Archman Posted February 6, 2007 Share Posted February 6, 2007 Using Cheat Engine 5.2 i can determin the health of a selected mob is 872Cheat Engine Details of this data are:Address = 0CB425D0 Type = 4 Bytes Value = 872Reading through the forum i have used the following script to read this in AutoIt#include <mem.au3> $Process = 'test.exe' ;-> Target process $PID = ProcessExists($Process) ;-> Get Process ID $Address = 0x0CB425D0 ;-> Read/write address $OpenProcess = _MemOpen(0x38, False, $PID) ;-> Enable reading/writing to the process and get the handle $v_Read = _MemRead($OpenProcess, $Address, 1) ;-> Read a 1 byte value from the defined address MsgBox(0,"Info", "The value of address "&HEX($Address, 8)&" is now: "&$v_Read) _MemClose($OpenProcess) ;-> Disable reading/writing to the processoÝ÷ Øíz¸º)]x(Ê&¦)^¶nÞ±Êâ¦Ö§vØ^»§Ø+Þ²Ø^~e£§¦ëSåZç¨|]ë,Ð xÛôÉèÃ]8!ø©àzØ^r^¶®¶sbb33c·eõ&VBÒôÖVÕ&VBb33c´÷Vå&ö6W72Âb33c´FG&W72ÂB as the value in Cheat engine is 4 BytesI then get:The Value of Address 0CB425D0 is now: h□The output i expected and what it should be is -- The Value of Address 0CB425D0 is now: 872What am i doing wrong ? Link to comment Share on other sites More sharing options...
/dev/null Posted February 6, 2007 Share Posted February 6, 2007 What am i doing wrong ? _MemRead() returns an array, with the four bytes you read! __________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf * Link to comment Share on other sites More sharing options...
Archman Posted February 6, 2007 Author Share Posted February 6, 2007 So $v_Read will have multiple Values ? If that is so how do i take those values and end up with 872 like Cheat Engine shows? Link to comment Share on other sites More sharing options...
/dev/null Posted February 6, 2007 Share Posted February 6, 2007 So $v_Read will have multiple Values ? If that is so how do i take those values and end up with 872 like Cheat Engine shows? so, what are the single values? Run the code below,note the values and post them. #include <Array.au3> _ArrayDisplay($v_Read,"Memory") __________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf * Link to comment Share on other sites More sharing options...
Archman Posted February 6, 2007 Author Share Posted February 6, 2007 Where do i get Array.au3 i searched but cant find it? Also the Momory location 0CB425D0 was the same all last night and all today and i restarted the game multiple times. Just loaded the game again to do what u asked and the Memory location of the information i wanna read has changed :/ Link to comment Share on other sites More sharing options...
/dev/null Posted February 6, 2007 Share Posted February 6, 2007 Where do i get Array.au3 i searched but cant find it?it's part of the standard installation. Just use it like I posted it.#include <Array.au3>_ArrayDisplay($v_Read,"Memory") __________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf * Link to comment Share on other sites More sharing options...
Archman Posted February 6, 2007 Author Share Posted February 6, 2007 (edited) Useing _ArrayDisplay($v_Read,"Memory") oÝ÷ Úz-)àªiz{"~&v+m¡«¢+Ù5Í ½à À°ÅÕ½Ðí%¹¼ÅÕ½Ðì°}ÉÉå¥ÍÁ±ä ÀÌØíÙ}I°ÅÕ½Ðí5µ½ÉäÅÕ½Ð줤It just returns 0 everytime i try itAltho when using Go to execute the script it doesnt finish i have to Stop Excecuting Edited February 6, 2007 by Archman Link to comment Share on other sites More sharing options...
/dev/null Posted February 6, 2007 Share Posted February 6, 2007 Useing _ArrayDisplay($v_Read,"Memory") oÝ÷ Úz-)àªiz{"~&v+m¡«¢+Ù5Í ½à À°ÅÕ½Ðí%¹¼ÅÕ½Ðì°}ÉÉå¥ÍÁ±ä ÀÌØíÙ}I°ÅÕ½Ðí5µ½ÉäÅÕ½Ð줤 __________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf * Link to comment Share on other sites More sharing options...
Archman Posted February 7, 2007 Author Share Posted February 7, 2007 Ok Cheat Engine Details of this data are: Address = 0CB425D0 Type = 4 Bytes Value = 872 Script Using AutoIt: #include <mem.au3> #include <Array.au3> $Process = 'TEST.exe' ;-> Target process $PID = ProcessExists($Process) ;-> Get Process ID $Address = 0CB425D0 ;-> Read/write address $OpenProcess = _MemOpen(0x38, False, $PID) ;-> Enable reading/writing to the process and get the handle $v_Read = _MemRead($OpenProcess, $Address, 4) ;-> Read a 1 byte value from the defined address MsgBox(0,"Info", "The value of address "&HEX($Address, 8)&" is now: "&$v_Read) MsgBox(0,"Info", _ArrayDisplay($v_Read,"Memory")) MsgBox(0,"",IsArray($v_Read)) _MemClose($OpenProcess) ;-> Disable reading/writing to the processoÝ÷ Ù8b±º¹ìN¢YhÂ)àU©nzÄáyV¥¹ê×kzË46ä="²z0ȳz,¥©ì·)^ = 0 So from this i Gather that _MemRead() is not returning an array, with the four bytes it reads! Sorry For Being a Pain and Thank you for Helping :"> Link to comment Share on other sites More sharing options...
/dev/null Posted February 7, 2007 Share Posted February 7, 2007 _ArrayDisplay($v_Read,"Memory") = 0 So from this i Gather that _MemRead() is not returning an array, with the four bytes it reads! Sorry For Being a Pain and Thank you for Helping :"> O.K. then you have a different mem.au3 than me. Can you please post your mem.au3 here? AND, what happens if you print (msgbox, or ClipPut): Hex($v_Read) and String($v_Read) ?? __________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf * Link to comment Share on other sites More sharing options...
Archman Posted February 7, 2007 Author Share Posted February 7, 2007 I copy and paste this from forum yesterday to make my mem.au3 Func _MemRead($i_hProcess, $i_lpBaseAddress, $i_nSize, $v_lpNumberOfBytesRead = '') Local $v_Struct = DllStructCreate ('byte[' & $i_nSize & ']') DllCall('kernel32.dll', 'int', 'ReadProcessMemory', 'int', $i_hProcess, 'int', $i_lpBaseAddress, 'int', DllStructGetPtr ($v_Struct, 1), 'int', $i_nSize, 'int', $v_lpNumberOfBytesRead) Local $v_Return = DllStructGetData ($v_Struct, 1) $v_Struct=0 Return $v_Return EndFunc ;==> _MemRead() Func _MemWrite($i_hProcess, $i_lpBaseAddress, $v_Inject, $i_nSize, $v_lpNumberOfBytesRead = '') Local $v_Struct = DllStructCreate ('byte[' & $i_nSize & ']') DllStructSetData ($v_Struct, 1, $v_Inject) $i_Call = DllCall('kernel32.dll', 'int', 'WriteProcessMemory', 'int', $i_hProcess, 'int', $i_lpBaseAddress, 'int', DllStructGetPtr ($v_Struct, 1), 'int', $i_nSize, 'int', $v_lpNumberOfBytesRead) $v_Struct=0 Return $i_Call[0] EndFunc ;==> _MemWrite() Func _MemOpen($i_dwDesiredAccess, $i_bInheritHandle, $i_dwProcessId) $ai_Handle = DllCall("kernel32.dll", 'int', 'OpenProcess', 'int', $i_dwDesiredAccess, 'int', $i_bInheritHandle, 'int', $i_dwProcessId) If @error Then SetError(1) Return 0 EndIf Return $ai_Handle[0] EndFunc ;==> _MemOpen() Func _MemClose($i_hProcess) $av_CloseHandle = DllCall('kernel32.dll', 'int', 'CloseHandle', 'int', $i_hProcess) Return $av_CloseHandle[0] EndFunc ;==> _MemClose() Link to comment Share on other sites More sharing options...
Archman Posted February 7, 2007 Author Share Posted February 7, 2007 (edited) Here are the results from useing Hex($v_Read) and String($v_Read)Hex($v_Read) returns 68030000String($v_Read) returns 0x68030000 Edited February 8, 2007 by Archman Link to comment Share on other sites More sharing options...
Archman Posted February 10, 2007 Author Share Posted February 10, 2007 Can you post your mem.au3 script please /dev/null so i can try using that one Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now