Jump to content

Please guide me. Memory Reading

xshark
 Share

Recommended Posts

xshark Seeker

xshark

Posted
Posted

I was hoping that someone would help point me in the direction of a good tutorial on memory scanning.

I am looking to build a program that will allow one to scan a process and return every memory value from it (similar to tsearch, but i don't want to edit or write memory values). I do not know much about the architecture of process memory nor do i know much about autoit's built in functions for reading system memory.

I have found NomadMemory.au3 from a WOW hack post that looks like it is the solution for the autoit memory access functions but i am still unsure on how to utilize this tool to effectivly scan a process memory values.

Link to comment
Share on other sites
longxx Wayfarer

longxx

Posted
Posted (edited)

nmemory.au3 is good, but you want to find the fixed version of it, otherwise it has bug and couldnt scan sometime

it works perfectly for me to scan memory of Warcraft III.

Edited by longxx
Link to comment
Share on other sites
xshark Seeker

xshark

Posted
  • Author
Posted

nmemory.au3 is good, but you want to find the fixed version of it, otherwise it has bug and couldnt scan sometime

it works perfectly for me to scan memory of Warcraft III.

I guess what I am really after is how memory addressing works. . . If I want to scan all memory addresses relevant to a given process for their values how would i do that besides scanning from 0x00000000 to 0xFFFFFFFF.

Link to comment
Share on other sites
Kickassjoe Universalist

Kickassjoe

Posted
Posted

As far as I know, that is the ONLY way to scan ALL memory addresses relevant to a given process. If the program you're trying to scan uses DMA (dynamic memory allocation), you could just scan the addresses that end in a certain character / (and most likely) characters. Like for example, you know that the info you want is always showing up at XXXXXXA0, you could scan all those addresses.

What goes around comes around... Payback's a bitch.

Link to comment
Share on other sites
xshark Seeker

xshark

Posted
  • Author
Posted

As far as I know, that is the ONLY way to scan ALL memory addresses relevant to a given process. If the program you're trying to scan uses DMA (dynamic memory allocation), you could just scan the addresses that end in a certain character / (and most likely) characters. Like for example, you know that the info you want is always showing up at XXXXXXA0, you could scan all those addresses.

I guess I'm confused on how I would determine that without using a memory reader such as cheat engine or tsearch.

I am trying to read memory (not write) without the risk of loading programs capable of getting my account banned.

Link to comment
Share on other sites
xshark Seeker

xshark

Posted
  • Author
Posted

use Bulb's name spoofer's script as template, it's the perfect example of memory searching

I made all my offset searching based on his template.

Cant find bulb's name spoofer. . . Could you please point me in the right direction to find that. Thank you.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...