How calculate "Name.exe"+008DB678

[edmer]

Hi again :3 !! ajaja...
now i have other Question :s Searching value to my boy i find this statict adrres in cheat engine "Name"+008DB678 > 0D7D21B0 but.. how calculate this in autoit ??

And other question ...
how go to this all offset using same autoit and NomadMemory
pliss and ty :3

[elmarcia]

Code:

$processName = "Tutorial-i386.exe"
$PID = ProcessExists($processName)
;Base address of Tutorial-i386.exe
$ModuleBaseAddress = _MemoryModuleGetBaseAddress($PID,$processName)
MsgBox(0,"Base address",$ModuleBaseAddress)
$SomeAdress = $ModuleBaseAddress + 0x008DB678

;parameters pid of process
;module name (ex user32.dll)
;From NomadMemory.au3 ->
	Func _MemoryModuleGetBaseAddress($iPID, $sModule)
	If Not ProcessExists($iPID) Then Return SetError(1, 0, 0)
	If Not IsString($sModule) Then Return SetError(2, 0, 0)
	Local   $PSAPI = DllOpen("psapi.dll")
	;Get Process Handle

	Local   $hProcess
	Local   $PERMISSION = BitOR(0x0002, 0x0400, 0x0008, 0x0010, 0x0020) ; CREATE_THREAD, QUERY_INFORMATION, VM_OPERATION, VM_READ, VM_WRITE
	If $iPID > 0 Then
		Local $hProcess = DllCall("kernel32.dll", "ptr", "OpenProcess", "dword", $PERMISSION, "int", 0, "dword", $iPID)
		If $hProcess[0] Then
			$hProcess = $hProcess[0]
		EndIf
	EndIf
	;EnumProcessModules
	Local   $Modules = DllStructCreate("ptr[1024]")
	Local   $aCall = DllCall($PSAPI, "int", "EnumProcessModules", "ptr", $hProcess, "ptr", DllStructGetPtr($Modules), "dword", DllStructGetSize($Modules), "dword*", 0)
	If $aCall[4] > 0 Then
		Local   $iModnum = $aCall[4] / 4
		Local   $aTemp
		For $i = 1 To $iModnum
			$aTemp =  DllCall($PSAPI, "dword", "GetModuleBaseNameW", "ptr", $hProcess, "ptr", Ptr(DllStructGetData($Modules, 1, $i)), "wstr", "", "dword", 260)
			If $aTemp[3] = $sModule Then
				DllClose($PSAPI)
				Return Ptr(DllStructGetData($Modules, 1, $i))
			EndIf
		Next
	EndIf
	DllClose($PSAPI)
	Return SetError(-1, 0, 0)
EndFunc

[edmer]

Bro .. ty .. But .. :/
$ModuleBaseAddress in test give me 0x00400000 and in cheat engine is.. 000004D0
image here :3 !! pliss :c

[florian0]

4D0 is the process id ... not the module base

You can check the actual module base in "Memory View"

[edmer]

and for i calculate this "Name"+008DB678 > 0D7D21B0 whats need?
this

here change and now is 1E8D5E58 how calculate jaja
no is easy

now this
using the code of elmarcia this give this and cheat engine say this other?? :s

[florian0]

You need the module base. Thats what Cheat Engine means by the "Name".

[edmer]

ok and is calculate using the code of elmarcia .. But .. same not give the result whats i need ... in this picture the result of Module base + adrres = 1E6B8B38
But the code give 0x00CDB678 :/

[florian0]

Because you got a little wrong in understanding what CheatEngine shows in the Dialog.

Code:

Game.exe+008DB678

Will result in "0xCDB678", which is an address. It points to a memory region. And the value it points to is the number CheatEngine shows in the Dialog ("-> 0xVALUE"). In order to resolve your chain of pointers, you need to read the value behind the address from the memory, then add another offset to it and read again. Repeat that until your pointer-chain is complete.

[edmer]

All is pretty :3 ty for all !!