mask, $i + 1, 1)
Next
Return $array
EndFunc ;==>MaskArray
Func MemReadHexChar($addres) ;crap func to get byte value at memory pos
$byte = Hex(_MemoryRead($addres, $open, "byte"), 2)
Return $byte
EndFunc ;==>MemReadHexChar
Not my own code get some of here 
and implement with autoit some adaptions to make it work faster then...
Wonder why that page is blocked here... , replace the 5 with S
|
|
|
|
|
06/08/2015, 20:33
|
#5
|
elite*gold: 37
Join Date: May 2014
Posts: 1,835
Received Thanks: 9,833
|
I Mean when the aob scan start if the aob have "??" all the aob won't work
So what i must replace "??" With
Help please
|
|
|
|
|
06/08/2015, 21:32
|
#6
|
elite*gold: 0
Join Date: Apr 2011
Posts: 363
Received Thanks: 167
|
why not?, what aob scan method are u using, maybe something bad implemented in the code thought.
If the memory region is non accessible the search should continue anyway...
|
|
|
|
|
06/08/2015, 22:35
|
#7
|
elite*gold: 37
Join Date: May 2014
Posts: 1,835
Received Thanks: 9,833
|
Code:
$Nothing_Array = "123??67??89??" ;That won't work if it with "12345678911" That's will work that's only for example
$NothingAddress =
_MEMSCAN($OPEN,$Nothing_Array,0x0000000000000000,0x7fffffffffffffff)
Func _MEMSCAN($AH_HANDLE, $AB_ARRAY, $BASE_ADD = 0x00400000, $STOP_ADD = 0xFFFFFFFF)
For $ADD = $BASE_ADD To $STOP_ADD Step 51200 - (StringLen($AB_ARRAY) / 2)
StringRegExp(_MREAD($ADD, $AH_HANDLE, "byte[" & 51200 & "]"), $AB_ARRAY, 1, 2)
If Not @Error Then
Return StringFormat("0x%.8X", $ADD + ((@extended - StringLen($AB_ARRAY) - 2) / 2))
EndIf
Next
EndFunc
Func _MOPEN($IV_PID, $IV_DESIREDACCESS = 2035711, $IV_INHERITHANDLE = 1)
If Not ProcessExists($IV_PID) Then
SetError(1)
Return 0
EndIf
Local $AH_HANDLE[2] = [DllOpen("kernel32.dll")]
If @error Then
SetError(2)
Return 0
EndIf
Local $AV_OPENPROCESS = DllCall($AH_HANDLE[0], "int", "OpenProcess", "int", $IV_DESIREDACCESS, "int", $IV_INHERITHANDLE, "int", $IV_PID)
If @error Then
DllClose($AH_HANDLE[0])
SetError(3)
Return 0
EndIf
$AH_HANDLE[1] = $AV_OPENPROCESS[0]
Return $AH_HANDLE
EndFunc
Func _MREAD($IV_ADDRESS, $AH_HANDLE, $SV_TYPE = "dword")
If Not IsArray($AH_HANDLE) Then
SetError(1)
Return 0
EndIf
Local $V_BUFFER = DllStructCreate($SV_TYPE)
If @error Then
SetError(@error + 1)
Return 0
EndIf
DllCall($AH_HANDLE[0], "int", "ReadProcessMemory", "int", $AH_HANDLE[1], "int", $IV_ADDRESS, "ptr", DllStructGetPtr($V_BUFFER), "int", DllStructGetSize($V_BUFFER), "int", "")
If Not @error Then
Local $V_VALUE = DllStructGetData($V_BUFFER, 1)
Return $V_VALUE
Else
SetError(6)
Return 0
EndIf
EndFunc
Func _MCLOSE($AH_HANDLE)
If Not IsArray($AH_HANDLE) Then
SetError(1)
Return 0
EndIf
DllCall($AH_HANDLE[0], "int", "CloseHandle", "int", $AH_HANDLE[1])
If Not @error Then
DllClose($AH_HANDLE[0])
Return 1
Else
DllClose($AH_HANDLE[0])
SetError(2)
Return 0
EndIf
EndFunc
Func Hide ()
GUISetState(@SW_HIDE)
EndFunc
Func Show ()
GUISetState(@SW_Show)
EndFunc
|
|
|
|
|
06/10/2015, 03:05
|
#8
|
elite*gold: 0
Join Date: Apr 2011
Posts: 363
Received Thanks: 167
|
That method that u use is faster because searchs a lot of memory per step but, when reading non-access memory the method fails and the reading returns 0x000000000000000000000000000000000000000000000000 000000000000000...
U will have to skip non-acess memory, and about the ?? if you want to search for a pattern you need a mask where the ? will replace any value that could change.
For example your memory is:
48 65 6c 6c 6f 20 57 6f 72 6c 64 20 31 30 31 (Hello World 101) and lets say that the word World never changes but the rest does.
Your aob array will be $SearchAoB="48 65 6c 6c 6f 20 57 6f 72 6c 64 20 31 30 31"
and your mask: $mask = "??????xxxxx????"
each ? represents a changing byte and each x represents a static one.
|
|
|
|
|
06/10/2015, 18:13
|
#9
|
elite*gold: 37
Join Date: May 2014
Posts: 1,835
Received Thanks: 9,833
|
So u mean for $Mask = "???***???"
It will replace it self the aob that need to change to mask?
|
|
|
|
|
06/10/2015, 19:53
|
#10
|
elite*gold: 0
Join Date: Apr 2011
Posts: 363
Received Thanks: 167
|
Replace the ?? in your $Nothing_Array = "123??67??89??" with .. means any character
$Nothing_Array = "123..67..89.."
That should work
|
|
|
|
|
06/11/2015, 02:07
|
#11
|
elite*gold: 37
Join Date: May 2014
Posts: 1,835
Received Thanks: 9,833
|
Thanks now it works
Thanks for your Time
|
|
|
|
|
06/11/2015, 03:23
|
#12
|
elite*gold: 0
Join Date: Apr 2011
Posts: 363
Received Thanks: 167
|
Np i'm here to help
|
|
|
|
All times are GMT +1. The time now is 14:24.
|
|
!["??" [Problems]](https://www.elitepvpers.com/forum/iconimages/autoit/problems_ltr.gif){kind=small}
