Archman Posted February 6, 2007 Posted February 6, 2007 Using Cheat Engine 5.2 i can determin the health of a selected mob is 872Cheat Engine Details of this data are:Address = 0CB425D0 Type = 4 Bytes Value = 872Reading through the forum i have used the following script to read this in AutoIt#include <mem.au3> $Process = 'test.exe' ;-> Target process $PID = ProcessExists($Process) ;-> Get Process ID $Address = 0x0CB425D0 ;-> Read/write address $OpenProcess = _MemOpen(0x38, False, $PID) ;-> Enable reading/writing to the process and get the handle $v_Read = _MemRead($OpenProcess, $Address, 1) ;-> Read a 1 byte value from the defined address MsgBox(0,"Info", "The value of address "&HEX($Address, 8)&" is now: "&$v_Read) _MemClose($OpenProcess) ;-> Disable reading/writing to the processoÝ÷ Øíz¸º)]x(Ê&¦)^¶nÞ±Êâ¦Ö§vØ^»§Ø+Þ²Ø^~e£§¦ëSåZç¨|]ë,Ð xÛôÉèÃ]8!ø©àzØ^r^¶®¶sbb33c·eõ&VBÒôÖVÕ&VBb33c´÷Vå&ö6W72Âb33c´FG&W72ÂB as the value in Cheat engine is 4 BytesI then get:The Value of Address 0CB425D0 is now: h□The output i expected and what it should be is -- The Value of Address 0CB425D0 is now: 872What am i doing wrong ?
/dev/null Posted February 6, 2007 Posted February 6, 2007 What am i doing wrong ? _MemRead() returns an array, with the four bytes you read! __________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *
Archman Posted February 6, 2007 Author Posted February 6, 2007 So $v_Read will have multiple Values ? If that is so how do i take those values and end up with 872 like Cheat Engine shows?
/dev/null Posted February 6, 2007 Posted February 6, 2007 So $v_Read will have multiple Values ? If that is so how do i take those values and end up with 872 like Cheat Engine shows? so, what are the single values? Run the code below,note the values and post them. #include <Array.au3> _ArrayDisplay($v_Read,"Memory") __________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *
Archman Posted February 6, 2007 Author Posted February 6, 2007 Where do i get Array.au3 i searched but cant find it? Also the Momory location 0CB425D0 was the same all last night and all today and i restarted the game multiple times. Just loaded the game again to do what u asked and the Memory location of the information i wanna read has changed :/
/dev/null Posted February 6, 2007 Posted February 6, 2007 Where do i get Array.au3 i searched but cant find it?it's part of the standard installation. Just use it like I posted it.#include <Array.au3>_ArrayDisplay($v_Read,"Memory") __________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *
Archman Posted February 6, 2007 Author Posted February 6, 2007 (edited) Useing _ArrayDisplay($v_Read,"Memory") oÝ÷ Úz-)àªiz{"~&v+m¡«¢+Ù5Í ½à À°ÅÕ½Ðí%¹¼ÅÕ½Ðì°}ÉÉå¥ÍÁ±ä ÀÌØíÙ}I°ÅÕ½Ðí5µ½ÉäÅÕ½Ð줤It just returns 0 everytime i try itAltho when using Go to execute the script it doesnt finish i have to Stop Excecuting Edited February 6, 2007 by Archman
/dev/null Posted February 6, 2007 Posted February 6, 2007 Useing _ArrayDisplay($v_Read,"Memory") oÝ÷ Úz-)àªiz{"~&v+m¡«¢+Ù5Í ½à À°ÅÕ½Ðí%¹¼ÅÕ½Ðì°}ÉÉå¥ÍÁ±ä ÀÌØíÙ}I°ÅÕ½Ðí5µ½ÉäÅÕ½Ð줤 __________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *
Archman Posted February 7, 2007 Author Posted February 7, 2007 Ok Cheat Engine Details of this data are: Address = 0CB425D0 Type = 4 Bytes Value = 872 Script Using AutoIt: #include <mem.au3> #include <Array.au3> $Process = 'TEST.exe' ;-> Target process $PID = ProcessExists($Process) ;-> Get Process ID $Address = 0CB425D0 ;-> Read/write address $OpenProcess = _MemOpen(0x38, False, $PID) ;-> Enable reading/writing to the process and get the handle $v_Read = _MemRead($OpenProcess, $Address, 4) ;-> Read a 1 byte value from the defined address MsgBox(0,"Info", "The value of address "&HEX($Address, 8)&" is now: "&$v_Read) MsgBox(0,"Info", _ArrayDisplay($v_Read,"Memory")) MsgBox(0,"",IsArray($v_Read)) _MemClose($OpenProcess) ;-> Disable reading/writing to the processoÝ÷ Ù8b±º¹ìN¢YhÂ)àU©nzÄáyV¥¹ê×kzË46ä="²z0ȳz,¥©ì·)^ = 0 So from this i Gather that _MemRead() is not returning an array, with the four bytes it reads! Sorry For Being a Pain and Thank you for Helping :">
/dev/null Posted February 7, 2007 Posted February 7, 2007 _ArrayDisplay($v_Read,"Memory") = 0 So from this i Gather that _MemRead() is not returning an array, with the four bytes it reads! Sorry For Being a Pain and Thank you for Helping :"> O.K. then you have a different mem.au3 than me. Can you please post your mem.au3 here? AND, what happens if you print (msgbox, or ClipPut): Hex($v_Read) and String($v_Read) ?? __________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *
Archman Posted February 7, 2007 Author Posted February 7, 2007 I copy and paste this from forum yesterday to make my mem.au3 Func _MemRead($i_hProcess, $i_lpBaseAddress, $i_nSize, $v_lpNumberOfBytesRead = '') Local $v_Struct = DllStructCreate ('byte[' & $i_nSize & ']') DllCall('kernel32.dll', 'int', 'ReadProcessMemory', 'int', $i_hProcess, 'int', $i_lpBaseAddress, 'int', DllStructGetPtr ($v_Struct, 1), 'int', $i_nSize, 'int', $v_lpNumberOfBytesRead) Local $v_Return = DllStructGetData ($v_Struct, 1) $v_Struct=0 Return $v_Return EndFunc ;==> _MemRead() Func _MemWrite($i_hProcess, $i_lpBaseAddress, $v_Inject, $i_nSize, $v_lpNumberOfBytesRead = '') Local $v_Struct = DllStructCreate ('byte[' & $i_nSize & ']') DllStructSetData ($v_Struct, 1, $v_Inject) $i_Call = DllCall('kernel32.dll', 'int', 'WriteProcessMemory', 'int', $i_hProcess, 'int', $i_lpBaseAddress, 'int', DllStructGetPtr ($v_Struct, 1), 'int', $i_nSize, 'int', $v_lpNumberOfBytesRead) $v_Struct=0 Return $i_Call[0] EndFunc ;==> _MemWrite() Func _MemOpen($i_dwDesiredAccess, $i_bInheritHandle, $i_dwProcessId) $ai_Handle = DllCall("kernel32.dll", 'int', 'OpenProcess', 'int', $i_dwDesiredAccess, 'int', $i_bInheritHandle, 'int', $i_dwProcessId) If @error Then SetError(1) Return 0 EndIf Return $ai_Handle[0] EndFunc ;==> _MemOpen() Func _MemClose($i_hProcess) $av_CloseHandle = DllCall('kernel32.dll', 'int', 'CloseHandle', 'int', $i_hProcess) Return $av_CloseHandle[0] EndFunc ;==> _MemClose()
Archman Posted February 7, 2007 Author Posted February 7, 2007 (edited) Here are the results from useing Hex($v_Read) and String($v_Read)Hex($v_Read) returns 68030000String($v_Read) returns 0x68030000 Edited February 8, 2007 by Archman
Archman Posted February 10, 2007 Author Posted February 10, 2007 Can you post your mem.au3 script please /dev/null so i can try using that one
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now