Jump to content

Recommended Posts

MsgBox(0, "Test", "Writing to memory....")
$ProcessName = "Diablo II.exe"

$Adress = "01DACECF"
$DataToWrite = "C605B16ADB0101"
$DataSize= "7"

Call("MemWrite")

$Adress = "01DACED6"
$DataToWrite = "909090"
$DataSize= "3"

Call("MemWrite")

$Adress = "028ECED3"
$DataToWrite = "909090909090"
$DataSize= "6"

Call("MemWrite")

$Adress = "028ECEC9"
$DataToWrite = "C605B16A8F0201"
$DataSize= "7"

Call("MemWrite")

$Adress = "028ECECF"
$DataToWrite = "90909090909090909090"
$DataSize= "10"

Call("MemWrite")

$Adress = "0185C465"
$DataToWrite = "C605F955860101"
$DataSize= "7"

Call("MemWrite")

$Adress = "0185C46C"
$DataToWrite = "909090909090909090"
$DataSize= "9"

Call("MemWrite")

$Adress = "01801DB0"
$DataToWrite = "456E636820426F74"
$DataSize= "8"
Call("MemWrite")
$Adress = "01802954"
Call("MemWrite")
$Adress = "01802A24"
Call("MemWrite")
$Adress = "01802B04"
Call("MemWrite")
$Adress = "01802B40"
Call("MemWrite")
$Adress = "01802C18"
Call("MemWrite")
$Adress = "01802D37"
Call("MemWrite")




Func MemWrite($ProcessName, $Address, $DataToWrite, $DataSize)
Local $PID, $Result
$PID = ProcessExists($ProcessName)
$Result = DllCall(@Windowsdir & "\system32\"&$dll&".dll", "long", "WriteMemLoc", "long", $PID, "long", $Address, "long", $DataToWrite, "long", $DataSize)
Return $Result[0]
EndFunc

this does not work :D

ERROR: Line 69, Variable used without being declared

$Result = DllCall(@Windowsdir & "\system32\"&$dll&".dll", "long", "WriteMemLoc", "long", $PID, "long", $Address, "long", $DataToWrite, "long", $DataSize)
Edited by sd333221
Link to post
Share on other sites
  • Moderators

Might want to look at how your calling your function MemWrite() << it has 4 parameters, then you use Call("MemWrite") with no parameters :D

Edit:

Typo

Edited by SmOke_N

Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Link to post
Share on other sites
  • Developers

this does not work :D

ERROR: Line 69, Variable used without being declared

$Result = DllCall(@Windowsdir & "\system32\"&$dll&".dll", "long", "WriteMemLoc", "long", $PID, "long", $Address, "long", $DataToWrite, "long", $DataSize)
yea, looks like $dll isn't set ....

SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Link to post
Share on other sites
  • Moderators

Cant i declare the parameters before i call the function?

$Adress = "0185C465"
$DataToWrite = "C605F955860101"
$DataSize= "7"

Call("MemWrite")
You would need to declare them in the Function itself... then just do a call to it like MemWrite() rather than Call("MemWrite")

Example:

Func MemWrite($ProcessName = "Actual Processes name", $Address = "0185C465", $DataToWrite = "C605F955860101", $DataSize = "9")
That way all the parameters are optional because the are pre-defined.

Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Link to post
Share on other sites

You would need to declare them in the Function itself... then just do a call to it like MemWrite() rather than Call("MemWrite")

Example:

Func MemWrite($ProcessName = "Actual Processes name", $Address = "0185C465", $DataToWrite = "C605F955860101", $DataSize = "9")
That way all the parameters are optional because the are pre-defined.
thank you, i try this now
Link to post
Share on other sites
  • Moderators

Yes, but what may i choose as the $dll is this the target?

I just want the target to be "Diablo II.exe".

Can you recommend me an other writetomem script?

I couldn't find anywhere where this WriteMemLoc is located and or what DLL it uses. I know that w0uters Mem functions uses the kernel32.dll but this wasn't on MSDN site as a function.

Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Link to post
Share on other sites

this is w0uters mem function

Func _MemWrite($ah_Mem, $i_Address, $v_Inject)
    Local $av_Call = DllCall($ah_Mem[0], 'int', 'WriteProcessMemory', 'int', $ah_Mem[1], 'int', $i_Address, 'ptr', DllStructGetPtr($v_Inject), 'int', DllStructGetSize($v_Inject), 'int', '')
    Return $av_Call[0]
EndFunc ;==>_MemWrite

but i dont know how to use the parameters :;(

could you make an example with:

file: Winesweeper.exe

adress: 0185C465

bytes: C605F955860101

size: 7

just to explain?

Link to post
Share on other sites

#include <Array.au3>

$Name = "Diablo II.exe"

$Adress1 = "01DACECF"
$Data = "C605B16ADB0101"
$Size= "7"

Memwrite($Name, $Adress1, $Data, $Size)

$Adress1 = "01DACED6"
$Data = "909090"
$Size= "3"

Memwrite($Name, $Adress1, $Data, $Size)

$Adress1 = "028ECED3"
$Data = "909090909090"
$Size= "6"

Memwrite($Name, $Adress1, $Data, $Size)

$Adress1 = "028ECEC9"
$Data = "C605B16A8F0201"
$Size= "7"

Memwrite($Name, $Adress1, $Data, $Size)

$Adress1 = "028ECECF"
$Data = "90909090909090909090"
$Size= "10"

Memwrite($Name, $Adress1, $Data, $Size)

$Adress1 = "0185C465"
$Data = "C605F955860101"
$Size= "7"

Memwrite($Name, $Adress1, $Data, $Size)

$Adress1 = "0185C46C"
$Data = "909090909090909090"
$ize= "9"

Memwrite($Name, $Adress1, $Data, $Size)

$Adress1 = "01801DB0"
$Data = "456E636820426F74"
$Size= "8"
Memwrite($Name, $Adress1, $Data, $Size)
$Adress1 = "01802954"
Memwrite($Name, $Adress1, $Data, $Size)
$Adress1 = "01802A24"
Memwrite($Name, $Adress1, $Data, $Size)
$Adress1 = "01802B04"
Memwrite($Name, $Adress1, $Data, $Size)
$Adress1 = "01802B40"
Memwrite($Name, $Adress1, $Data, $Size)
$Adress1 = "01802C18"
Memwrite($Name, $Adress1, $Data, $Size)
$Adress1 = "01802D37"
Memwrite($Name, $Adress1, $Data, $Size)




Func MemWrite($ProcessName, $Address, $DataToWrite, $DataSize)
Local $PID, $Result
$PID = ProcessExists($ProcessName)
$Result = DllCall(@Windowsdir & "\system32\"&$dll&".dll", "long", "WriteMemLoc", "long", $PID, "long", $Address, "long", $DataToWrite, "long", $DataSize)
Return $Result[0]
EndFunc

same error, the MemWrite function is corrupted i think :D

Link to post
Share on other sites
  • Developers

same error, the MemWrite function is corrupted i think :D

where did you specify $dll ? so what do you expect... magic ?

SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Link to post
Share on other sites
  • Moderators

what $dll do i have to use? i want to edit the memory of my .exe file not an dll!

He's saying this.

1. You have a variable named $dll that is undefined

2. You are using DLLCall() with No DLL, because $dll is undefined.

Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Link to post
Share on other sites

i suggest you take a good look at my _mem udf and figure out how it works.

Look in his signature for the _mem udf. Also, you don't have to "Call" a function like that in AutoIt, you can simply type the function name, like this:

Function ()

and if it requires parameters:

Function (parameter1, parameter2, etc...)

If you read wOuter's _mem udf topic and are still having trouble even though you know everything is being done correctly, you may need to alter his functions to suit your needs. They are not set to read and write every conceivable thing that can be read and written to memory. You may need to specify DWORD, or CHAR, etc.. depending on what you are doing. You also may need to specify a few other different parameters.

Nomad :D

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...