hot202 Posted August 12, 2009 Share Posted August 12, 2009 hey can some 1 help me? shouldnt this work? but it dont can some 1 tell me what i have done wrong? Engine.exe is the process name Address is 08FE965C and its a static with cshell.dll+48965C expandcollapse popup#include <NomadMemory.au3> #include <GUIConstants.au3> #include <GUIListBox.au3> #include <Misc.au3> #include <Array.au3> HotKeySet("{F2}","poke") Func poke() $ID=_MemoryOpen(ProcessExists("Engine.exe")) $iPID = WinGetProcess("cshell") $sModule = "cshell.dll" $iOffset = 0x48965C $baseADDR = _MemoryModuleGetBaseAddress($iPID, $sModule) + $iOffset _MemoryWrite($BaseADDR, $ID, 550) _MemoryClose($iPID) EndFunc While 1 sleep(1000) WEnd Func _MemoryModuleGetBaseAddress($iPID, $sModule) If Not ProcessExists($iPID) Then Return SetError(1, 0, 0) If Not IsString($sModule) Then Return SetError(2, 0, 0) Local $PSAPI = DllOpen("psapi.dll") ;Get Process Handle Local $hProcess Local $PERMISSION = BitOR(0x0002, 0x0400, 0x0008, 0x0010, 0x0020) ; CREATE_THREAD, QUERY_INFORMATION, VM_OPERATION, VM_READ, VM_WRITE If $iPID > 0 Then Local $hProcess = DllCall("kernel32.dll", "ptr", "OpenProcess", "dword", $PERMISSION, "int", 0, "dword", $iPID) If $hProcess[0] Then $hProcess = $hProcess[0] EndIf EndIf ;EnumProcessModules Local $Modules = DllStructCreate("ptr[1024]") Local $aCall = DllCall($PSAPI, "int", "EnumProcessModules", "ptr", $hProcess, "ptr", DllStructGetPtr($Modules), "dword", DllStructGetSize($Modules), "dword*", 0) If $aCall[4] > 0 Then Local $iModnum = $aCall[4] / 4 Local $aTemp For $i = 1 To $iModnum $aTemp = DllCall($PSAPI, "dword", "GetModuleBaseNameW", "ptr", $hProcess, "ptr", Ptr(DllStructGetData($Modules, 1, $i)), "wstr", "", "dword", 260) If $aTemp[3] = $sModule Then DllClose($PSAPI) Return Ptr(DllStructGetData($Modules, 1, $i)) EndIf Next EndIf DllClose($PSAPI) Return SetError(-1, 0, 0) EndFunc Link to comment Share on other sites More sharing options...
hot202 Posted August 13, 2009 Author Share Posted August 13, 2009 (edited) please any1 any help will help me. Edited August 13, 2009 by hot202 Link to comment Share on other sites More sharing options...
wolf9228 Posted August 13, 2009 Share Posted August 13, 2009 (edited) hey can some 1 help me? shouldnt this work? but it dont can some 1 tell me what i have done wrong? Engine.exe is the process name Address is 08FE965C and its a static with cshell.dll+48965C expandcollapse popup#include <NomadMemory.au3> #include <GUIConstants.au3> #include <GUIListBox.au3> #include <Misc.au3> #include <Array.au3> HotKeySet("{F2}","poke") Func poke() $ID=_MemoryOpen(ProcessExists("Engine.exe")) $iPID = WinGetProcess("cshell") $sModule = "cshell.dll" $iOffset = 0x48965C $baseADDR = _MemoryModuleGetBaseAddress($iPID, $sModule) + $iOffset _MemoryWrite($BaseADDR, $ID, 550) _MemoryClose($iPID) EndFunc While 1 sleep(1000) WEnd Func _MemoryModuleGetBaseAddress($iPID, $sModule) If Not ProcessExists($iPID) Then Return SetError(1, 0, 0) If Not IsString($sModule) Then Return SetError(2, 0, 0) Local $PSAPI = DllOpen("psapi.dll") ;Get Process Handle Local $hProcess Local $PERMISSION = BitOR(0x0002, 0x0400, 0x0008, 0x0010, 0x0020) ; CREATE_THREAD, QUERY_INFORMATION, VM_OPERATION, VM_READ, VM_WRITE If $iPID > 0 Then Local $hProcess = DllCall("kernel32.dll", "ptr", "OpenProcess", "dword", $PERMISSION, "int", 0, "dword", $iPID) If $hProcess[0] Then $hProcess = $hProcess[0] EndIf EndIf ;EnumProcessModules Local $Modules = DllStructCreate("ptr[1024]") Local $aCall = DllCall($PSAPI, "int", "EnumProcessModules", "ptr", $hProcess, "ptr", DllStructGetPtr($Modules), "dword", DllStructGetSize($Modules), "dword*", 0) If $aCall[4] > 0 Then Local $iModnum = $aCall[4] / 4 Local $aTemp For $i = 1 To $iModnum $aTemp = DllCall($PSAPI, "dword", "GetModuleBaseNameW", "ptr", $hProcess, "ptr", Ptr(DllStructGetData($Modules, 1, $i)), "wstr", "", "dword", 260) If $aTemp[3] = $sModule Then DllClose($PSAPI) Return Ptr(DllStructGetData($Modules, 1, $i)) EndIf Next EndIf DllClose($PSAPI) Return SetError(-1, 0, 0) EndFunc expandcollapse popup#Include <Array.au3> $array = ProcessList("IEXPLORE.exe") $all_modules = all_modules_process($array[1][1]) _ArrayDisplay($all_modules,"") Func all_modules_process($processID ) Local $PERMISSION = BitOR(0x0002, 0x0400, 0x0008, 0x0010, 0x0020) Local $MAX_PATH = 260 , $Arrayresult[1][3] , $FileNameEx ,$hModsElement,$lpBaseName $Arrayresult[0][0] = 0 $hProcess = WINAPI_OpenProcess($PERMISSION,0,$processID) $hMods = DllStructCreate("hwnd[1024]") WINAPI_EnumProcessModules($hProcess,DllStructGetPtr($hMods),DllStructGetSize($hMods)) $i = 0 While 1 $i +=1 $hModsElement = DllStructGetData($hMods,1,$i) if $hModsElement <> 0 Then $FileNameEx = WINAPI_GetModuleFileNameEx($hProcess,$hModsElement,$MAX_PATH) $lpBaseName = WINAPI_GetModuleBaseName($hProcess,$hModsElement,$MAX_PATH) ReDim $Arrayresult[$Arrayresult[0][0] + 2][3] $Arrayresult[$Arrayresult[0][0] + 1][0] = $hModsElement $Arrayresult[$Arrayresult[0][0] + 1][1] = $lpBaseName $Arrayresult[$Arrayresult[0][0] + 1][2] = $FileNameEx $Arrayresult[0][0] +=1 Else ExitLoop EndIf WEnd Return $Arrayresult EndFunc Func WINAPI_OpenProcess( _ $dwDesiredAccess, _ $bInheritHandle, _ $dwProcessId) $HANDLE = DllCall("Kernel32.dll","hwnd","OpenProcess","long",$dwDesiredAccess,"int",$bInheritHandle _ ,"int",$dwProcessId) Return $HANDLE[0] EndFunc Func WINAPI_EnumProcessModules( _ $hProcess, _ $lphModule, _ $cb) $BOOL = DllCall("Psapi.dll","int","EnumProcessModules","hwnd",$hProcess,"ptr",$lphModule,"long" _ ,$cb,"int*",0) Return $BOOL[4] EndFunc Func WINAPI_GetModuleFileNameEx( _ $hProcess, _ $hModule, _ $nSize) $Strlength = DllCall("Psapi.dll","long","GetModuleFileNameEx","hwnd",$hProcess,"ptr",$hModule,"str" _ ,0,"int",$nSize) Return $Strlength[3] EndFunc Func WINAPI_GetModuleBaseName( _ $hProcess, _ $hModule, _ $nSize) $Strlength = DllCall("Psapi.dll","long","GetModuleBaseName","hwnd",$hProcess,"ptr",$hModule,"str" _ ,0,"int",$nSize) Return $Strlength[3] EndFunc Edited August 14, 2009 by wolf9228 ØµØ±Ø Ø§Ù„Ø³Ù…Ø§Ø¡ كان هنا  Link to comment Share on other sites More sharing options...
hot202 Posted August 14, 2009 Author Share Posted August 14, 2009 I dont understand that it dont have +Offset in it how do i add my address to it? Link to comment Share on other sites More sharing options...
wolf9228 Posted August 14, 2009 Share Posted August 14, 2009 (edited) I dont understand that it dont have +Offset in it how do i add my address to it?Address is 08FE965CWhat do you mean by this Address Edited August 14, 2009 by wolf9228 ØµØ±Ø Ø§Ù„Ø³Ù…Ø§Ø¡ كان هنا  Link to comment Share on other sites More sharing options...
hot202 Posted August 14, 2009 Author Share Posted August 14, 2009 well in cheat engine i find the static address witch is 08FE965C but it also uses cshell.dll+48965c the process name i search is Engine.exe Link to comment Share on other sites More sharing options...
Szhlopp Posted August 14, 2009 Share Posted August 14, 2009 well in cheat engine i find the static address witch is 08FE965C but it also uses cshell.dll+48965c the process name i search is Engine.exe Here: expandcollapse popup#include <NomadMemory.au3> #include <GUIConstants.au3> #include <GUIListBox.au3> #include <Misc.au3> #include <Array.au3> ; HotKeySet("{F2}","poke") Func poke() ; PID $pid = ProcessExists("Engine.exe") ; Open memory $OpenMemory =_MemoryOpen($pid) ; Cshell.dll+ $StaticOffset = Dec("0x48965C") ; Get the Cshell baseaddress $baseADDR = _MemoryModuleGetBaseAddress($pid, "cshell.dll") ; Convert it to something autoit can use $finalADDR = "0x" & Hex($baseADDR + $StaticOffset) ; Write and close _MemoryWrite($finalADDR, $OpenMemory, 550) _MemoryClose($OpenMemory) EndFunc While 1 sleep(1000) WEnd Func _MemoryModuleGetBaseAddress($iPID, $sModule) If Not ProcessExists($iPID) Then Return SetError(1, 0, 0) If Not IsString($sModule) Then Return SetError(2, 0, 0) Local $PSAPI = DllOpen("psapi.dll") ;Get Process Handle Local $hProcess Local $PERMISSION = BitOR(0x0002, 0x0400, 0x0008, 0x0010, 0x0020) ; CREATE_THREAD, QUERY_INFORMATION, VM_OPERATION, VM_READ, VM_WRITE If $iPID > 0 Then Local $hProcess = DllCall("kernel32.dll", "ptr", "OpenProcess", "dword", $PERMISSION, "int", 0, "dword", $iPID) If $hProcess[0] Then $hProcess = $hProcess[0] EndIf EndIf ;EnumProcessModules Local $Modules = DllStructCreate("ptr[1024]") Local $aCall = DllCall($PSAPI, "int", "EnumProcessModules", "ptr", $hProcess, "ptr", DllStructGetPtr($Modules), "dword", DllStructGetSize($Modules), "dword*", 0) If $aCall[4] > 0 Then Local $iModnum = $aCall[4] / 4 Local $aTemp For $i = 1 To $iModnum $aTemp = DllCall($PSAPI, "dword", "GetModuleBaseNameW", "ptr", $hProcess, "ptr", Ptr(DllStructGetData($Modules, 1, $i)), "wstr", "", "dword", 260) If $aTemp[3] = $sModule Then DllClose($PSAPI) Return Ptr(DllStructGetData($Modules, 1, $i)) EndIf Next EndIf DllClose($PSAPI) Return SetError(-1, 0, 0) EndFunc I highly suggest you look through some of the memory posts I've made(In signature) to get a better understanding of how this all works >_< RegEx/RegExRep Tester!Nerd Olympics - Community App!Login UDFMemory UDF - "Game.exe+753EC" - CE pointer to AU3Password Manager W/ SourceDataFiler - Include files in your au3!--- Was I helpful? Click the little green '+' Link to comment Share on other sites More sharing options...
hot202 Posted August 15, 2009 Author Share Posted August 15, 2009 that dosnt seem to work >_ Link to comment Share on other sites More sharing options...
hounder Posted August 16, 2009 Share Posted August 16, 2009 yea it doesnt. ive read most of Szhlopp's posts about memory in autoit, but nothing is helping me with the dll issue. _MemoryModuleGetBaseAddress doesnt seem to work for this issue, nor _MemoryModuleGetBaseAddress. Link to comment Share on other sites More sharing options...
hot202 Posted August 18, 2009 Author Share Posted August 18, 2009 bump Link to comment Share on other sites More sharing options...
demandnothing Posted September 28, 2009 Share Posted September 28, 2009 LMAO Combat Arms is a bitch like that.. try _WinApiHook UDF in the example scripts "Windows Hooking Inject Dll" at the time of this post it is on Page 2. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now