jokke Posted November 20, 2006 Posted November 20, 2006 Hi, after a while now im bored using PixelSearch, and want to move over to reading memory.Im currently using Nomad`s _Memory UDF Link to his post.Im currently stuck on _MemoryPointerRead, and i think i know why but i dont know how to fix it.To start off im trying to "hack" 3D Pinball just so i have a easy base.I use Cheat Engine to get Pointers and offset`s, cheat engine can be found here.Iwe tested pointers innside Cheat engine several times so they should work for everyone.Pointers for 3D Pinball score is: PINBALL.EXE+00025658 Offsets is: (Hex)0x52 (Dec)82Im currently using the exsample`s given with Nomad`s package found on link inn top of post.Here is the script i need some help with, i think i may have overseen something, but now i have steared for so long, trying to understand what. But with no luck.expandcollapse popup;This is just a structural example it will not function ;unless the correct information is entered. #include <Memory.au3> ;get the process ID $ProcessID = WinGetProcess("3D Pinball") ConsoleWrite($ProcessID & @CRLF) ;Debug ;set the static address $Address = 0x00025658 ConsoleWrite($Address) ;Debug ;set the pointer offsets in Decimal Dim $Offset[4] $Offset[0] = 82 ;0x52 in Hex $Offset[1] = 0 ;no offset for pointer 2 $Offset[2] = 82 ;0x52 in Hex $Offset[3] = 0 ;no offset for pointer 4 ;open the process and get the handle $Handle = _MemoryOpen($ProcessID) ;read the 'dword' value at the destination address $Value = _MemoryPointerRead($Address, $Handle, $Offset) #cs ;or if the value is a 9 character 'char' type $Type = 'char[10]' $Value = _MemoryPointerRead($Address, $Handle, $Offset, $Type) #ce ;close the open process _MemoryClose($Handle) ;display the value and the destination address MsgBox(4096, "Returned", "Address = " & $Value[0] & @CRLF & "Value =" & $Value[1])I think it might be something with pointervalue: 0x00025658And with the offset code inn the script since i only have one offsetvalue.All help appreciated UDF:Crypter a file encrypt / decrypt tool with no need to remember a password again. Based on Caesar cipher using entire ASCII Table.Script's: PixelSearch Helper, quick and simple way to create a PixelSeach.Chatserver - simplified, not so complicated multi-socket server.AutoIT - Firewall, simple example on howto create a firewall with AutoIt.
jokke Posted November 20, 2006 Author Posted November 20, 2006 Bump. I know its fast but it was allready on page 3. Anyone have any innsight on this? UDF:Crypter a file encrypt / decrypt tool with no need to remember a password again. Based on Caesar cipher using entire ASCII Table.Script's: PixelSearch Helper, quick and simple way to create a PixelSeach.Chatserver - simplified, not so complicated multi-socket server.AutoIT - Firewall, simple example on howto create a firewall with AutoIt.
Outshynd Posted November 21, 2006 Posted November 21, 2006 "PINBALL.EXE+00025658" probably refers to the starting point of the PINBALL executable in memory (generally 0x400000 or similar) plus 0x25658. Try $Address = 0x425658 or 0x435658 and see if either works.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now