|
You last visited: Today at 12:34
Advertisement
Help with _MemoryScanEx
Discussion on Help with _MemoryScanEx within the AutoIt forum part of the Coders Den category.
11/27/2016, 19:46
|
#1
|
elite*gold: 0 
Join Date: Dec 2012
Posts: 14
Received Thanks: 1
|
Help with _MemoryScanEx
Need help, I have no experience with pattern scan at all.
I want to read/write values from pattern scan and have no idea how to do it. Can someone be nice and give me a little help. I searched the forum and still can't get it to work or know what to do.
I have this
Code:
RECOIL
"Paladins.exe"
\x77\x00\x8d\x04\x00\xf6\x84\xc7\xfc\x06\x00\x00 x?xx?xxxxxxx
Code:
Func _MemoryScanEx($ah_Handle, $pattern, $mask , $after = False, $iv_addrStart = 0x00400000, $iv_addrEnd = 0x00FFFFFF, $step = 51200)
If Not IsArray($ah_Handle) Then
SetError(1)
Return -1
EndIf
$pattern = StringRegExpReplace($pattern, "[^0123456789ABCDEFabcdef.]", "")
If StringLen($pattern) = 0 Then
SetError(2)
Return -2
EndIf
If Stringlen($pattern)/2 <> Stringlen($mask) Then
SetError(4)
Return -4
EndIf
Local $formatedpattern=""
Local $BufferPattern
Local $BufferMask
for $i = 0 to stringlen($mask)-1
$BufferPattern = StringLeft($pattern,2)
$pattern = StringRight($pattern,StringLen($pattern)-2)
$BufferMask = StringLeft($mask,1)
$mask = StringRight($mask,StringLen($mask)-1)
if $BufferMask = "?" then $BufferPattern = ".."
$formatedpattern = $formatedpattern&$BufferPattern
Next
$pattern = $formatedpattern
For $addr = $iv_addrStart To $iv_addrEnd Step $step - (StringLen($pattern) / 2)
StringRegExp(_MemoryRead($addr, $ah_Handle, "byte[" & $step & "]"), $pattern, 1, 2)
If Not @error Then
If $after Then
Return StringFormat("0x%.8X", $addr + ((@extended - 2) / 2))
Else
Return StringFormat("0x%.8X", $addr + ((@extended - StringLen($pattern) - 2) / 2))
EndIf
EndIf
Next
Return -3
EndFunc ;==>_MemoryScanEx
|
|
|
|
11/29/2016, 21:29
|
#2
|
elite*gold: 0
Join Date: Nov 2014
Posts: 741
Received Thanks: 2,648
|
Quote:
Originally Posted by progh0st
Need help, I have no experience with pattern scan at all.
I want to read/write values from pattern scan and have no idea how to do it. Can someone be nice and give me a little help. I searched the forum and still can't get it to work or know what to do.
I have this
Code:
RECOIL
"Paladins.exe"
\x77\x00\x8d\x04\x00\xf6\x84\xc7\xfc\x06\x00\x00 x?xx?xxxxxxx
Code:
Func _MemoryScanEx($ah_Handle, $pattern, $mask , $after = False, $iv_addrStart = 0x00400000, $iv_addrEnd = 0x00FFFFFF, $step = 51200)
If Not IsArray($ah_Handle) Then
SetError(1)
Return -1
EndIf
$pattern = StringRegExpReplace($pattern, "[^0123456789ABCDEFabcdef.]", "")
If StringLen($pattern) = 0 Then
SetError(2)
Return -2
EndIf
If Stringlen($pattern)/2 <> Stringlen($mask) Then
SetError(4)
Return -4
EndIf
Local $formatedpattern=""
Local $BufferPattern
Local $BufferMask
for $i = 0 to stringlen($mask)-1
$BufferPattern = StringLeft($pattern,2)
$pattern = StringRight($pattern,StringLen($pattern)-2)
$BufferMask = StringLeft($mask,1)
$mask = StringRight($mask,StringLen($mask)-1)
if $BufferMask = "?" then $BufferPattern = ".."
$formatedpattern = $formatedpattern&$BufferPattern
Next
$pattern = $formatedpattern
For $addr = $iv_addrStart To $iv_addrEnd Step $step - (StringLen($pattern) / 2)
StringRegExp(_MemoryRead($addr, $ah_Handle, "byte[" & $step & "]"), $pattern, 1, 2)
If Not @error Then
If $after Then
Return StringFormat("0x%.8X", $addr + ((@extended - 2) / 2))
Else
Return StringFormat("0x%.8X", $addr + ((@extended - StringLen($pattern) - 2) / 2))
EndIf
EndIf
Next
Return -3
EndFunc ;==>_MemoryScanEx
|
You need to use  to get a open handle.
Quote:
|
Originally Posted by msdn
Parameters
dwDesiredAccess [in]
The access to the process object. This access right is checked against the security descriptor for the process. This parameter can be one or more of the process access rights.
If the caller has enabled the SeDebugPrivilege privilege, the requested access is granted regardless of the contents of the security descriptor.
bInheritHandle [in]
If this value is TRUE, processes created by this process will inherit the handle. Otherwise, the processes do not inherit this handle.
dwProcessId [in]
The identifier of the local process to be opened.
If the specified process is the System Process (0x00000000), the function fails and the last error code is ERROR_INVALID_PARAMETER. If the specified process is the Idle process or one of the CSRSS processes, this function fails and the last error code is ERROR_ACCESS_DENIED because their access restrictions prevent user-level code from opening them.
If you are using GetCurrentProcessId as an argument to this function, consider using GetCurrentProcess instead of OpenProcess, for improved performance.
Return value
If the function succeeds, the return value is an open handle to the specified process.
If the function fails, the return value is NULL. To get extended error information, call GetLastError.
|
You can call it with DllCall or you can use a libary.
Code:
$hProcess = OpenProcess(...)
$dwAddr = _MemoryScanEx($hProcess, "\x77\x00\x8d\x04\x00\xf6\x84\xc7\xfc\x06\x00\x00", "x?xx?xxxxxxx")
|
|
|
|
All times are GMT +1. The time now is 12:34.
|
|
