Sign in to follow this  
Followers 0
maestro

pointers and memory

34 posts in this topic

Okay, so First off I'm building a "tool tip" sort of thing that runs off memory values letting you know when certain values are present.

Now I know some one will post a response saying "search the forums", or something to that extent, so before I begin, I have searched and I have found some people asking similar questions, but I'm having trouble understanding how some of these suggestions are put together.

I have used cheat engine and found a "base address" and the offsets that are needed to find the value every time.

However I'm still confused to the fact as how to put them together in Auto-It.

The first problem I'm running into is the "base" address looks something like this: ApplicationName.exe+8DigitHexAddress

I'm not sure how I would get that into Auto-It.

The next problem is there are 5 offsets to reach the final address, and I haven't been able to understand exactly what order and how to place these in a script.

At the Moment I am using Nomadmemory.au3, Although I am going to run into a problem with that as well.

Some of the pointers and offsets I am using are 'floats' and some are '4 Byte'. I have gotten nomad to work with these, but not in the same script, only in separate programs. What I did to get it to work on Floats was actually to change nomad so it read from 'Float' rather then 'dword'(as another forum suggested).

So if there are any suggestions on how to overcome that problem as well, I would love to hear.

Thanks,

Ilmaestro.


Hello, World!... LAME lol

Share this post


Link to post
Share on other sites



I have been trying things along this line:

Global $Offset1[5]
$Offset1[0] = Dec("Hex")
$Offset1[1] = Dec("Hex")
$Offset1[2] = Dec("Hex")
$Offset1[3] = Dec("Hex")
$Offset1[4] = Dec("Hex")

$StaticOffset = Dec("00941318")

$r=_MemoryPointerRead('App.exe+0034532',$ID,$Offset1[4])
MsgBox(0,"",$r)

With no luck so far.

It's supposed to return the value 157 but instead is returning 0.

If there is infarct a way to get this to work, i would be more then grateful.

Thanks,

Ilmaestro.


Hello, World!... LAME lol

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

im not suppose to help you if you are trying to make a bot..

since your saying its a tooltip then

i suppose your code is already correct, but i think you have the wrong offsets & static address.. GOOGLE the correct way of getting this stuff..

#include <NomadMemory.au3>

$ID = ProcessExists("app.exe")
Global $Offset[6] = [0, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF] ; your multilevel offsets -- enter hex here
$StaticOffset = 0xFFFFF ;your static offset or green address

$openmem = _MemoryOpen($ID)
$baseADDR = _MemoryGetBaseAddress($openmem, 1)
$finalADDR = "0x" & Hex($baseADDR + $StaticOffset)

$r = _MemoryPointerRead($finalADDR, $openmem, $Offset)
_MemoryClose($openmem)

;Test if value is correct
MsgBox(0, "Info", $r[1])
Edited by majidemo

Share this post


Link to post
Share on other sites

Hi and thanks for the reply.

It looks promising, how ever I still need to find out how to put the base address in. rather then just being some hex number it looks a little something like this.

app.exe+hex-number

Any ideas?

Thanks,

Ilmaestro.


Hello, World!... LAME lol

Share this post


Link to post
Share on other sites

So its coming out with an error saying function _MemoryGetBaseAddress doesn't exist.

Now my question is, where can I get this function from, the version of Nomad that i have doesn't seem to have that Func in it.

Thanks,

Ilmaestro


Hello, World!... LAME lol

Share this post


Link to post
Share on other sites

#6 ·  Posted (edited)

so I managed to find the function on another page "http://www.autoitscript.com/forum/index.php?showtopic=78834",

And there was an example there using notepad on how to get the app.exe+offset thing to work, however I tried following the "Tutorial" sort of thing.

further down the page, but is seemed not to work ether.

Any help in this matter would be much appreciated, and to Majidemo, thanks for the help, and to restate, No I'm Not making a Bot/Hack, simply a tool-tip to let me know when certain conditions are met.(If I get it working, it will be to monitor sound loudness on voice chat to automatically kick people who are spamming, or really loud. basically automating chat admin so I don't need to be listening all the time.) So yes it will automate online control but not of any game.

Thanks,

Ilmaestro.

Edited by maestro

Hello, World!... LAME lol

Share this post


Link to post
Share on other sites

Please avoid triple posting ;)

Anyways "app.exe+hex-number" dont worry about that because

this one gets that for you

$baseADDR = _MemoryGetBaseAddress($openmem, 1)

and this one does that for you..

$finalADDR = "0x" & Hex($baseADDR + $StaticOffset)

so the code above is already correct, and does work.

all you need is enter the correct,

$ID = ProcessExists("app.exe") ;the name of your .exe ofcourse
Global $Offset[6] = [0, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF] ; use HEX here, leave the 1st zero as is.
$StaticOffset = 0xFFFFF ;this is the last or bottom address on your multilvl pointers on CE!

i believe you were using this -> http://www.autoitscript.com/forum/index.php?showtopic=99631

to get this code, right? if you are not.. trying following that one..

Global $Offset1[5]
$Offset1[0] = Dec("0")
$Offset1[1] = Dec("04")
$Offset1[2] = Dec("03")
$Offset1[3] = Dec("02")
$Offset1[4] = Dec("01")

$StaticOffset = Dec("00941318")

$r=_MemoryPointerRead('App.exe+0034532',$ID,$Offset1[4])
MsgBox(0,"",$r)

when you convert it to the code i gave you it will look like this

#include <NomadMemory.au3>

$ID = ProcessExists("app.exe")
Global $Offset[5] = [0, 0x04, 0x03, 0x02, 0x01] ; your multilevel offsets -- enter hex here
$StaticOffset = 0x941318 ;your static offset or green address

$openmem = _MemoryOpen($ID)
$baseADDR = _MemoryGetBaseAddress($openmem, 1)
$finalADDR = "0x" & Hex($baseADDR + $StaticOffset) ;this gives you "app.exe+941318"

$r = _MemoryPointerRead($finalADDR, $openmem, $Offset) ;this gives you the final address to read from
_MemoryClose($openmem)

;Test if value is correct
MsgBox(0, "Info", $r[1]) ;or try the other one w/o [1]
MsgBox(0, "Info", $r) ;check w/c one gives you the correct value

so if this still doesnt work for you, then its your pointers fault :)

try googling "Cheat Engine Multilevel Pointer Tutorial" on youtube..

Share this post


Link to post
Share on other sites

#8 ·  Posted (edited)

Hi again, thanks for the reply, I have attempted to convert it for my needs, there are no error messages so that's a good sign, however the first msgbox that pops up gives me the value of 0, the next one doesn't have any info in it at all.

I have rechecked the pointers and everything and there all right now I'm wondering, maybe the nomadmemory I am currently using is old or just not working for whatever reason, I have tried to find the most up to date one with the functions I need, however I'm not sure how to tell which one is up to date and will work for what I am doing.

Or maybe its just how I am putting the pointers in, perhaps its wrong.

Posted Image

(this is the first time I have tried putting an image into here so hopefully everyone will be able to see it.)

This is basically what im looking at as far as the pointer table, could you show me how to put this info into it, im guessing if it isnt my nomad being out of date this is the only other thing it could be.

Oh and sorry for triple posting, it was unintentional.

Thanks,

Ilmaestro.

Edited by maestro

Hello, World!... LAME lol

Share this post


Link to post
Share on other sites

please post your current complete code.. thanks

Share this post


Link to post
Share on other sites

#10 ·  Posted (edited)

Ok, here are the Current Functions I am using(not sure if there updated) From nomadmemory.au3(cut off the green part of them so it would take up less space a while back):

Func _MemoryOpen($iv_Pid, $iv_DesiredAccess = 0x1F0FFF, $iv_InheritHandle = 1)
    
    If Not ProcessExists($iv_Pid) Then
        SetError(1)
        Return 0
    EndIf
    
    Local $ah_Handle[2] = [DllOpen('kernel32.dll')]
    
    If @Error Then
        SetError(2)
        Return 0
    EndIf
    
    Local $av_OpenProcess = DllCall($ah_Handle[0], 'int', 'OpenProcess', 'int', $iv_DesiredAccess, 'int', $iv_InheritHandle, 'int', $iv_Pid)
    
    If @Error Then
        DllClose($ah_Handle[0])
        SetError(3)
        Return 0
    EndIf
    
    $ah_Handle[1] = $av_OpenProcess[0]
    
    Return $ah_Handle
    
EndFunc

Func _MemoryRead($iv_Address, $ah_Handle, $sv_Type = 'dword')
    
    If Not IsArray($ah_Handle) Then
        SetError(1)
        Return 0
    EndIf
    
    Local $v_Buffer = DllStructCreate($sv_Type)
    
    If @Error Then
        SetError(@Error + 1)
        Return 0
    EndIf
    
    DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
    
    If Not @Error Then
        Local $v_Value = DllStructGetData($v_Buffer, 1)
        Return $v_Value
    Else
        SetError(6)
        Return 0
    EndIf
    
EndFunc

Func _MemoryWrite($iv_Address, $ah_Handle, $v_Data, $sv_Type = 'dword')
    
    If Not IsArray($ah_Handle) Then
        SetError(1)
        Return 0
    EndIf
    
    Local $v_Buffer = DllStructCreate($sv_Type)
    
    If @Error Then
        SetError(@Error + 1)
        Return 0
    Else
        DllStructSetData($v_Buffer, 1, $v_Data)
        If @Error Then
            SetError(6)
            Return 0
        EndIf
    EndIf
    
    DllCall($ah_Handle[0], 'int', 'WriteProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
    
    If Not @Error Then
        Return 1
    Else
        SetError(7)
        Return 0
    EndIf
    
EndFunc

Func _MemoryPointerRead  ($iv_Address, $ah_Handle, $av_Offset, $sv_Type =  'dword')
   
    If IsArray($av_Offset) Then
        If IsArray($ah_Handle) Then
            Local $iv_PointerCount = UBound($av_Offset) - 1
        Else
            SetError(2)
            Return 0
        EndIf
    Else
        SetError(1)
        Return 0
    EndIf
   
    Local $iv_Data[2], $i
    Local $v_Buffer = DllStructCreate('dword')
   
    For $i = 0 to $iv_PointerCount
       
        If $i = $iv_PointerCount Then
            $v_Buffer = DllStructCreate($sv_Type)
            If @Error Then
                SetError(@Error + 2)
                Return 0
            EndIf
           
            $iv_Address = '0x' & hex($iv_Data[1] + $av_Offset[$i])
            DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
            If @Error Then
                SetError(7)
                Return 0
            EndIf
           
            $iv_Data[1] = DllStructGetData($v_Buffer, 1)
           
        ElseIf $i = 0 Then
            DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
            If @Error Then
                SetError(7)
                Return 0
            EndIf
           
            $iv_Data[1] = DllStructGetData($v_Buffer, 1)
           
        Else
            $iv_Address = '0x' & hex($iv_Data[1] + $av_Offset[$i])
            DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
            If @Error Then
                SetError(7)
                Return 0
            EndIf
           
            $iv_Data[1] = DllStructGetData($v_Buffer, 1)
           
        EndIf
       
    Next
   
    $iv_Data[0] = $iv_Address
   
    Return $iv_Data

EndFunc

Func SetPrivilege( $privilege, $bEnable )
    Const $TOKEN_ADJUST_PRIVILEGES = 0x0020
    Const $TOKEN_QUERY = 0x0008
    Const $SE_PRIVILEGE_ENABLED = 0x0002
    Local $hToken, $SP_auxret, $SP_ret, $hCurrProcess, $nTokens, $nTokenIndex, $priv
    $nTokens = 1
    $LUID = DLLStructCreate("dword;int")
    If IsArray($privilege) Then    $nTokens = UBound($privilege)
    $TOKEN_PRIVILEGES = DLLStructCreate("dword;dword[" & (3 * $nTokens) & "]")
    $NEWTOKEN_PRIVILEGES = DLLStructCreate("dword;dword[" & (3 * $nTokens) & "]")
    $hCurrProcess = DLLCall("kernel32.dll","hwnd","GetCurrentProcess")
    $SP_auxret = DLLCall("advapi32.dll","int","OpenProcessToken","hwnd",$hCurrProcess[0],   _
            "int",BitOR($TOKEN_ADJUST_PRIVILEGES,$TOKEN_QUERY),"int*",0)
    If $SP_auxret[0] Then
        $hToken = $SP_auxret[3]
        DLLStructSetData($TOKEN_PRIVILEGES,1,1)
        $nTokenIndex = 1
        While $nTokenIndex <= $nTokens
            If IsArray($privilege) Then
                $ntokenvar=$ntokenindex-1
                $priv = $privilege[$ntokenvar]
            Else
                $priv = $privilege
            EndIf
            $ret = DLLCall("advapi32.dll","int","LookupPrivilegeValue","str","","str",$priv,   _
                    "ptr",DLLStructGetPtr($LUID))
            If $ret[0] Then
                If $bEnable Then
                    DLLStructSetData($TOKEN_PRIVILEGES,2,$SE_PRIVILEGE_ENABLED,(3 * $nTokenIndex))
                Else
                    DLLStructSetData($TOKEN_PRIVILEGES,2,0,(3 * $nTokenIndex))
                EndIf
                DLLStructSetData($TOKEN_PRIVILEGES,2,DllStructGetData($LUID,1),(3 * ($nTokenIndex-1)) + 1)
                DLLStructSetData($TOKEN_PRIVILEGES,2,DllStructGetData($LUID,2),(3 * ($nTokenIndex-1)) + 2)
                DLLStructSetData($LUID,1,0)
                DLLStructSetData($LUID,2,0)
            EndIf
            $nTokenIndex += 1
        WEnd
        $ret = DLLCall("advapi32.dll","int","AdjustTokenPrivileges","hwnd",$hToken,"int",0,   _
                "ptr",DllStructGetPtr($TOKEN_PRIVILEGES),"int",DllStructGetSize($NEWTOKEN_PRIVILEGES),   _
                "ptr",DllStructGetPtr($NEWTOKEN_PRIVILEGES),"int*",0)
        $f = DLLCall("kernel32.dll","int","GetLastError")
    EndIf
    $NEWTOKEN_PRIVILEGES=0
    $TOKEN_PRIVILEGES=0
    $LUID=0
    If $SP_auxret[0] = 0 Then Return 0
    $SP_auxret = DLLCall("kernel32.dll","int","CloseHandle","hwnd",$hToken)
    If Not $ret[0] And Not $SP_auxret[0] Then Return 0
    return $ret[0]
EndFunc

Func _MemoryClose($ah_Handle)
    
    If Not IsArray($ah_Handle) Then
        SetError(1)
        Return 0
    EndIf
    
    DllCall($ah_Handle[0], 'int', 'CloseHandle', 'int', $ah_Handle[1])
    If Not @Error Then
        DllClose($ah_Handle[0])
        Return 1
    Else
        DllClose($ah_Handle[0])
        SetError(2)
        Return 0
    EndIf
    
EndFunc

Func _MemoryModuleGetBaseAddress($iPID, $sModule)
    If Not ProcessExists($iPID) Then Return SetError(1, 0, 0)
    
    If Not IsString($sModule) Then Return SetError(2, 0, 0)
    
    Local   $PSAPI = DllOpen("psapi.dll")
    
    ;Get Process Handle
    Local   $hProcess
    Local   $PERMISSION = BitOR(0x0002, 0x0400, 0x0008, 0x0010, 0x0020) ; CREATE_THREAD, QUERY_INFORMATION, VM_OPERATION, VM_READ, VM_WRITE
    
    If $iPID > 0 Then
        Local $hProcess = DllCall("kernel32.dll", "ptr", "OpenProcess", "dword", $PERMISSION, "int", 0, "dword", $iPID)
        If $hProcess[0] Then
            $hProcess = $hProcess[0]
        EndIf
    EndIf
    
    ;EnumProcessModules
    Local   $Modules = DllStructCreate("ptr[1024]")
    Local   $aCall = DllCall($PSAPI, "int", "EnumProcessModules", "ptr", $hProcess, "ptr", DllStructGetPtr($Modules), "dword", DllStructGetSize($Modules), "dword*", 0)
    If $aCall[4] > 0 Then
        Local   $iModnum = $aCall[4] / 4
        Local   $aTemp
        For $i = 1 To $iModnum
            $aTemp =  DllCall($PSAPI, "dword", "GetModuleBaseNameW", "ptr", $hProcess, "ptr", Ptr(DllStructGetData($Modules, 1, $i)), "wstr", "", "dword", 260)
            If $aTemp[3] = $sModule Then
                DllClose($PSAPI)
                Return Ptr(DllStructGetData($Modules, 1, $i))
            EndIf
        Next
    EndIf
    
    DllClose($PSAPI)
    Return SetError(-1, 0, 0)
    
EndFunc

Func _MemoryGetBaseAddress($ah_Handle, $iHexDec = 0)
    
    Local $iv_Address = 0x00100000
    Local $v_Buffer = DllStructCreate('dword;dword;dword;dword;dword;dword;dword')
    Local $vData
    Local $vType
    
    If Not IsArray($ah_Handle) Then
        SetError(1)
        Return 0
    EndIf
    

    DllCall($ah_Handle[0], 'int', 'VirtualQueryEx', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer))
    
    If Not @Error Then
        
        $vData = Hex(DllStructGetData($v_Buffer, 2))
        $vType = Hex(DllStructGetData($v_Buffer, 3))
        
        While $vType <> "00000080"
            DllCall($ah_Handle[0], 'int', 'VirtualQueryEx', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer))
            $vData = Hex(DllStructGetData($v_Buffer, 2))
            $vType = Hex(DllStructGetData($v_Buffer, 3))
            If Hex($iv_Address) = "01000000" Then ExitLoop
            $iv_Address += 65536
            
        WEnd

        If $vType = "00000080" Then
            SetError(0)
            If $iHexDec = 1 Then
                Return Dec($vData)
            Else
                Return $vData
            EndIf
            
        Else
            SetError(2)
            Return 0
        EndIf
        
    Else
        SetError(3)
        Return 0
    EndIf
    
EndFunc

And the code as Majidemo suggested:

$ID = ProcessExists("app.exe")
Global $Offset[5] = [0, 0x18BD, 0x4A3, 0x8CC, 0x8B8] ; your multilevel offsets -- enter hex here
$StaticOffset = 0x941318 ;your static offset or green address

$openmem = _MemoryOpen($ID)
$baseADDR = _MemoryGetBaseAddress($openmem, 1)
$finalADDR = "0x" & Hex($baseADDR + $StaticOffset) ;this gives you "app.exe+941318"

$r = _MemoryPointerRead($finalADDR, $openmem, $Offset) ;this gives you the final address to read from
_MemoryClose($openmem)

;Test if value is correct
MsgBox(0, "Info", $r[1]) ;or try the other one w/o [1]
MsgBox(0, "Info", $r) ;check w/c one gives you the correct value

Now what I have noticed while I was posting the code, I dont have the 1FF offset in there, but then it comes back to the question, where do I put the values?

The first msgbox gives me 0 from the variable $r[1], and the next msgbox the variable doesn't give any output.

Thanks,

Ilmaestro.

Edited by maestro

Hello, World!... LAME lol

Share this post


Link to post
Share on other sites

#11 ·  Posted (edited)

try this

$ID = ProcessExists("app.exe")
Global $Offset[6] = [0, 0x1FF, 0x8B8, 0x8CC, 0x4A3, 0x18BD] ; your multilevel offsets -- enter hex here
$StaticOffset = 0x941318 ;your static offset or green address

$openmem = _MemoryOpen($ID)
$baseADDR = _MemoryGetBaseAddress($openmem, 1)
$finalADDR = "0x" & Hex($baseADDR + $StaticOffset) ;this gives you "app.exe+941318"

$r = _MemoryPointerRead($finalADDR, $openmem, $Offset) ;this gives you the final address to read from
_MemoryClose($openmem)

;Test if value is correct
MsgBox(0, "Info", $r[1])
MsgBox(0, "Info", $finalADDR) ;check what the address is pointing to right now, & check if its same w/ CE

can you tell me what application are you trying to read from?

Edited by majidemo

Share this post


Link to post
Share on other sites

Thank you for you help this far, but it seems that the reason I am not getting the right values is due to the fact that the pointer nor the bass address seem to be added properly.

the second msgbox from your suggestion just gives me 0x00941318 which means that it didn't add the base address to it properly, it seems to have just slapped a couple 0's onto 941318(the static offset) and nothing else was done with the address.

I am guessing this is due to old nomad, so I'm wondering if you know of a link I can get a new one to check and see if its just that thats not working.

Thanks,

Ilmaestro.


Hello, World!... LAME lol

Share this post


Link to post
Share on other sites

sometimes using app.exe+offset gives you the address = 0000000

try this

Global $Offset[7] = [0, 0x941318, 0x1FF, 0x8B8, 0x8CC, 0x4A3, 0x18BD] ; your multilevel offsets -- enter hex here

if still doesnt work.. search CE forum & youtube for multilevel pointer guides..

Share this post


Link to post
Share on other sites

#14 ·  Posted (edited)

#include <NomadMemory.au3>

Dim $Offset[6] = [0, Dec("1FF"), Dec("8B8"), Dec("8CC"), Dec("4A3"), Dec("18BD")]

$hMemoryOpen = _OpenMemory("autoit3help.exe")
$FinalAddress = _GetFinalAddress($hMemoryOpen,"941318")
$Value = _ReadFromPointer($FinalAddress,$hMemoryOpen,$Offset)
MsgBox(0,"Data","Address: " & $Value[0] & @CRLF & "Value: " & $Value[1])
_MemoryClose($hMemoryOpen)

Func _OpenMemory($sProcess)
    $aOpen = _MemoryOpen(ProcessExists($sProcess))
    If $aOpen = 0 Then
        Switch @error
            Case 1
                MsgBox(0, "Error", "Error opening Process: Process ID is invalid.")
            Case 2
                MsgBox(0, "Error", "Error opening Process: Failed to open Kernel32.dll.")
            Case 3
                MsgBox(0, "Error", "Error opening " & $aOpen & ".")
        EndSwitch
        Exit
    EndIf

    Return $aOpen
EndFunc

Func _GetFinalAddress($hMemory, $xStaticPointer)
    Local $iStaticOffset, $iBaseAddress

    $iBaseAddress = _MemoryGetBaseAddress($hMemory, 1)
    If $iBaseAddress = 0 Then
        Switch @error
            Case 1
                MsgBox(0, "Error", "Error getting Base Address: Invalid Handle to open Process.")
            Case 2
                MsgBox(0, "Error", "Error getting Base Address: Failed to find correct allocation Address.")
            Case 3
                MsgBox(0, "Error", "Error getting Base Address: Failed to read from the specified Process.")
        EndSwitch
        Exit
    EndIf

    $iStaticOffset = Dec($xStaticPointer) - $iBaseAddress
    Return "0x" & Hex($iBaseAddress + $iStaticOffset)
EndFunc

Func _ReadFromPointer($xFinalAddress,$hMemory,$aOffset,$sType = "dword")
    Local $aRead

    $aRead = _MemoryPointerRead($xFinalAddress, $hMemory, $aOffset, $sType)
    If $aRead = 0 Then
        Switch @error
            Case 1
                MsgBox(0, "Error", "Error reading Pointer: The specified Offset isn't an Array")
            Case 2
                MsgBox(0, "Error", "Error reading Pointer: Invalid Handle to open Process.")
            Case 3
                MsgBox(0, "Error", "Error reading Pointer: Type is not a String")
            Case 4
                MsgBox(0, "Error", "Error reading Pointer: Type is unsupported or unknown")
            Case 5
                MsgBox(0, "Error", "Error reading Pointer: Failed to allocate the memory needed for the DllStructure")
            Case 6
                MsgBox(0, "Error", "Error reading Pointer: Failed to allocate the memory needed for " & $sType)
            Case 7
                MsgBox(0, "Error", "Error reading Pointer: Failed to read from the specified Process")
        EndSwitch
        Exit
    Else
        Return $aRead
    EndIf
EndFunc

Confirm that these lines are correct. Assuming they are, post any message boxes you get.

$Offset[6] = [0, Dec("1FF"), Dec("8B8"), Dec("8CC"), Dec("4A3"), Dec("18BD")]
$hMemoryOpen = _OpenMemory("process.exe")
$FinalAddress = _GetFinalAddress($hMemoryOpen,"941318")

Also, I'm always glad to help on MSN. My email is -REDACTED-.

Edited by darkjohn20
Remove email address.

Share this post


Link to post
Share on other sites

#15 ·  Posted (edited)

Not to be rude majidemo, but quite a lot of your code is incorrect. I suggest looking over NomadMemory.au3's comments. This way you wont be going in a loop with the person you're trying to help.

Offsets should be in Decimal, not Hex.

To get the final address after pointers are factored in you need to use the 0-index of the array returned by _MemoryPointerRead().

Edited by darkjohn20

Share this post


Link to post
Share on other sites

hey darkjohn20, the Error in the msgbox is as follows:

"Error getting Base Address: Failed to find correct allocation Address."

(and yes everything was put in correct)

Thanks,

Ilmaestro.


Hello, World!... LAME lol

Share this post


Link to post
Share on other sites

#17 ·  Posted (edited)

hey darkjohn20, the Error in the msgbox is as follows:

"Error getting Base Address: Failed to find correct allocation Address."

(and yes everything was put in correct)

Thanks,

Ilmaestro.

You made sure the process name was correct too? "process.exe" in that format?

Edit: I've attatched my NomadMemory file. I don't know if there are any differences, but please, try it.

NomadMemory.au3

Edited by darkjohn20

Share this post


Link to post
Share on other sites

Hi, yes the process name is put in properly (app.exe) and even with your nomadmemory I am getting the same error.

Thanks,

Ilmaestro.


Hello, World!... LAME lol

Share this post


Link to post
Share on other sites

I'm not quite sure why it isn't working. The only thing I can think of is the process is protected, but if it worked in CE then it SHOULD work...

I cannot help any further without knowing what process it is. Feel free to PM or MSN me.

Share this post


Link to post
Share on other sites

#20 ·  Posted (edited)

So I have given up on my "Voice Chat Auto-Admin" idea for now, And since there seems to be so many problems with this code, I have decided to try getting it to work on the actual cheat engine tutorial.exe just to get it actually working.

Posted Image

(This is a picture of the info I get from CheatEngine.)

include <NomadMemory.au3> ;(this is the nomadmemory that darkjohn20 gave me link to.)

Dim $Offset[5] = [0, Dec("C"), Dec("14"), Dec("0"), Dec("18")]

$hMemoryOpen = _OpenMemory("Tutorial.exe")
$FinalAddress = _GetFinalAddress($hMemoryOpen,"00060C20")
$Value = _ReadFromPointer($FinalAddress,$hMemoryOpen,$Offset)
MsgBox(0,"Data","Address: " & $Value[0] & @CRLF & "Value: " & $Value[1])
_MemoryClose($hMemoryOpen)

Func _OpenMemory($sProcess)
    $aOpen = _MemoryOpen(ProcessExists($sProcess))
    If $aOpen = 0 Then
        Switch @error
            Case 1
                MsgBox(0, "Error", "Error opening Process: Process ID is invalid.")
            Case 2
                MsgBox(0, "Error", "Error opening Process: Failed to open Kernel32.dll.")
            Case 3
                MsgBox(0, "Error", "Error opening " & $aOpen & ".")
        EndSwitch
        Exit
    EndIf

    Return $aOpen
EndFunc

Func _GetFinalAddress($hMemory, $xStaticPointer)
    Local $iStaticOffset, $iBaseAddress

    $iBaseAddress = _MemoryGetBaseAddress($hMemory, 1)
    If $iBaseAddress = 0 Then
        Switch @error
            Case 1
                MsgBox(0, "Error", "Error getting Base Address: Invalid Handle to open Process.")
            Case 2
                MsgBox(0, "Error", "Error getting Base Address: Failed to find correct allocation Address.")
            Case 3
                MsgBox(0, "Error", "Error getting Base Address: Failed to read from the specified Process.")
        EndSwitch
        Exit
    EndIf

    $iStaticOffset = Dec($xStaticPointer) - $iBaseAddress
    Return "0x" & Hex($iBaseAddress + $iStaticOffset)
EndFunc

Func _ReadFromPointer($xFinalAddress,$hMemory,$aOffset,$sType = "dword")
    Local $aRead

    $aRead = _MemoryPointerRead($xFinalAddress, $hMemory, $aOffset, $sType)
    If $aRead = 0 Then
        Switch @error
            Case 1
                MsgBox(0, "Error", "Error reading Pointer: The specified Offset isn't an Array")
            Case 2
                MsgBox(0, "Error", "Error reading Pointer: Invalid Handle to open Process.")
            Case 3
                MsgBox(0, "Error", "Error reading Pointer: Type is not a String")
            Case 4
                MsgBox(0, "Error", "Error reading Pointer: Type is unsupported or unknown")
            Case 5
                MsgBox(0, "Error", "Error reading Pointer: Failed to allocate the memory needed for the DllStructure")
            Case 6
                MsgBox(0, "Error", "Error reading Pointer: Failed to allocate the memory needed for " & $sType)
            Case 7
                MsgBox(0, "Error", "Error reading Pointer: Failed to read from the specified Process")
        EndSwitch
        Exit
    Else
        Return $aRead
    EndIf
EndFunc

(Here is my current code, Copied from darkjohn20 post then all the pointers and offsets updated.)

Posted Image

(This is the Error Message that pops up when the script is run.)

Thanks,

Ilmaestro.

Edited by maestro

Hello, World!... LAME lol

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0