Info Posted September 14, 2009 Share Posted September 14, 2009 I'm trying to do something similiar to the Cheat Engine's scanning function. I tried this: #include <NomadMemory.au3> $Process = 'winmine.exe' $MemOpen = _MemoryOpen(ProcessExists($Process)) $value = "1" $add = Hex("0") MsgBox(64,"Info","Searching for '"&$value&"'"&@CRLF&"Starting from address '"&"0x"&$add&"'") Do If _MemoryRead("0x"&$add,$MemOpen) = $value Then TrayTip("0x"&$add&" = "&$value," ",1) TrayTip("clears any tray tip","",0) EndIf $add = Hex(Dec($add)+1) ToolTip("0x"&$add) Until 1+1=3 But it's very slow. Link to comment Share on other sites More sharing options...
Szhlopp Posted September 14, 2009 Share Posted September 14, 2009 I'm trying to do something similiar to the Cheat Engine's scanning function. I tried this: #include <NomadMemory.au3> $Process = 'winmine.exe' $MemOpen = _MemoryOpen(ProcessExists($Process)) $value = "1" $add = Hex("0") MsgBox(64,"Info","Searching for '"&$value&"'"&@CRLF&"Starting from address '"&"0x"&$add&"'") Do If _MemoryRead("0x"&$add,$MemOpen) = $value Then TrayTip("0x"&$add&" = "&$value," ",1) TrayTip("clears any tray tip","",0) EndIf $add = Hex(Dec($add)+1) ToolTip("0x"&$add) Until 1+1=3 But it's very slow. Yeah it is... expandcollapse popup#include <GUIConstants.au3> #Include <GuiListView.au3> #include <NomadMemory.au3> #include <Array.au3> ; $PID = WinGetProcess("InkBall") $OpenMem = _MemoryOpen($PID) ScanMemory($OpenMem, 2) Func _ScanReadableMemory($Handle) Local $StartMemory = Dec("00400000") Local $EndMemory = Dec("7FFFFFFF") Local $Address, $LastAddress, $Progress Local $Buffer = DllStructCreate('dword;dword;dword;dword;dword;dword;dword') Local $BufferScan2 = DllStructCreate('dword;dword;dword;dword;dword;dword;dword') Local $ReturnArray[1][2] $Address = '0x' & Hex($StartMemory) While 1 DllCall($Handle[0], 'int', 'VirtualQueryEx', 'int', $Handle[1], 'int', $Address, 'ptr', DllStructGetPtr($Buffer), 'int', DllStructGetSize($Buffer)) Local $BaseAddress = '0x' & Hex(DllStructGetData($Buffer, 1)); + 0) Local $AllocBase = '0x' & Hex(DllStructGetData($Buffer, 2)) Local $AllocProtect = Hex(DllStructGetData($Buffer, 3)) Local $RegionSize = DllStructGetData($Buffer, 4) Local $State = '0x' & Hex(DllStructGetData($Buffer, 5)) Local $Protect = Hex(DllStructGetData($Buffer, 6)) Local $Type = '0x' & Hex(DllStructGetData($Buffer, 7)) $LastAddress = $Address $Address = '0x' & Hex($BaseAddress + $RegionSize) If $Address = $LastAddress Then ExitLoop EndIf #cs Select Case $AllocProtect = 0x00 $AllocProtect = '' Case $AllocProtect = 0x01 $AllocProtect = 'No Access' Case $AllocProtect = 0x02 $AllocProtect = 'Read' Case $AllocProtect = 0x04 $AllocProtect = 'Read+Write' Case $AllocProtect = 0x08 $AllocProtect = 'Write-Copy' Case $AllocProtect = 0x10 $AllocProtect = 'Execute' Case $AllocProtect = 0x20 $AllocProtect = 'Exe-Read' Case $AllocProtect = 0x40 $AllocProtect = 'Exe-Read+Write' Case $AllocProtect = 0x80 $AllocProtect = 'Exe-Write-Copy' EndSelect Select Case $State = 0x1000 $State = 'Commit' Case $State = 0x2000 $State = 'Reserve' Case $State = 0x10000 $State = 'Free' EndSelect Select Case $Protect = 0x00 $Protect = '' Case $Protect = 0x01 $Protect = 'No Access' Case $Protect = 0x02 $Protect = 'Read' Case $Protect = 0x04 $Protect = 'Read+Write' Case $Protect = 0x08 $Protect = 'Write-Copy' Case $Protect = 0x10 $Protect = 'Execute' Case $Protect = 0x20 $Protect = 'Exe-Read' Case $Protect = 0x40 $Protect = 'Exe-Read+Write' Case $Protect = 0x80 $Protect = 'Exe-Write-Copy' EndSelect Select Case $Type = 0x20000 $Type = 'Private' Case $Type = 0x40000 $Type = 'Mapped' Case $Type = 0x1000000 $Type = 'Image' EndSelect #ce $AddressScan2 = "0x" & Hex(Dec(StringTrimLeft($BaseAddress, 2)) + $RegionSize) DllCall($Handle[0], 'int', 'VirtualQueryEx', 'int', $Handle[1], 'int', $AddressScan2, 'ptr', DllStructGetPtr($BufferScan2), 'int', DllStructGetSize($BufferScan2)) Local $AllocBase2 = '0x' & Hex(DllStructGetData($BufferScan2, 2)) Local $AllocProtect2 = Hex(DllStructGetData($BufferScan2, 3)) Local $State2 = '0x' & Hex(DllStructGetData($BufferScan2, 5)) Local $Protect2 = Hex(DllStructGetData($BufferScan2, 6)) ;First set If $AllocBase <> 0x0 And $State = 0x1000 And $RegionSize > 282624 Then If $AllocProtect <> 0 And $AllocProtect <> 0x1 Then If $Protect <> 0 And $Protect <> 0x1 Then ReDim $ReturnArray[UBound($ReturnArray) + 1][2] $ReturnArray[UBound($ReturnArray) - 1][0] = $BaseAddress $ReturnArray[UBound($ReturnArray) - 1][1] = Hex($RegionSize) EndIf EndIf EndIf If $BaseAddress < 0 Then $BaseAddress = 2147483648 + ($BaseAddress) + 2147483648 EndIf If ($BaseAddress + $RegionSize) >= $EndMemory Then ExitLoop EndIf WEnd Return $ReturnArray EndFunc Func ScanMemory($aOpenMemory, $vValue, $sType = 'dword') Local $ReturnAddressList[1][2] ; Get the scannable memory $aRet = _ScanReadableMemory($OpenMem) _ArrayDisplay($aRet) For $I = 1 To UBound($aRet) - 1 $StartMem = Dec(StringTrimLeft($aRet[$I][0], 2)) $EndMemory = $StartMem + Dec($aRet[$I][1]) $CurrentAddress = $StartMem ;MsgBox(0, "", Hex($StartMem) & "/" & Hex($EndMemory)) While $CurrentAddress <> $EndMemory If _MemoryRead("0x" & Hex($CurrentAddress), $aOpenMemory, $sType) = $vValue Then ReDim $ReturnAddressList[UBound($ReturnAddressList) + 1][2] $ReturnAddressList[UBound($ReturnAddressList) - 1][0] = "0x" & Hex($CurrentAddress) $ReturnAddressList[UBound($ReturnAddressList) - 1][0] = $vValue EndIf $CurrentAddress += 1 TrayTip("Address", "0x" & Hex($CurrentAddress), 15) WEnd _ArrayDisplay($ReturnAddressList) Next EndFunc This is still slow. But miles faster than what you have now. The problem is, AU3 isn't made to be the fastest programming language on the planet. RegEx/RegExRep Tester!Nerd Olympics - Community App!Login UDFMemory UDF - "Game.exe+753EC" - CE pointer to AU3Password Manager W/ SourceDataFiler - Include files in your au3!--- Was I helpful? Click the little green '+' Link to comment Share on other sites More sharing options...
Info Posted September 15, 2009 Author Share Posted September 15, 2009 There must be some other way... Link to comment Share on other sites More sharing options...
jvanegmond Posted September 15, 2009 Share Posted September 15, 2009 If AutoIt is too slow, the general answer is to write it in another language. Memory searching seems like typically one of those things. You can write a DLL or a AutoIt plugin in C++. github.com/jvanegmond Link to comment Share on other sites More sharing options...
Info Posted September 15, 2009 Author Share Posted September 15, 2009 Thanks Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now