Sign in to follow this  
Followers 0
SXGuy

SetPrivilege Fails in NomadMemory.au3

3 posts in this topic

I wonder if someone here can help me.

At the moment, im writing a little prog that reads various addresses in a game.

When i use it with notepad it works fine, when i use it with the game, the value always returns zero.

After researching i have found that SetPrivilege seems to be faulty.

To back up my conclusion i used a program called "permedit.exe" to grant permissions to my au3 file, which in turn allowed it to give me the correct value as a result.

Therefore im assuming SetPriilege in NomadMemory.au3 doesnt work quite how it should.

Is there anyway to set permissions correctly on my au3 file without having to use an external program to do so?

BTW im using Win XP

And here is my source.

#requireadmin
#include<NomadMemory.au3>
#include <String.au3>
SetPrivilege("SeDebugPrivilege", 1)

HotKeySet("{F10}","ToggleStart")
Global $Start = 0

While 1
    If $Start = 1 then call ("_Start")
    Sleep (200)
WEnd

Func ToggleStart()
    $Start = Not $Start
EndFunc


Func _Start()
$proc = ProcessExists("Game.exe")
        If Not $proc Then
        MsgBox(0, "Error", "Process is not open, please run it first.")
        EndIf
    $address=0x012CE38E
    $ID=_MemoryOpen($proc)
    If @Error Then
        MsgBox(0, "ERROR", "Failed to open memory")
    EndIf
    $charname = _MemoryRead($address, $ID, 'short')
    MsgBox(0,"Current HP",$charname)
    _MemoryClose($ID)
    $Start = 0
EndFunc

Here is the section of NomadMemory.au3 thats in question

Func SetPrivilege( $privilege, $bEnable )
    Const $TOKEN_ADJUST_PRIVILEGES = 0x0020
    Const $TOKEN_QUERY = 0x0008
    Const $SE_PRIVILEGE_ENABLED = 0x0002
    Local $hToken, $SP_auxret, $SP_ret, $hCurrProcess, $nTokens, $nTokenIndex, $priv
    $nTokens = 1
    $LUID = DLLStructCreate("dword;int")
    If IsArray($privilege) Then $nTokens = UBound($privilege)
    $TOKEN_PRIVILEGES = DLLStructCreate("dword;dword[" & (3 * $nTokens) & "]")
    $NEWTOKEN_PRIVILEGES = DLLStructCreate("dword;dword[" & (3 * $nTokens) & "]")
    $hCurrProcess = DLLCall("kernel32.dll","hwnd","GetCurrentProcess")
    $SP_auxret = DLLCall("advapi32.dll","int","OpenProcessToken","hwnd",$hCurrProcess[0],   _
            "int",BitOR($TOKEN_ADJUST_PRIVILEGES,$TOKEN_QUERY),"int",0)
    If $SP_auxret[0] Then
        $hToken = $SP_auxret[3]
        DLLStructSetData($TOKEN_PRIVILEGES,1,1)
        $nTokenIndex = 1
        While $nTokenIndex <= $nTokens
            If IsArray($privilege) Then
                $priv = $privilege[$nTokenIndex-1]
            Else
                $priv = $privilege
            EndIf
            $ret = DLLCall("advapi32.dll","int","LookupPrivilegeValue","str","","str",$priv,   _
                    "ptr",DLLStructGetPtr($LUID))
            If $ret[0] Then
                If $bEnable Then
                    DLLStructSetData($TOKEN_PRIVILEGES,2,$SE_PRIVILEGE_ENABLED,(3 * $nTokenIndex))
                Else
                    DLLStructSetData($TOKEN_PRIVILEGES,2,0,(3 * $nTokenIndex))
                EndIf
                DLLStructSetData($TOKEN_PRIVILEGES,2,DllStructGetData($LUID,1),(3 * ($nTokenIndex-1)) + 1)
                DLLStructSetData($TOKEN_PRIVILEGES,2,DllStructGetData($LUID,2),(3 * ($nTokenIndex-1)) + 2)
                DLLStructSetData($LUID,1,0)
                DLLStructSetData($LUID,2,0)
            EndIf
            $nTokenIndex += 1
        WEnd
        $ret = DLLCall("advapi32.dll","int","AdjustTokenPrivileges","hwnd",$hToken,"int",0,   _
                "ptr",DllStructGetPtr($TOKEN_PRIVILEGES),"int",DllStructGetSize($NEWTOKEN_PRIVILEGES),   _
                "ptr",DllStructGetPtr($NEWTOKEN_PRIVILEGES),"int_ptr",0)
        $f = DLLCall("kernel32.dll","int","GetLastError")
    EndIf
    $NEWTOKEN_PRIVILEGES=0
    $TOKEN_PRIVILEGES=0
    $LUID=0
    If $SP_auxret[0] = 0 Then Return 0
    $SP_auxret = DLLCall("kernel32.dll","int","CloseHandle","hwnd",$hToken)
    If Not $ret[0] And Not $SP_auxret[0] Then Return 0
    return $ret[0]
EndFunc  ;==>SetPrivilege

Remember it works fine with notepad, it doesnt work at all with the game im using until i grant my program permissions using an external program.

p.s i did read that autoit runs in usermode? maybe this is the problem :S

Share this post


Link to post
Share on other sites



Not at home at the moment, but doesn't require an extra t?

SetPrivilege("SetDebugPrivilege", 1)

I can check my source when I'm home.


Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

EDIT: nope the correct term is "Sedebugprivilege" no T

Either the section in nomadmemory.au3 is incorrect or it doesnt function properly.

Can you compare your source with mine and tell me if im using an outdated version or something?

Edited by SXGuy

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0