Jump to content

Read Memory Float or Convert Decimal to Float?


Recommended Posts

Hello All, And 1st of I would like to say Autoit is an awesome tool with an excellent help files. But I am having troubles with one task I would like to accomplish. My goal is to read a Float Val from memory. I have successfully obtained 4byes using wOuters script. I have read thru most of the forms covering memory reads /writes. Does anyone know the math to convert a Decimal to Float or ASCII to Float? My math skills are on the light side. The best info I found on the subject is here http://sandbox.mc.edu/~bennet/cs110/flt/dtof.html the formula is beyond my skills. If you have any suggestions please let me know.

Cheers..

Link to comment
Share on other sites

I haven't looked at w0uter's script in a LONG time so I don't exactly remember how it works, but you can do something like this without using w0uter's script (and you can change it to work with his, I'm sure):

$pid = ProcessExists("calc.exe")
If $pid = 0 Then Exit

$pHandle = DllCall("kernel32.dll", "int", "OpenProcess", "int", 0x1F0FFF, "int", 0, "int", $pid)
If IsArray($pHandle) And $pHandle[0] > 0 Then
    $pHandle = $pHandle[0]
Else
    MsgBox(16, "OpenProcess Error!", "Could not open the process for reading/writing")
    Exit
EndIf

$float = DllStructCreate("float")

$ret = DllCall("kernel32.dll", "int", "ReadProcessMemory", "int", $pHandle, "int", 0x1006D, "ptr", DllStructGetPtr($float), "int", 4, "int", 0)
If IsArray($ret) Then
    MsgBox(64, "float", "$float data: " & DllStructGetData($float, 1))
EndIf

DllStructDelete($float)

Replace '0x1006D' with the address you wish to read, or encapsulate it in its own function.

Edited by Outshynd
Link to comment
Share on other sites

  • 1 year later...

yes, thank you so much. IT works for reading LOTRO floating point values as well!

EDIT:

I also found out that I could use Nomad Memory by telling it to use FLOAT instead of dword:

CODE
Func _MemoryRead($iv_Address, $ah_Handle, $sv_Type = "Float" )

If Not IsArray($ah_Handle) Then

SetError(1)

Return 0

EndIf

Local $v_Buffer = DllStructCreate($sv_Type)

If @Error Then

SetError(@Error + 1)

Return 0

EndIf

DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')

If Not @Error Then

Local $v_Value = DllStructGetData($v_Buffer, 1)

Return $v_Value

Else

SetError(6)

Return 0

EndIf

EndFunc

Edited by BotXpert
Link to comment
Share on other sites

I found a tutorial on how to find offsets:

http://forum.cheatengine.org/viewtopic.php...ca1670708543160

However I have a problem. I'm trying to find my max health in LOTRO(lord of the rings online). I found the pointer, but the pointer is not static. It changes each time the game loads. For example:

18F7BC68 contains my health

13D9236C contains the hex value 18F7BC68, which is a pointer to my health

However I can not find what writes the hex value to 13D9236C. I'm assuming this is done as the game loads. But is there a way to find out what writes to that memory block?

Link to comment
Share on other sites

I also found out that I could use Nomad Memory by telling it to use FLOAT instead of dword:

FLOAT values as well? I tried your script but I'm not getting any values returned yet CheatEngine is showing the values I am looking for. FYI, This is for Last Chaos. I don't know why there is $GlobalPointer. Both functions are returning 0 yet CE shows the health at that address...

Global $GlobalPointer = 0x1057f2a4

;float
;============================================
Global $MonsterHealth = 0x025F921C


Func _GetMonsterHealth()
        $ID = _Memoryopen(ProcessExists("Nksp.exe"))
        $Address = _FindNewAddress($GlobalPointer, $MonsterHealth)
        $MonsterHealth = _MemoryRead($Address, $ID)
        $MonsterHealthFloat = _MemoryReadFloat($Address, $ID)
        msgbox(0,"Monster's Health",$MonsterHealth & " | " & $MonsterHealthFloat)
EndFunc

Digital Chaos - Life as we know it today.I'm a Think Tank. Problem is, my tank is empty.The Quieter you are, the more you can HearWhich would you choose - Peace without Freedom or Freedom without Peace?Digital Chaos Macgyver ToolkitCompletely Dynamic MenuSQLIte controlsAD FunctionsEXCEL UDFPC / Software Inventory UDFPC / Software Inventory 2GaFrost's Admin Toolkit - My main competitor :)Virtual SystemsVMWAREMicrosoft Virtual PC 2007

Link to comment
Share on other sites

I don't understand why ppl. use this nomad memory... is it not simpler to just use the _WinAPI UDF that comes with AutoIt itself? :/

Im tredding into new territory here with memory functions. I seen several posts using the nomad memory and quite frankly, the functions are indeed easy to use. I haven't seen much on the _WinAPI UDF so I am in the dark on that. Any links to learn from??

Why do you believe the _WinAPI is better then Nomad Memory?

P.S. Where is this function located in the help files anyways? Neither helpfile (AutoIt3.chm or UDFs3.chm) mention it.

Edited by dinodod

Digital Chaos - Life as we know it today.I'm a Think Tank. Problem is, my tank is empty.The Quieter you are, the more you can HearWhich would you choose - Peace without Freedom or Freedom without Peace?Digital Chaos Macgyver ToolkitCompletely Dynamic MenuSQLIte controlsAD FunctionsEXCEL UDFPC / Software Inventory UDFPC / Software Inventory 2GaFrost's Admin Toolkit - My main competitor :)Virtual SystemsVMWAREMicrosoft Virtual PC 2007

Link to comment
Share on other sites

I guess I'm just not that fond of external UDFs. :/

I've just gotten used to the WinAPI UDF I guess. :)

The WinAPI UDF ain't only made for reading memory, it contains a lot of other functions as well.

The UDF is located in the Helpfile in the section User Defined Functions called WinAPI Management, and the functions to read and write memory includes:

_WinAPI_OpenProcess

_WinAPI_ReadProcessMemory

_WinAPI_WriteProcessMemory

_WinAPI_CloseHandle

I wrote an example of how to read the memory from the windows calculator here, and it uses the WinAPI. :)

Edited by FreeFry
Link to comment
Share on other sites

_WinAPI_OpenProcess

_WinAPI_ReadProcessMemory

_WinAPI_WriteProcessMemory

_WinAPI_CloseHandle

I wrote an example of how to read the memory from the windows calculator here, and it uses the WinAPI. :)

Yea the helpfiles are not very helpful when you can't do a PARTIAL search phrase :)

I'll look into it. has anyone done any investigations into these 2 functions?

Digital Chaos - Life as we know it today.I'm a Think Tank. Problem is, my tank is empty.The Quieter you are, the more you can HearWhich would you choose - Peace without Freedom or Freedom without Peace?Digital Chaos Macgyver ToolkitCompletely Dynamic MenuSQLIte controlsAD FunctionsEXCEL UDFPC / Software Inventory UDFPC / Software Inventory 2GaFrost's Admin Toolkit - My main competitor :)Virtual SystemsVMWAREMicrosoft Virtual PC 2007

Link to comment
Share on other sites

Yea the helpfiles are not very helpful when you can't do a PARTIAL search phrase :)

Posted Image

:)

I'll look into it. has anyone done any investigations into these 2 functions?

What two functions? What research? If you're referring to _WinAPI_ReadProcessMemory & _WinAPI_WriteProcessMemory, they work as intended. They also output an error message(with a gui) if something goes terribly wrong(like if you're trying to write to memory which is read/execute only)...

Link to comment
Share on other sites

What two functions? What research? If you're referring to _WinAPI_ReadProcessMemory & _WinAPI_WriteProcessMemory, they work as intended. They also output an error message(with a gui) if something goes terribly wrong(like if you're trying to write to memory which is read/execute only)...

Edited by dinodod

Digital Chaos - Life as we know it today.I'm a Think Tank. Problem is, my tank is empty.The Quieter you are, the more you can HearWhich would you choose - Peace without Freedom or Freedom without Peace?Digital Chaos Macgyver ToolkitCompletely Dynamic MenuSQLIte controlsAD FunctionsEXCEL UDFPC / Software Inventory UDFPC / Software Inventory 2GaFrost's Admin Toolkit - My main competitor :)Virtual SystemsVMWAREMicrosoft Virtual PC 2007

Link to comment
Share on other sites

What two functions? What research? If you're referring to _WinAPI_ReadProcessMemory & _WinAPI_WriteProcessMemory, they work as intended. They also output an error message(with a gui) if something goes terribly wrong(like if you're trying to write to memory which is read/execute only)...

K, ty. But here is my search result in the help file. Odd eh? :)

Use the Index tab vice search. Better functionality.

BTW, it's kinda funny that you are using one language but reading the hepfile in english :party: Maybe Autoit should have a translated version for every language ?? :lmao:

All it needs is Volunteer Translators for every language... which one are you offering to do?

:)

Edited by PsaltyDS
Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites

Use the Index tab vice search. Better functionality.

All it needs is Volunteer Translators for every language... which one are you offering to do?

:)

LOL, I could try to speak Klingon, Vulcan, Romulan, or Borg if ya like. :)

Digital Chaos - Life as we know it today.I'm a Think Tank. Problem is, my tank is empty.The Quieter you are, the more you can HearWhich would you choose - Peace without Freedom or Freedom without Peace?Digital Chaos Macgyver ToolkitCompletely Dynamic MenuSQLIte controlsAD FunctionsEXCEL UDFPC / Software Inventory UDFPC / Software Inventory 2GaFrost's Admin Toolkit - My main competitor :)Virtual SystemsVMWAREMicrosoft Virtual PC 2007

Link to comment
Share on other sites

LOL, I could try to speak Klingon, Vulcan, Romulan, or Borg if ya like. :party:

Quoting the Documentation page:

If you are willing to help out with any translations, and are able to help maintain your translation, then drop me an email! I'm not worried about the format as long as it will be helpful to speakers of that language! :) And, don't forget to credit yourself in your translation!

You can find the uncompiled html files for the current version of AutoIt in the Archive. (called docs-v3.2.nnn-src.zip).

The latest one there is 3.2.5.4 in Russian. I you're competent to do it, get busy.

:)

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites

I prefer English tbh. would be confusing to help ppl. if their documentation was in different languages.. :s

Edit:

What version of AutoIt do you have installed dinodod?

I live in the USA and speak English or as some peeps say, American. Whatever...

Digital Chaos - Life as we know it today.I'm a Think Tank. Problem is, my tank is empty.The Quieter you are, the more you can HearWhich would you choose - Peace without Freedom or Freedom without Peace?Digital Chaos Macgyver ToolkitCompletely Dynamic MenuSQLIte controlsAD FunctionsEXCEL UDFPC / Software Inventory UDFPC / Software Inventory 2GaFrost's Admin Toolkit - My main competitor :)Virtual SystemsVMWAREMicrosoft Virtual PC 2007

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...