Jump to content
Sign in to follow this  
hendrikhe

NomadMemory.au3

Recommended Posts

@ FreeFry

We're using static addresses just to check the memory reading. Seems it works for others, but not the OP. At first I thought he was trying to read from unallocated memory, that's why he got 0, but ... seems not.

And, yes his original script looks fine to me (basically similar to my method) Don't know where the weirdness comes from.

Share this post


Link to post
Share on other sites

Its not working for me...

Sorry I got on this thread trough google and I just replied to see if anyone got an answer yet...

Maybe Its the Version...

Im using the stable

Edited by INFACT

Share this post


Link to post
Share on other sites

No its not i tried it with the beta and it still didnt work. Is it vista?

Im using Vista

Sorry for double post. I cant edit the post above.

Share this post


Link to post
Share on other sites

Strange that it's working for half of us. Can you test with the little memory reading tool I posted in the previous page ? Make sure you try to read a correct address, otherwise it will return 0.

It's working on my XP and Vista.

Share this post


Link to post
Share on other sites

I am having the exact problem. Have tried everything, turned off firewalls tried 3 different scripts. No matter what I'm reading I get a value of 0. I had this working like 3 months ago, took up programming again and this started. Any ideas?

Share this post


Link to post
Share on other sites

Sorry for double post. Just tried everything on my new laptop. Same problem and that is running vista. I ran the code that was posted and got nothing. This is getting really frustrating...

Share this post


Link to post
Share on other sites

Can someone do this simple test for me ?

Step 1 : Run calculator (calc.exe)

Step 2 : Run my compiled program from here :

http://www.mediafire.com/download.php?zmnr12dxnmm

The first MsgBox will give the base module address of calc.exe (in hexadecimal, for me it is 1000000)

The second will read a dword from there, it won't be zero, or something's up.

Wow, it worked :D So the process I'm trying to read from is not allowing autoit to read memory? Truthfully I'm screwing around with WoW. Is it even possible to read it? I'm sure I have seen people do it. Must be missing something....

Oh and thank you very much!

Share this post


Link to post
Share on other sites

Near the end of the first page I posted another little test, that reads any memory from any process. Try that to see if it will work.

Share this post


Link to post
Share on other sites

Near the end of the first page I posted another little test, that reads any memory from any process. Try that to see if it will work.

That actually what I have been trying with before you posted the script designed specifically for calc.exe, but I'll try it again.

Hmm, didn't seem to work. Got only 00000. I made a bot for FFXI with autoit and memory reading was the least of my problems. I'm confused as to why Cheat Engine can see the values but autoit cannot.

Share this post


Link to post
Share on other sites

I packed up my Memory Reader example + NomadMemory.au3 + MemoryGetBaseAddressUDF.au3

http://www.sendspace.com/file/fv0i50

Make sure everything works fine on other processes, then try WoW.

Remember you have to pass the values as decimal. So pass something like Dec(403f75) to Nomad. And then use Hex to see the return in hex format.

EDIT: Also, to make sure it's not a privileges thing, use #RequireAdmin on the top of the script.

Edited by Inverted

Share this post


Link to post
Share on other sites

I packed up my Memory Reader example + NomadMemory.au3 + MemoryGetBaseAddressUDF.au3

http://www.sendspace.com/file/fv0i50

Make sure everything works fine on other processes, then try WoW.

I really appreciate your help. I'll get on it right away and let you now how it works out.

On another note, I was looking for others with the same problem and I found something that could be a possible solution however, I have no idea how to implement what they are saying. Maybe you can understand it. Here it is:

"1. Check that your wow window name in your Findwindow clause is right. in enGB version it's "World of Warcraft" and for example in the German version it's "WORLD OF WARCRAFT".

2. WoW does indeed use some sort of protection. Just the normal PROCESS_ALL_ACCESS flag won't do it (at least for me it didn't). Try if it works with PermEdit and if it does, create a function to elevate your processes privileges to debug level (SeDebugPrivilege).

-SetPrivilege("SeDebugPrivilege", 1)

Just a couple things that might help."

Share this post


Link to post
Share on other sites

Aha, interesting.

Ok, then use these on the top of the script :

CODE
#RequireAdmin

*** includes go here ***

SetPrivilege("SeDebugPrivilege", 1) ;before you do anything else

Note, that for SetPrivilege, if the function succeeds, the return value is nonzero. (It should never fail)

Edited by Inverted

Share this post


Link to post
Share on other sites

Well I seem to have failed again. These are what I tried. Should be showing a value of 70 (says Cheat engine) but I've only seen 000000.

It feels like I'm so close! Yet I still am getting the same result as when I first tried. Thanks again for your help :D

CODE
#RequireAdmin

SetPrivilege("SeDebugPrivilege", 1)

#Region ;**** Directives created by AutoIt3Wrapper_GUI ****

#AutoIt3Wrapper_UseUpx=n

#EndRegion ;**** Directives created by AutoIt3Wrapper_GUI ****

#include <NomadMemory.au3>

#include <MemoryGetBaseAddressUDF.au3>

$progname = "Memory Reader"

;$target_pid = ProcessExists ( InputBox ("Give process name", "example : calc.exe","calc.exe") )

$target_pid = ProcessExists ("Wow.exe")

If $target_pid=0 Then

MsgBox (16, $progname, "Process not found !")

Exit

EndIf

$Nomad_struct = _MemoryOpen($target_pid)

If Not @error=0 Then

MsgBox (16, $progname, "Process could not be opened !")

Exit

EndIf

$target_base = _MemoryGetBaseAddress($Nomad_struct)

MsgBox(0,"",$target_base)

MsgBox(4096, $progname, Hex(_MemoryRead( Dec($target_base),$Nomad_struct)))

;_MemoryWrite(Dec($target_base)+0x5c34,$Nomad_struct,0x04EB,"ushort")

;If Not @error=0 Then

; MsgBox (16, $progname, "Process could not be written, error code : "&@error)

; Exit

;EndIf

CODE
#RequireAdmin

#Region ;**** Directives created by AutoIt3Wrapper_GUI ****

#AutoIt3Wrapper_UseUpx=n

#EndRegion ;**** Directives created by AutoIt3Wrapper_GUI ****

#include <NomadMemory.au3>

#include <MemoryGetBaseAddressUDF.au3>

SetPrivilege("SeDebugPrivilege", 1)

$progname = "Memory reading"

$target_pid = ProcessExists ( "Wow.exe" )

If $target_pid=0 Then

MsgBox (16, $progname, "Process not found !")

Exit

EndIf

$Nomad_struct = _MemoryOpen($target_pid)

If Not @error=0 Then

MsgBox (16, $progname, "Process could not be opened !")

Exit

EndIf

MsgBox(4096, $progname, Hex(_MemoryRead(0x00AAA5CF,$Nomad_struct)))

Ok so I quickly retried the first code with everything in the correct order and still nothing.

Edited by Clee12

Share this post


Link to post
Share on other sites

Damn, I can't see anything wrong, I have a few long shot ideas though.

The first is to try with a new instance of WoW, maybe there is a problem if it is already opened by Cheat Engine.

The second is to use a lower privilege with Nomad's MemoryOpen. The default is all access, let's try only read privileges :

$Nomad_struct = _MemoryOpen($target_pid, 0x0010, 0)

Third idea is to launch WoW under a limited account, to restrict its anticheating capabilities (the Warden system). You know ... RunAs + limited account.

Share this post


Link to post
Share on other sites

Well shit...Tried all of those ideas, (which were pretty bright actually.) and nothing seems to be working. I found some old autoit wow bot source code that seems to read memory but all I could see was that they were using, "SetPrivilege("SeDebugPrivilege", 1)". Somewhat dissappointing that I can't seem to find an answer but thanks a lot for trying to help. I got way the hell closer than if I would have been by myself. Anyways I'm going to call it a night. It's 3:30 AM here. Here's that bot if anyone is intersted or thinks they could learn something from it.

http://www.autoitscript.com/forum/index.php?showtopic=37998

Thanks again.

Share this post


Link to post
Share on other sites

So I tried again this morning with no luck. I saw on some other forums that people are reading and writing wow memory using autoit. In fact I downloaded an application that was designed in autoit, ran it, and everything worked just fine. I'm sooo confused. Has anybody out there ever read memory from the Wow client? It cant be Nomad. There has to bee something missing on my end, I just can't find out what it is.

Anyone?

Share this post


Link to post
Share on other sites

I made an modded script for _MemoryWrite function for people who got problems with normal function using more than 8 bytes to write into an process. Here u go:

Func _MemoryWriteMod($Adress, $handle, $data)
    $count = StringSplit($data, " ")
    For $i = 0x00 To Binary($count[0] - 1) Step 0x01
        $Hexcount = "0x" & $count[$i + 0x01]
        _MemoryWrite($Adress + $i, $handle, Binary($Hexcount), 'byte')
    Next
EndFunc ;==>_MemoryWriteMod

Example using my _MemoryWriteMod function:

$proces_ID = ProcessExists("test.exe")
$handle = _MemoryOpen($proces_ID)
_MemoryWriteMod(0x0053D3F7, $handle, "E9 63 59 31 00 90 90 90 90 90 90")
_MemoryWriteMod(0x0053D439, $handle, "E9 37 59 31 00 90 90 90 90 90 90")
_MemoryWriteMod(0x0053D4CA, $handle, "E9 19 58 31 00 90 90")
_MemoryClose($handle)
Edited by andrewseul

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...