Read/Write Byte -- Accessing A Program's Memory

Outshynd · May 2, 2005

UPDATE: 11:15 PM PST 05/02/05 -- Added ability to write/read to/from two and four bytes as well as the original one byte.

Okay, I've been lurking around for a little while, though I've never bothered to register, for whatever reason. AutoIt is my favorite macroing utility for games and such but the one thing it was missing, in my opinion, was a way to access with a game's memory.

I know that Jon made a *.dll file for this in a thread in the Dev forum, but I wanted to try my hand at creating my first *.dll, ever, anyway. I've never worked with C++ before this, so, please, go easy

Anyway, attached is my *.dll file along with the source. Also, you will find an example AutoIt script that outlines the functions. It's pretty basic. Any suggestions, comments, or questions are very welcome.

Link: The C++ DLL Source

Link: The AutoIt3 example script

Link: The AutoIt3 #include

(NoMorePasting.com used for those of you who do not want to download the attachment to view the source/example but also for those of you who dislike scrolling past a lot of code tags)

Functions

_WriteByte($EXEName, $Address, $ByteToWrite) Writes $ByteToWrite (ex.: 0xFF or 255) to process $EXEName (ex.: "calc.exe") at $Address (ex.: 0x2001E)

_WriteTwoBytes($EXEName, $Address, $ValToWrite) Writes $ValToWrite (ex.: 0xFFFF or 65535) to process $EXEName (ex.: "calc.exe") at $Address (ex.:0x2001E)

_WriteFourBytes($EXEName, $Address, $ValToWrite) Writes $ValToWrite (ex.: 0xFFFFFFFF or 4294967295) to process $EXEName (ex.: "calc.exe") at $Address (ex.:0x2001E)

_ReadByte($EXEName, $Address) Returns value at $Address (ex.: 0x2001E) in process $EXEName (ex.: "calc.exe")

_ReadTwoBytes($EXEName, $Address) Returns value at $Address (ex.: 0x2001E) in process $EXEName (ex.: "calc.exe")

_ReadFourBytes($EXEName, $Address) Returns value at $Address (ex.: 0x2001E) in process $EXEName (ex.: "calc.exe")

(Append the above to your SCiTE\api\au3.api file to enable Auto-Complete and ToolTips, if you use SCiTE)

-Outshynd

AU3ReadWriteMemory.zip

Edited May 2, 2005 by Outshynd

w0uter · May 2, 2005

how about making 1 function that both accepts titles and pid's

other then that nice work.

now all i need is a hex edit function

Outshynd · May 2, 2005

how about making 1 function that both accepts titles and pid's
other then that nice work.
now all i need is a hex edit function
<{POST_SNAPBACK}>

The idea for making two distinct functions -- one that hindged off of the *.exe name and one that found the window via the window title -- was simply because there are times when multiple windows need be manipulated. I was using AutoIt's ability to change window titles for game windows as I was opening them in order to differentiate between two different processes with the same default window title and same *.exe name, which is where ReadByteA and WriteByteA came from. Ordinarily, having AutoIt get the PID is far easier and, for the most part, faster. I suppose I can merge the four functions into two, though.

Outshynd · May 2, 2005

Updated.

Took out the ability to find via WindowTitle, though I left the functions commented-out in both the *.au3 and *.dll for the reference of those who may find them useful. Letting AutoIt figure out the ProcessID and feed it to the *.dll is just easier, in my opinion, and doesn't require a DllCall if the required process isn't open.

Added function names and explanations to original post.

Test.au3 writes and reads from an address in "calc.exe" and displays information in a ToolTip. Pretty basic example script.

-Outshynd

Outshynd · May 9, 2005

$varPointer = _ReadFourBytes("game.exe", 0xFFFFFFFF)
$Address = $varPointer + 0x1A8;offset goes here
if _WriteFourBytes("game.exe", $Address, 2328392) = 1 then
    MsgBox(32, "Success!", "Congratulations, you've defeated DMA!")
else
    MsgBox(16, "Error!", "I regret to inform you...")
endif

Where 0xFFFFFFFF is the pointer address and 0x1A8 is the offset. Tutorials for finding those are all over the place, if the terms pointer and offset are alien to you . Good Luck.

Ejoc · May 9, 2005

Nice job, but here are my 2 cents.

I don't like _ReadXBytes("calc.exe",0) returning -1, I think all the functions should set @Error if there are problems, since -1 is a valid value that could be returned. Basicly how do I know when -1 or even -2 are values or errors.

When I was working on DLLStruct functions using a DLL, I just used 1 read and 1 write function in the DLL and passed it a parameter telling it how many bytes it should read/write.

gamerman2360 · May 10, 2005

Me and working with memory go together like rocket fuel and orange juice, I don't know much. So I'm wondering if this can do things like get source info or text from web pages or something.

w0uter · May 10, 2005

you could also make it accept window titles

this sets @error to 1 on fail to call and to 2 if the window/pid does not exist

Func _ReadByte($s_Name, $v_Address)
    
    Local $v_Ret, $p_PID2, $p_PID1
    
    $p_PID1 = ProcessExists($s_Name)
    If $p_PID1 <> 0 Then
        $v_Ret = DllCall("AU3ReadWriteMemory.dll", "int", "ReadByte", "long", $p_PID1, "long", $v_Address)
        
        If Not @error Then
            Return $v_Ret[0]
        Else
            SetError(1)
            Return 0
        EndIf
    EndIf
    
    $p_PID2 = WinGetProcess($s_Name)
    If $p_PID2 <> - 1 Then
        $v_Ret = DllCall("AU3ReadWriteMemory.dll", "int", "ReadByte", "long", $p_PID2, "long", $v_Address)
        
        If Not @error Then
            Return $v_Ret[0]
        Else
            SetError(1)
            Return 0
        EndIf
    EndIf
    
    SetError(2)
    Return 0
    
EndFunc  ;==>_ReadByte

Edited May 10, 2005 by w0uter

Knight · June 18, 2005

People keep asking for this and can't seem to find it. This function should be added to an official release because it greatly improves autoit when it comes to making bots and trainers for games.

-K

JSThePatriot · June 18, 2005

If anyone wants to see this added into a release as a UDF... you must put it in the format that is required. You can find all of the information needed at... Standard UDF Library

I hope that helps a bit. I havent tried to mess with the functions, but I have definitely seen the need for this.

JS

layer · June 18, 2005

Sorry to bring this topic back up, but would it be right/ok to add these or functions like these into AutoIt so no need for external Dlls is needed? Or has this been discussed already?

Thanks

FuryCell · June 18, 2005

Sorry to bring this topic back up, but would it be right/ok to add these or functions like these into AutoIt so no need for external Dlls is needed? Or has this been discussed already?
Thanks
<{POST_SNAPBACK}>

I think Jon has discussed it in this topic:

http://www.autoitscript.com/forum/index.php?showtopic=6302

w0uter · June 20, 2005

i made this udf to read memory using native au3 commands.

http://www.autoitscript.com/forum/index.php?showtopic=12651

Read/Write Byte -- Accessing A Program's Memory

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Recently Browsing 0 members