Memory read

[BlackMore]

Hi all,

I just started using Autoit more often now and tried some memory reading but i'm having some issues...

I'm tying to read a character name but all i got is the first letter and idk whats wrong with this

$proc = ProcessList("SRO_Client.exe")
    $adress=0x00CEC540
    $ID=_MemoryOpen($proc[1][1])
    If @Error Then
        MsgBox(0, "ERROR", "Failed to open memory")
    EndIf
    $charname = _MemoryRead($adress, $ID, 'char[16]')
    MsgBox(0,"",$charname)
    _MemoryClose($ID)

for exemple, char name is "abc" so what i got in the msgbox is "a"

thanks in advance

[Hiyoal]

What UDF are you using??

Hiyoal

[JRowe]

CODE

#include "NomadMemory.au3"

; Set your Game specific data here.

;Game.exe, w/e it is

$GameExecutableName = "InsertYourGameName.exe Here"

;The pointer or direct address of the variable you're getting from memory. Remember to include "0x" at the beginning of your hex address.

$pointer = "Insert your Pointer Here"

;The offset, or 0x0 if the pointer is a direct address

$GameDataOffset = "Insert your Offset Here"

;This attaches to the process

$list = ProcessList($GameExecutableName)

$ProcessID = $list[1][1]

$handle = _MemoryOpen($ProcessId)

;This reads the data from the pointer and converts it to a hex address.

$readPtr = "0x" & Hex(_MemoryRead($pointer, $handle, "int[32]"),8)

$GameDataAddress = "0x" & hex($readPtr + $GameDataOffset,8)

;If it's a direct address and not a pointer, then uncomment the next line

;$GameDataAddress = $pointer

$GameData = _MemoryRead($GameDataAddress, $handle, "char[16]")

_MemoryClose($handle)

MsgBox(0, '', $GameData)

It should be very simple to do what you're trying. Just read/edit the script where necessary.

More complex things are easily possible. I'm assuming you're using something like T-Search or Cheat Engine. At any rate, good luck!

[Hiyoal]

Cheat Engine. Yea.

Try it in cheatengine with that address and see how long the char[] is, because that script should work.

Also, are you from elitepvpers or gzp??

Hiyoal

[JRowe]

I'm from Forever-Hacking, if anywhere

[TomCat]

Hi I also tryed to use your example, but I have a courious problem.

I changed all valius for my game.

Then I start the script. In Messagebox I get #

I changed the value in the Game now i get " after next change % and so on o.O

Any Ideat whats the reason for this Error ?

[FreeFry]

The game is probably using DMA (Dynamic Memory Allocation), which makes the address for the name random on each run, etc.

Is the name stored as Unicode? if that's the case, then each character is separated by a NULL char, and is twice the size of the original name(example name is Roger, length of name is 5, size in memory to read would be 10(double the name length)), to strip out the NULL chars, you could use BinaryToString to convert it to a "normal" text string.

That MIGHT be the problem, as I don't have this SRO_Client.exe app, neither do I know what it is.

[H5O20H]

No,Sro_Client is not using DMA.

Your code is wrong.

[FreeFry]

No,Sro_Client is not using DMA.

Your code is wrong.

My code?

I haven't posted any. I gave a suggestion, that's all.

[H5O20H]

BlackMore's code.

FreeFry,your code is always tight and ready for use

Author,

basepointer:DWORD=$CEBB4C;

Charname:DWORD=$00CEA538;

function GetCharName(wnd:HWND):widestring;   stdcall;
 var
  ProcessId : integer;
  HandleWindow : Cardinal;
ergtemp:widestring;erg:Array[0..12] of WIDECHAR;
  baseAdress:DWord;
  BytesRead : Cardinal;i:integer;

 begin


  if wnd <> 0 then
  begin
    GetWindowThreadProcessId(wnd,@ProcessId);
    HandleWindow := OpenProcess(PROCESS_VM_READ,False,ProcessId);

    ReadProcessMemory(HandleWindow, Pointer(Charname),@erg, Sizeof(erg) ,BytesRead );



  end;
 ergtemp:='';
  for i:=0 to 20 do ergtemp:=ergtemp+erg[i];

Result:=ergtemp;

end;

[FreeFry]

Judging from that code, the name is not stored as Unicode, then my previous assumption might be wrong.. Hmm, gimme a minute.

[FreeFry]

BlackMore, can you try this and see if it works?:

$proc = ProcessExists("SRO_Client.exe"); // No need to enumerate all the processes, you can get the PID from the ProcessExists function..
    If Not $proc Then
        MsgBox(0, "Error", "Process is not open, please run it first.")
    $adress=0x00CEC540
    $ID=_MemoryOpen($proc)
    If @Error Then
        MsgBox(0, "ERROR", "Failed to open memory")
    EndIf
    $charname = _MemoryRead($adress, $ID, 'char[16]')
    MsgBox(0,"",StringToBinary($charname))
    _MemoryClose($ID)

[H5O20H]

FreeFry,I have a question too.

How can I call that function from that dll,I made it in delphi and I don't want to remake it in au3,but then the other problem comes up,I can't make the bar in delphi,so is it possible to do the bar in au3,but the dll to stay au3?

[FreeFry]

Hmm, sorry, what function and dll are you talking about? //semi-hijack

[soadmania]

BlackMore, can you try this and see if it works?:

$proc = ProcessExists("SRO_Client.exe"); // No need to enumerate all the processes, you can get the PID from the ProcessExists function..
    If Not $proc Then
        MsgBox(0, "Error", "Process is not open, please run it first.")
    $adress=0x00CEC540
    $ID=_MemoryOpen($proc)
    If @Error Then
        MsgBox(0, "ERROR", "Failed to open memory")
    EndIf
    $charname = _MemoryRead($adress, $ID, 'char[16]')
    MsgBox(0,"",StringToBinary($charname))
    _MemoryClose($ID)

Code is wrong not 'char[16]' it should be 'wchar[40]'