Sign in to follow this  
Followers 0
alex OF DEATH

Adding Hex Offsets?

11 posts in this topic

Okay, I have the pointer and an offset for a memory address.

How do I follow the pointer and add the offset to find the value I'm looking for?

Example:

Func moveYup()
$memopen = _MemoryOpen($Pid)
$MoveY = _MemoryRead(0x682246F0+0x00000184, $memopen, 'float')
$final = $moveY+10
_MemoryWrite(0x682246F0+0x00000184, $memopen, $final, 'float')
endfunc

Apparently you can't just add them.

Pointer = 0x682246F0

Offset = 0x00000184

What expression do I use to get an address out of it?


Share this post


Link to post
Share on other sites



Well it helps if you post what Memory UDF your using.

_ReadMemory($handle[1], 0x6711F8 + 0x48, 4)


[font="Verdana"]Valik:Get it straight - I'm not here to say please, I'm here to help - if my help's not appreciated then lotsa luck, gentlemen.[/font]

Share this post


Link to post
Share on other sites

Using NomadMemory.au3.


Share this post


Link to post
Share on other sites

Not my choice of Memory UDFs, but.. If you want to try another let me know. I use the one by Outshynd.

;=================================================================================================
; Function:         _MemoryPointerRead ($iv_Address, $ah_Handle, $av_Offset[, $sv_Type])
; Description:      Reads a chain of pointers and returns an array containing the destination
;                   address and the data at the address.
; Parameter(s):     $iv_Address - The static memory address you want to start at. It must be in
;                                 hex format (0x00000000).
;                   $ah_Handle - An array containing the Dll handle and the handle of the open
;                                process as returned by _MemoryOpen().
;                   $av_Offset - An array of offsets for the pointers.  Each pointer must have an
;                                offset.  If there is no offset for a pointer, enter 0 for that
;                                array dimension.
;                   $sv_Type - (optional) The "Type" of data you intend to read at the destination
;                                address.  This is set to 'dword'(32bit(4byte) signed integer) by
;                                default.  See the help file for DllStructCreate for all types.
; Requirement(s):   The $ah_Handle returned from _MemoryOpen.
; Return Value(s):  On Success - Returns an array containing the destination address and the value
;                                located at the address.
;                   On Failure - Returns 0
;                   @Error - 0 = No error.
;                            1 = $av_Offset is not an array.
;                            2 = Invalid $ah_Handle.
;                            3 = $sv_Type is not a string.
;                            4 = $sv_Type is an unknown data type.
;                            5 = Failed to allocate the memory needed for the DllStructure.
;                            6 = Error allocating memory for $sv_Type.
;                            7 = Failed to read from the specified process.
; Author(s):        Nomad
; Note(s):          Values returned are in Decimal format, unless a 'char' type is selected.
;                   Set $av_Offset like this:
;                   $av_Offset[0] = NULL (not used)
;                   $av_Offset[1] = Offset for pointer 1 (all offsets must be in Decimal)
;                   $av_Offset[2] = Offset for pointer 2
;                   etc...
;                   (The number of array dimensions determines the number of pointers)
;=================================================================================================
Func _MemoryPointerRead ($iv_Address, $ah_Handle, $av_Offset, $sv_Type = 'dword')
    
    If IsArray($av_Offset) Then
        If IsArray($ah_Handle) Then
            Local $iv_PointerCount = UBound($av_Offset) - 1
        Else
            SetError(2)
            Return 0
        EndIf
    Else
        SetError(1)
        Return 0
    EndIf
    
    Local $iv_Data[2], $i
    Local $v_Buffer = DllStructCreate('dword')
    
    For $i = 0 to $iv_PointerCount
        
        If $i = $iv_PointerCount Then
            $v_Buffer = DllStructCreate($sv_Type)
            If @Error Then
                SetError(@Error + 2)
                Return 0
            EndIf
            
            $iv_Address = '0x' & hex($iv_Data[1] + $av_Offset[$i])
            DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
            If @Error Then
                SetError(7)
                Return 0
            EndIf
            
            $iv_Data[1] = DllStructGetData($v_Buffer, 1)
            
        ElseIf $i = 0 Then
            DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
            If @Error Then
                SetError(7)
                Return 0
            EndIf
            
            $iv_Data[1] = DllStructGetData($v_Buffer, 1)
            
        Else
            $iv_Address = '0x' & hex($iv_Data[1] + $av_Offset[$i])
            DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
            If @Error Then
                SetError(7)
                Return 0
            EndIf
            
            $iv_Data[1] = DllStructGetData($v_Buffer, 1)
            
        EndIf
        
    Next
    
    $iv_Data[0] = $iv_Address
    
    Return $iv_Data

EndFunc

[font="Verdana"]Valik:Get it straight - I'm not here to say please, I'm here to help - if my help's not appreciated then lotsa luck, gentlemen.[/font]

Share this post


Link to post
Share on other sites

I used that function and it still won't read/write the correct address.

What I'm using now:

#include <NomadMemory.au3>
#include <Array.au3>

$yoffset = _ArrayCreate( "1132" ) ;dec version of 0x184

Func moveYup()
$memopen = _MemoryOpen($Pid)
$MoveY = _MemoryPointerRead (0x682246F0, $memopen, $yoffset, 'float')
$final = $moveY+10
_MemoryPointerWrite (0x682246F0, $memopen, $yoffset, $final, 'float')
endfunc

Share this post


Link to post
Share on other sites

I'm pretty sure I found the problem.

I was treating the pointer as a value instead of the address to what I'm supposed to add the offset to.

Func moveYup()
$memopen = _MemoryOpen($Pid)                         ;Open process for reading
$MoveY = _MemoryRead(0x682246F0, $memopen, 'dword')  ;Read the value in the 4byte pointer
$StepTwo = $moveY + 0x184                            ;Add offset to pointer
$stepthree=_MemoryRead($stepTwo, $memopen, 'float')  ;Retrieve the final product of the pointer + offset
$stepfour=_memoryread($stepthree,$memopen, 'float')  ;Get the value of the address from the final product of pointer + offset
$final = $Stepthree+10                               ;Add 10 to current value of Y
_MemoryWrite(0x682246F0, $memopen, $Final, 'float')  ;Write the +10 to memory
endfunc

Should work, but it's untested and bound to have an error, but the comments are pretty much spot on to the entire process.


Share this post


Link to post
Share on other sites

Strange...

Func moveYup()
$memopen = _MemoryOpen($Pid)                         ;Open process for reading
$MoveY = _MemoryRead(0x682246F0, $memopen, 'dword')  ;Read the value in the 4byte pointer
$MoveYhex=_Base($MoveY, $base16)                     ;Convert Pointer to Hex
msgbox(1,"", "Pointer: " & $MoveYhex)                ;debug
$StepTwo = $moveYhex+0x184                           ;Add offset to pointer
msgbox(1,"", "Pointer+Offset: " & $StepTwo)          ;debug
$stepthree=_MemoryRead($stepTwo, $memopen, 'float')  ;Retrieve the final product of the pointer + offset
$stepfour=_memoryread($stepthree,$memopen, 'float')  ;Get the value of the address from the final product of pointer + offset
msgbox(1,"", "Y: " & $stepfour)                      ;debug
$final = $Stepthree+10                               ;Add 10 to current value of Y
_MemoryWrite(0x682246F0, $memopen, $Final, 'float')  ;Write the +10 to memory
endfuncoÝ÷ ØKÞ¯+ax"±«,ºh§°¢¹"¬Û!¢é]¦×è­«­¢+ØÀÌØíMÑÁQݼôÀÌØíµ½Ùe¡à¬ÁàÄàÐí½ÍÐѼÁ½¥¹ÑÈ

It should be adding (in my case) 0x98BB760 with 0x184, no? Well instead, it returns 388 which is the decimal version of 0x184. Hmm...

(I'm posting my notes on the subject here for anyone viewing this topic in the future. I might solve someones problem someday.)


Share this post


Link to post
Share on other sites

#8 ·  Posted (edited)

$stepTwo = Hex($moveYhex+0x184, 8)?

Edit:

Hell, I have no idea with these functions...

Maybe even try:

$StepTwo = Hex(Execute($moveYhex + 0x184), 8)

Edited by SmOke_N

Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Share this post


Link to post
Share on other sites

#9 ·  Posted (edited)

Fixed, but still broken.

Func moveYup()
$memopen = _MemoryOpen($Pid)                         ;Open process for reading
$MoveY = _MemoryRead(0x682246F0, $memopen, 'dword')  ;Read the value in the 4byte pointer
$StepTwo = $moveY+384                                ;Add offset to pointer (while in decimal form)
$MoveYhex=_Base($StepTwo, $base16)                   ;Convert pointer's offset's address to hex
$stepthree=_MemoryRead($MoveYhex, $memopen,'float')  ;Retrieve the final product of the pointer + offset
msgbox(1,"","" & $stepthree)                          ;debug
$final = $Stepthree+10                               ;Add 10 to current value of Y
_MemoryWrite($stepthree, $memopen, $Final, 'float')  ;Write the +10 to memory
endfunc

$MoveYhex returns the memory address 98CA010, but when I try to _memoryread $moveYhex, it returns zero with no @error. This shouldn't be so hard to do.

Edit: I see the problem. When I try to _MemoryRead it, I'm trying to read the address 98CA010 Instead of 0x98CA010. Let me try to fix it.

Edited by alex OF DEATH

Share this post


Link to post
Share on other sites

Finished and (hopefully) DMA-defeated.

#cs**********************************************************************
*                                                                        *
*              Author:                Deject3d                           *
*                                                                        *
*              Script Function:       Teleport                           *
*                                                                        *
#ce**********************************************************************
#include <NomadMemory.au3>
#include <array.au3>
#include <base.au3>

    hotkeyset("{up}", "moveYup")
    hotkeyset("{down}","moveYdown")
    hotkeyset("{left}","moveXleft")
    hotkeyset("{right}","moveXright")
    
$PID = WinGetProcess ( "ROSE online" )
$base16 =  "0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F"

while 1
;To keep program running
wend

Func moveYup()
$memopen = _MemoryOpen($Pid)                         ;Open process for reading
$MoveY = _MemoryRead(0x682246F0, $memopen, 'dword')  ;Read the value in the 4byte pointer
$StepTwo = $moveY+388                                ;Add offset to pointer
$MoveYhex="0x0"&_Base($StepTwo, $base16)              ;Convert offset's address to hex
$stepthree=_MemoryRead($MoveYhex, $memopen,'float')  ;Retrieve the final product of the pointer + offset
$final = $Stepthree+10                               ;Add 10 to current value of Y
_MemoryWrite($MoveYhex, $memopen, $Final, 'float')  ;Write the +10 to memory
endfunc


Func moveYdown()
$memopen = _MemoryOpen($Pid)                         ;Open process for reading
$MoveY = _MemoryRead(0x682246F0, $memopen, 'dword')  ;Read the value in the 4byte pointer
$StepTwo = $moveY+388                                ;Add offset to pointer
$MoveYhex="0x0"&_Base($StepTwo, $base16)              ;Convert offset's address to hex
$stepthree=_MemoryRead($MoveYhex, $memopen,'float')  ;Retrieve the final product of the pointer + offset
$final = $Stepthree-10                               ;Add 10 to current value of Y
_MemoryWrite($MoveYhex, $memopen, $Final, 'float')  ;Write the +10 to memory
endfunc


Func moveXleft()
$memopen = _MemoryOpen($Pid)                         ;Open process for reading
$MoveY = _MemoryRead(0x682246F0, $memopen, 'dword')  ;Read the value in the 4byte pointer
$StepTwo = $moveY+384                                ;Add offset to pointer
$MoveYhex="0x0"&_Base($StepTwo, $base16)              ;Convert offset's address to hex
$stepthree=_MemoryRead($MoveYhex, $memopen,'float')  ;Retrieve the final product of the pointer + offset
$final = $Stepthree-10                               ;Add 10 to current value of Y
_MemoryWrite($MoveYhex, $memopen, $Final, 'float')  ;Write the +10 to memory)
endfunc


Func moveXright()
$memopen = _MemoryOpen($Pid)                         ;Open process for reading
$MoveY = _MemoryRead(0x682246F0, $memopen, 'dword')  ;Read the value in the 4byte pointer
$StepTwo = $moveY+384                                ;Add offset to pointer
$MoveYhex="0x0"&_Base($StepTwo, $base16)              ;Convert offset's address to hex
$stepthree=_MemoryRead($MoveYhex, $memopen,'float')  ;Retrieve the final product of the pointer + offset
$final = $Stepthree+10                               ;Add 10 to current value of Y
_MemoryWrite($MoveYhex, $memopen, $Final, 'float')  ;Write the +10 to memory
endfunc

Share this post


Link to post
Share on other sites

We just had a post all about this that may have saved some time. Always try searching first.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0