maestro Posted August 11, 2010 Posted August 11, 2010 Hi, I've run into a snag with an application I'm working on.I need to be able to change the value of an (4 byte) address of a process.Now finding the address on cheat engine isn't a problem, and it IS a static address, So each time I run cheat engine it finds it each time no problem. What I've realized is the address (although static) seems to change each time.After further investigating the cause I came across this: "client.dll+4C38A8" which is how cheat engine is able to change the address each time when the application is opened.So my question is, is it possible to replicate how cheat engine finds the "new" static address using AutoIT.I'm using nomadmemory.au3 to get the information from the process.Thanks,Ilmaestro. Hello, World!... LAME lol
maestro Posted August 11, 2010 Author Posted August 11, 2010 So far, I've been trying stuff such as: $dll = DllOpen("client.dll") $result = DllCall($dll, "int", "DWORD") MsgBox(0,"",$result) DllClose($dll) or other stuff like $clientDLL = _MemoryOpen(ProcessExists ( "client.dll" )); ;obviously this didn't work, was just experimenting. Anyways, if anyone knows of another way that would actually work, that would be awesome. Thanks, Ilmaestro Hello, World!... LAME lol
AdmiralAlkex Posted August 12, 2010 Posted August 12, 2010 THIS thread by Szhlopp seem to do what you want. .Some of my scripts: ShiftER, Codec-Control, Resolution switcher for HTC ShiftSome of my UDFs: SDL UDF, SetDefaultDllDirectories, Converting GDI+ Bitmap/Image to SDL Surface
maestro Posted August 12, 2010 Author Posted August 12, 2010 Thank you for the reply, I've taken a look at it, and it seems that it doesn't work on a dll, just the exe. Unless my syntax is just wrong. If anyone knows how to convert the suggestion on the link in the previous post to work with a dll, please let me know. Thanks, Ilmaestro Hello, World!... LAME lol
maestro Posted August 12, 2010 Author Posted August 12, 2010 This is what I tried: $ID=_MemoryOpen(ProcessExists("application.exe")) $iPID = WinGetProcess("client") $sModule = "client.dll" MsgBox(0,"",$iPID) $iOffset = 0x004C38A8 $baseADDR = _MemoryModuleGetBaseAddress($iPID, $sModule) + $iOffset MsgBox(0,"",$baseADDR) ;_MemoryWrite($BaseADDR, $ID, 550) ;_MemoryClose($iPID) using the suggestion on the 2nd page of the link, however, no luck. Does anyone have any other ideas? Thanks, Ilmaestro Hello, World!... LAME lol
maestro Posted August 12, 2010 Author Posted August 12, 2010 I've been looking all night, and nothing I've found seems to work, is it even possible in AutoIT, or am i wasting me time, also if anyone has a C++ alternative they could post, I'm just starting to lean C++, so that could be useful as well. Thanks, Ilmaestro Hello, World!... LAME lol
maestro Posted August 12, 2010 Author Posted August 12, 2010 After reading some more I found how to find the hex value of the dll, for anyone else who is trying to do the same thing, if using cheat engine you have to click view memory, then click view, then click on Enumerate DLL's. then scroll down and find the one your looking for. Now my question still stands, is it possible to find the enumerated value of a dll being used by a specific Process. I can get it to add the Hex dll value and the offset together no problem. So basically I need a way to: 1. Find the dll loaded into a specific exe. 2. Find the hex for the specified dll. 3. Be able to export it into a variable. If anyone knows if this for a fact possible, please let me know so I can give up on my search. Thanks, Ilmaestro. Hello, World!... LAME lol
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now