dbzfanatic Posted August 18, 2008 Posted August 18, 2008 i think i did that $test = "0x" & Hex(Dec($PlayerHPadr) + Dec($PlayerHPoff)) right? or did i do it wroung new code: ;#include <NomadMemory.au3> SetPrivilege("SeDebugPrivilege", 1) Global $mainwindow = "Florensia" If WinExists($mainwindow) Then $PlayerHPadr = 0x00FA8958 $PlayerHPoff = 0x1D4 ...oÝ÷ Ûú®¢×æv·¬²)Üçbazß±ël¥u·ªºtÇMÀv «¨µ.v'b¶÷«ÉÉh±æî·*.².ÛkÉ«¢+Ø¥¹±Õ±Ðí9½µ5µ½Éä¹ÔÌÐì)MÑAÉ¥Ù¥± ÅÕ½ÐíMÕAÉ¥Ù¥±ÅÕ½Ðì°Ä¤()±½°ÀÌØíµ¥¹Ý¥¹½ÜôÅÕ½Ðí±½É¹Í¥ÅÕ½Ðì)%]¥¹á¥ÍÑÌ ÀÌØíµ¥¹Ý¥¹½Ü¤Q¡¸(ÀÌØíA±åÉ!AÈôÅÕ½ÐìÀÁàäÔàÅÕ½Ðì(ÀÌØíA±åÉ!A½ôÅÕ½ÐìÅÐÅÕ½Ðì(ÀÌØíÑÍÐôÅÕ½ÐìÁàÅÕ½ÐìµÀì!à¡ ÀÌØíA±åÉ!AȤ¬ ÀÌØíA±åÉ!A½¤¤((¸¸ I tested both your way and mine, yours came up with "0x164195C8" and mine came up with "0x00FA8B2C". You were close . Go to my website. | My Zazzle Page (custom products)Al Bhed Translator | Direct linkScreenRec ProSimple Text Editor (STE) [TUTORIAL]Task Scheduler UDF <--- First ever UDF!_ControlPaste() UDF[quote name='renanzin' post='584064' date='Sep 26 2008, 07:00 AM']whats help ?[/quote]
onestcoder Posted August 18, 2008 Posted August 18, 2008 This is script examples for reading FFXI process Memory:Note: instead of using "NomadMemory.au3" I used "Mem.au3"I also make a Memloc.ini file to keep changing addresses easy to update.FFXIbase.au3expandcollapse popup#Include <WinAPI.au3> $Process = "pol.exe" $ProcessLoc = "C:\Program Files\PlayOnline\SquareEnix\FINAL FANTASY XI\pol.exe" $Pid = ProcessExists($Process) If $Pid = 0 Then MsgBox(0, "Error", "FFXI is not running!") Exit EndIf $Open_DLL = DllOpen("C:\Program Files\PlayOnline\SquareEnix\FINAL FANTASY XI\FFXiMain.dll") $dll = "FFXiMain.dll" ;$baseAddress = _WinAPI_GetModuleHandle($dll) ; MsgBox(0,"test","Base Address: " & $baseAddress) $base = IniRead("Memloc.ini", "OFFSET", "BASE", 0x1980000) $baseAddress = $base $MaxHP = 0x3E2328 $ccMaxHP = $baseAddress + $MaxHP $xxMaxHP = "0x" & Hex($ccMaxHP) $CurrentHp = 0x8C388C $ccCurrentHp = $baseAddress + $CurrentHp $xxCurrentHp = "0x" & Hex($ccCurrentHp) $MaxMP = 0x8C3890 $ccMaxMP = $baseAddress + $MaxMP $xxMaxMP = "0x" & Hex($ccMaxMP) $CurrentMP = 0x8CA9E8 $ccCurrentMP = $baseAddress + $CurrentMP $xxCurrentMP = "0x" & Hex($ccCurrentMP) $MyName = 0x1BF67D5C $ccMyName = $baseAddress + $MyName $xxMyName = "0x" & Hex($ccMyName) $TargetName = 0x391081C $ccTargetName = $baseAddress + $TargetName $xxTargetName = "0x" & Hex($ccTargetName) $TargetHP = 0x3910774 $ccTargetHP = $baseAddress + $TargetHP $xxTargetHP = "0x" & Hex($ccTargetHP) DllClose($Open_DLL)oÝ÷ Ù±E׬µêÚ»Ûjëh×6#include <String.au3> #include <Mem.au3> #Include <WinAPI.au3> ; #include <ffxibase.au3> $pol = "pol.exe" $No_pol = ProcessExists($pol) If $No_pol = 0 Then MsgBox(0, "Error", "FFXI is not running!") ; Exit EndIf ;$Open_DLL = DllOpen("C:\Program Files\PlayOnline\SquareEnix\FINAL FANTASY XI\FFXiMain.dll") ;$dll = "FFXiMain.dll" ;$baseAddress = _WinAPI_GetModuleHandle($dll) ; MsgBox(0,"test","Base Address: " & $baseAddress) $base = IniRead("Memloc.ini", "OFFSET", "BASE", 0x1980000) $baseAddress = $base $MaxHP = 0x3E2328 $ccMaxHP = $baseAddress + $MaxHP $xxMaxHP = "0x" & Hex($ccMaxHP) $CurrentHp = 0x8C388C $ccCurrentHp = $baseAddress + $CurrentHp $xxCurrentHp = "0x" & Hex($ccCurrentHp) $MaxMP = 0x8C3890 $ccMaxMP = $baseAddress + $MaxMP $xxMaxMP = "0x" & Hex($ccMaxMP) $CurrentMP = 0x8CA9E8 $ccCurrentMP = $baseAddress + $CurrentMP $xxCurrentMP = "0x" & Hex($ccCurrentMP) $MyName = 0x1BF67D5C $ccMyName = $baseAddress + $MyName $xxMyName = "0x" & Hex($ccMyName) $TargetName = 0x391081C $ccTargetName = $baseAddress + $TargetName $xxTargetName = "0x" & Hex($ccTargetName) $TargetHP = 0x3910774 $ccTargetHP = $baseAddress + $TargetHP $xxTargetHP = "0x" & Hex($ccTargetHP) MsgBox(0, "Address", "" & $xxMaxHP & @CRLF & $xxCurrentHp & @CRLF & $xxMaxMP & @CRLF & $xxCurrentMP & @CRLF & $xxMyName & @CRLF & $xxTargetName & @CRLF & $xxTargetHP & @CRLF & $baseAddress) FileWrite("Offsets.txt","" & $xxMaxHP & @CRLF & $xxCurrentHp & @CRLF & $xxMaxMP & @CRLF & $xxCurrentMP & @CRLF & $xxMyName & @CRLF & $xxTargetName & @CRLF & $xxTargetHP & @CRLF & $baseAddress) $Process = "pol.exe" While 1 $Pid = ProcessExists($Process) $h_open = _MemOpen($Pid) $mhpRead = _MemRead($h_open, $xxMaxHP, 4) $chpRead = _MemRead($h_open, $xxCurrentHp, 4) $mmpRead = _MemRead($h_open, $xxMaxMP, 4) $cmpRead = _MemRead($h_open, $xxCurrentMP, 4) ;$nmRead = _MemRead($h_open, $xxMyName, 0) ;$tgnRead = _MemRead($h_open, $xxTargetName, 0) ;$thpRead = _MemRead($h_open, $xxTargetHP, 4) $mhp = _HexadecimalToDecimal($mhpRead) $chp = _HexadecimalToDecimal($chpRead) $mmp = _HexadecimalToDecimal($mmpRead) $cmp = _HexadecimalToDecimal($cmpRead) ;$nm = $nmRead ;$tgn = $tgnRead ;$thp = _HexadecimalToDecimal($thpRead) MsgBox(0, "Address", "Max HP:" & $mhp & @CRLF & "HP:" & $chp & @CRLF & "Max MP:" & $mmp & @CRLF & "MP:" & $cmp) WEnd _MemClose($h_open) Need a website: http://www.iconixmarketing.com
Golbez Posted August 18, 2008 Author Posted August 18, 2008 the output value is: 1035122883 when it should be 427 xD
dbzfanatic Posted August 18, 2008 Posted August 18, 2008 Are you sure you have the right address and offset then? In CE are you using multilayer pointers? (I don't remember if that's the proper name but you should be able to tell what I mean). Were you getting the right value the other way? Go to my website. | My Zazzle Page (custom products)Al Bhed Translator | Direct linkScreenRec ProSimple Text Editor (STE) [TUTORIAL]Task Scheduler UDF <--- First ever UDF!_ControlPaste() UDF[quote name='renanzin' post='584064' date='Sep 26 2008, 07:00 AM']whats help ?[/quote]
Golbez Posted August 18, 2008 Author Posted August 18, 2008 Are you sure you have the right address and offset then? In CE are you using multilayer pointers? (I don't remember if that's the proper name but you should be able to tell what I mean). Were you getting the right value the other way?
dbzfanatic Posted August 18, 2008 Posted August 18, 2008 You still didn't quite answer all of my questions. The way you were calculating the memory address, were you getting the right value. I'm guessing the answer is no since you made this thread but what were you getting? Go to my website. | My Zazzle Page (custom products)Al Bhed Translator | Direct linkScreenRec ProSimple Text Editor (STE) [TUTORIAL]Task Scheduler UDF <--- First ever UDF!_ControlPaste() UDF[quote name='renanzin' post='584064' date='Sep 26 2008, 07:00 AM']whats help ?[/quote]
Golbez Posted August 18, 2008 Author Posted August 18, 2008 the messagebox says this:the health should be 427
dbzfanatic Posted August 18, 2008 Posted August 18, 2008 No no no, please read carefully. I understand that with the new address that you get an incorrect value but what value were you getting when you calculated the address the other way? Go to my website. | My Zazzle Page (custom products)Al Bhed Translator | Direct linkScreenRec ProSimple Text Editor (STE) [TUTORIAL]Task Scheduler UDF <--- First ever UDF!_ControlPaste() UDF[quote name='renanzin' post='584064' date='Sep 26 2008, 07:00 AM']whats help ?[/quote]
Golbez Posted August 18, 2008 Author Posted August 18, 2008 (edited) this code = that message box expandcollapse popupSetPrivilege("SeDebugPrivilege", 1) Global $mainwindow = "Florensia" If WinExists($mainwindow) Then $PlayerHPadr = "00FA8958" $PlayerHPoff = "000001D4" $test = "0x" & Hex(Dec($PlayerHPadr) + Dec($PlayerHPoff)) $gamepid = ProcessExists("FlorensiaEN.bin") $gamehandle = _MemoryOpen($gamepid) $health = _MemoryRead($test, $gamehandle, "dword") MsgBox(1, $gamepid, "Address: " & $test & " -|- Health: " & $health) ClipPut($health) Else MsgBox(1, "Error", "ERROR: " & $mainwindow & " Not Found!") EndIf Func _MemoryOpen($iv_Pid, $iv_DesiredAccess = 0x1F0FFF, $iv_InheritHandle = 1) If Not ProcessExists($iv_Pid) Then SetError(1) Return 0 EndIf Local $ah_Handle[2] = [DllOpen('kernel32.dll')] If @error Then SetError(2) Return 0 EndIf Local $av_OpenProcess = DllCall($ah_Handle[0], 'int', 'OpenProcess', 'int', $iv_DesiredAccess, 'int', $iv_InheritHandle, 'int', $iv_Pid) If @error Then DllClose($ah_Handle[0]) SetError(3) Return 0 EndIf $ah_Handle[1] = $av_OpenProcess[0] Return $ah_Handle EndFunc ;==>_MemoryOpen Func _MemoryRead($iv_Address, $ah_Handle, $sv_Type = 'dword') If Not IsArray($ah_Handle) Then SetError(1) Return 0 EndIf Local $v_Buffer = DllStructCreate($sv_Type) If @error Then SetError(@error + 1) Return 0 EndIf DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '') If Not @error Then Local $v_Value = DllStructGetData($v_Buffer, 1) Return $v_Value Else SetError(6) Return 0 EndIf EndFunc ;==>_MemoryRead Func SetPrivilege($privilege, $bEnable) Const $TOKEN_ADJUST_PRIVILEGES = 0x0020 Const $TOKEN_QUERY = 0x0008 Const $SE_PRIVILEGE_ENABLED = 0x0002 Local $hToken, $SP_auxret, $SP_ret, $hCurrProcess, $nTokens, $nTokenIndex, $priv $nTokens = 1 $LUID = DllStructCreate("dword;int") If IsArray($privilege) Then $nTokens = UBound($privilege) $TOKEN_PRIVILEGES = DllStructCreate("dword;dword[" & (3 * $nTokens) & "]") $NEWTOKEN_PRIVILEGES = DllStructCreate("dword;dword[" & (3 * $nTokens) & "]") $hCurrProcess = DllCall("kernel32.dll", "hwnd", "GetCurrentProcess") $SP_auxret = DllCall("advapi32.dll", "int", "OpenProcessToken", "hwnd", $hCurrProcess[0], "int", BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY), "int_ptr", 0) If $SP_auxret[0] Then $hToken = $SP_auxret[3] DllStructSetData($TOKEN_PRIVILEGES, 1, 1) $nTokenIndex = 1 While $nTokenIndex <= $nTokens If IsArray($privilege) Then $priv = $privilege[$nTokenIndex - 1] Else $priv = $privilege EndIf $ret = DllCall("advapi32.dll", "int", "LookupPrivilegeValue", "str", "", "str", $priv, _ "ptr", DllStructGetPtr($LUID)) If $ret[0] Then If $bEnable Then DllStructSetData($TOKEN_PRIVILEGES, 2, $SE_PRIVILEGE_ENABLED, (3 * $nTokenIndex)) Else DllStructSetData($TOKEN_PRIVILEGES, 2, 0, (3 * $nTokenIndex)) EndIf DllStructSetData($TOKEN_PRIVILEGES, 2, DllStructGetData($LUID, 1), (3 * ($nTokenIndex - 1)) + 1) DllStructSetData($TOKEN_PRIVILEGES, 2, DllStructGetData($LUID, 2), (3 * ($nTokenIndex - 1)) + 2) DllStructSetData($LUID, 1, 0) DllStructSetData($LUID, 2, 0) EndIf $nTokenIndex += 1 WEnd $ret = DllCall("advapi32.dll", "int", "AdjustTokenPrivileges", "hwnd", $hToken, "int", 0, _ "ptr", DllStructGetPtr($TOKEN_PRIVILEGES), "int", DllStructGetSize($NEWTOKEN_PRIVILEGES), _ "ptr", DllStructGetPtr($NEWTOKEN_PRIVILEGES), "int_ptr", 0) $f = DllCall("kernel32.dll", "int", "GetLastError") EndIf $NEWTOKEN_PRIVILEGES = 0 $TOKEN_PRIVILEGES = 0 $LUID = 0 If $SP_auxret[0] = 0 Then Return 0 $SP_auxret = DllCall("kernel32.dll", "int", "CloseHandle", "hwnd", $hToken) If Not $ret[0] And Not $SP_auxret[0] Then Return 0 Return $ret[0] EndFunc ;==>SetPrivilege the old way didnt work.. the addresses didnt combine right i guess Edited August 18, 2008 by Golbez
dbzfanatic Posted August 18, 2008 Posted August 18, 2008 That's my point, my way combines the addresses properly and I know why you're getting the wrong value (I think). It's just reading the value of that address and not reading the value of the address it points to. I found this with a bit of searching so see if it helps.Global $Pointer=0x00a1e0c4 Global $Offset=0x0000024c Func _FindNewAddress(ByRef $P,ByRef $OSet) $ID=_MemoryOpen(0x00000848) $New_Address=_MemoryRead($P,$ID) +$OSet _MemoryClose($ID) Return $New_Address EndFunc Func _RefillMoney() $ID=_MemoryOpen(0x00000848) $Address=_FindNewAddress($Pointer,$Offset) $MaxMoney=_MemoryRead($Address,$ID) If $MaxMoney < 100000 Then _MemoryWrite($Address, $ID, 100000) EndIf _MemoryClose($ID) EndFunc While 1 _RefillMoney() Sleep(1000) WEnd _MemoryClose($ID) Go to my website. | My Zazzle Page (custom products)Al Bhed Translator | Direct linkScreenRec ProSimple Text Editor (STE) [TUTORIAL]Task Scheduler UDF <--- First ever UDF!_ControlPaste() UDF[quote name='renanzin' post='584064' date='Sep 26 2008, 07:00 AM']whats help ?[/quote]
Golbez Posted August 19, 2008 Author Posted August 19, 2008 (edited) ty for the code.. its making my head hurt tho xD Edited August 19, 2008 by Golbez
dbzfanatic Posted August 19, 2008 Posted August 19, 2008 (edited) ty for the code.. its making my head hurt tho xD lol sorry about that. I'll help you out by changing your code ok? expandcollapse popup;#include <NomadMemory.au3> #Include <String.au3> SetPrivilege("SeDebugPrivilege", 1) Global $mainwindow = "Florensia" If WinExists($mainwindow) Then $PlayerHPadr = 0x00FA8958 $PlayerHPoff = 0x000001D4 $gamepid = ProcessExists("FlorensiaEN.bin") $gamehandle = _MemoryOpen($gamepid) $health = _MemoryRead($PlayerHpadr, $gamehandle) + $PlayerHPoff MsgBox(1, $gamepid, "Address: " & $test & " -|- Health: " & $health) ClipPut($health) Else MsgBox(1, "Error", "ERROR: " & $mainwindow & " Not Found!") EndIf #cs - Health - Value: 0C299DB0 Address: 00FA8958 Offset: 1D4 - Mana - Value: 0C6D5608 Address: 0C5A8C68 Offest: 10 #ce #cs -- Memory Adresses PlayerHPadr = 0x00F86E18; PlayerHPoff = 0x1D4; TargetLockadr = 0x18DBD325; -- Setup -- -- Sit When HP Reaches.. -- PlayerHPStop = 300; -- Stand Up When HP Reaches.. -- PlayerHPSit = 630; -- Enables Looting, increases the time between killing -- EnableLooting = 1; -- Reviving Enabled? -- Revive = 1; -- Mouse Coords of the Revive Button ReviveX = 547; ReviveY = 411; -- End of Setup-- function GetTarget() TargetLock = memoryReadByte(proc, TargetLockadr); if( TargetLock == 1 and PlayerHP > PlayerHPStop and Sitting == 0) then keyboardPress( key.VK_1 ); rest(20); keyboardPress( key.VK_7 ); end if( TargetLock == 0 and PlayerHP > PlayerHPStop and Sitting == 0 ) then Loot(); keyboardPress( key.VK_0 ); rest(20); end rest(20); end function Heal() PlayerHP = memoryReadIntPtr(proc, PlayerHPadr, PlayerHPoff); if( PlayerHP <= PlayerHPStop and TargetLock == 0 and Sitting == 0 ) then rest(5000); keyboardPress( key.VK_8 ); rest(4000); Sitting = 1; end if( PlayerHP >= PlayerHPSit and TargetLock == 0 and Sitting == 1 ) then keyboardPress( key.VK_8 ); rest(4000); Sitting = 0; end end function DefeatAttacker() if( Sitting == 1 and TargetLock == 1 ) then keyboardPress( key.VK_S ); rest(500); Sitting = 0; keyboardPress( key.VK_7 ); end end function Loot() if( EnableLooting == 1 ) then keyboardPress( key.VK_X ); rest(4000); end end function Reviving() if( Revive == 1 and PlayerHP == 0 ) then yrest(5000); mouseSet(ReviveX, ReviveY); yrest(500); mouseLClick(); end end function main() attach( findWindow("Florensia") ); proc = openProcess( findProcess("Florensia") ); Sitting = 0; while(true) do Heal(); DefeatAttacker(); GetTarget(); Reviving(); rest(10); end end startMacro(main, true); #ce Func _MemoryOpen($iv_Pid, $iv_DesiredAccess = 0x1F0FFF, $iv_InheritHandle = 1) If Not ProcessExists($iv_Pid) Then SetError(1) Return 0 EndIf Local $ah_Handle[2] = [DllOpen('kernel32.dll')] If @error Then SetError(2) Return 0 EndIf Local $av_OpenProcess = DllCall($ah_Handle[0], 'int', 'OpenProcess', 'int', $iv_DesiredAccess, 'int', $iv_InheritHandle, 'int', $iv_Pid) If @error Then DllClose($ah_Handle[0]) SetError(3) Return 0 EndIf $ah_Handle[1] = $av_OpenProcess[0] Return $ah_Handle EndFunc ;==>_MemoryOpen Func _MemoryRead($iv_Address, $ah_Handle, $sv_Type = 'dword') If Not IsArray($ah_Handle) Then SetError(1) Return 0 EndIf Local $v_Buffer = DllStructCreate($sv_Type) If @error Then SetError(@error + 1) Return 0 EndIf DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '') If Not @error Then Local $v_Value = DllStructGetData($v_Buffer, 1) Return $v_Value Else SetError(6) Return 0 EndIf EndFunc ;==>_MemoryRead Func SetPrivilege($privilege, $bEnable) Const $TOKEN_ADJUST_PRIVILEGES = 0x0020 Const $TOKEN_QUERY = 0x0008 Const $SE_PRIVILEGE_ENABLED = 0x0002 Local $hToken, $SP_auxret, $SP_ret, $hCurrProcess, $nTokens, $nTokenIndex, $priv $nTokens = 1 $LUID = DllStructCreate("dword;int") If IsArray($privilege) Then $nTokens = UBound($privilege) $TOKEN_PRIVILEGES = DllStructCreate("dword;dword[" & (3 * $nTokens) & "]") $NEWTOKEN_PRIVILEGES = DllStructCreate("dword;dword[" & (3 * $nTokens) & "]") $hCurrProcess = DllCall("kernel32.dll", "hwnd", "GetCurrentProcess") $SP_auxret = DllCall("advapi32.dll", "int", "OpenProcessToken", "hwnd", $hCurrProcess[0], "int", BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY), "int_ptr", 0) If $SP_auxret[0] Then $hToken = $SP_auxret[3] DllStructSetData($TOKEN_PRIVILEGES, 1, 1) $nTokenIndex = 1 While $nTokenIndex <= $nTokens If IsArray($privilege) Then $priv = $privilege[$nTokenIndex - 1] Else $priv = $privilege EndIf $ret = DllCall("advapi32.dll", "int", "LookupPrivilegeValue", "str", "", "str", $priv, _ "ptr", DllStructGetPtr($LUID)) If $ret[0] Then If $bEnable Then DllStructSetData($TOKEN_PRIVILEGES, 2, $SE_PRIVILEGE_ENABLED, (3 * $nTokenIndex)) Else DllStructSetData($TOKEN_PRIVILEGES, 2, 0, (3 * $nTokenIndex)) EndIf DllStructSetData($TOKEN_PRIVILEGES, 2, DllStructGetData($LUID, 1), (3 * ($nTokenIndex - 1)) + 1) DllStructSetData($TOKEN_PRIVILEGES, 2, DllStructGetData($LUID, 2), (3 * ($nTokenIndex - 1)) + 2) DllStructSetData($LUID, 1, 0) DllStructSetData($LUID, 2, 0) EndIf $nTokenIndex += 1 WEnd $ret = DllCall("advapi32.dll", "int", "AdjustTokenPrivileges", "hwnd", $hToken, "int", 0, _ "ptr", DllStructGetPtr($TOKEN_PRIVILEGES), "int", DllStructGetSize($NEWTOKEN_PRIVILEGES), _ "ptr", DllStructGetPtr($NEWTOKEN_PRIVILEGES), "int_ptr", 0) $f = DllCall("kernel32.dll", "int", "GetLastError") EndIf $NEWTOKEN_PRIVILEGES = 0 $TOKEN_PRIVILEGES = 0 $LUID = 0 If $SP_auxret[0] = 0 Then Return 0 $SP_auxret = DllCall("kernel32.dll", "int", "CloseHandle", "hwnd", $hToken) If Not $ret[0] And Not $SP_auxret[0] Then Return 0 Return $ret[0] EndFunc ;==>SetPrivilege This isn't tested since I don't have the game but it goes with the code I posted. Edit: Forgot the leading 0s for the offset. Edited August 19, 2008 by dbzfanatic Go to my website. | My Zazzle Page (custom products)Al Bhed Translator | Direct linkScreenRec ProSimple Text Editor (STE) [TUTORIAL]Task Scheduler UDF <--- First ever UDF!_ControlPaste() UDF[quote name='renanzin' post='584064' date='Sep 26 2008, 07:00 AM']whats help ?[/quote]
Golbez Posted August 19, 2008 Author Posted August 19, 2008 (edited) yours doesnt work.. only returns 0 this will work.. but it doesnt return the right number expandcollapse popupSetPrivilege("SeDebugPrivilege", 1) Global $mainwindow = "Florensia" If WinExists($mainwindow) Then $PlayerHPadr = "0x00FA8958" $PlayerHPoff = "0x000001D4" $test = "0x" & $PlayerHPadr + $PlayerHPoff $gamepid = ProcessExists("FlorensiaEN.bin") $gamehandle = _MemoryOpen($gamepid) $health = _MemoryRead($PlayerHpadr, $gamehandle) + $PlayerHPoff MsgBox(1, $gamepid, "Address: " & $test & " -|- Health: " & $health) ClipPut($health) Else MsgBox(1, "Error", "ERROR: " & $mainwindow & " Not Found!") EndIf #cs - Health - Value: 0C299DB0 Address: 00FA8958 Offset: 1D4 - Mana - Value: 0C6D5608 Address: 0C5A8C68 Offest: 10 #ce Func _MemoryOpen($iv_Pid, $iv_DesiredAccess = 0x1F0FFF, $iv_InheritHandle = 1) If Not ProcessExists($iv_Pid) Then SetError(1) Return 0 EndIf Local $ah_Handle[2] = [DllOpen('kernel32.dll')] If @error Then SetError(2) Return 0 EndIf Local $av_OpenProcess = DllCall($ah_Handle[0], 'int', 'OpenProcess', 'int', $iv_DesiredAccess, 'int', $iv_InheritHandle, 'int', $iv_Pid) If @error Then DllClose($ah_Handle[0]) SetError(3) Return 0 EndIf $ah_Handle[1] = $av_OpenProcess[0] Return $ah_Handle EndFunc ;==>_MemoryOpen Func _MemoryRead($iv_Address, $ah_Handle, $sv_Type = 'dword') If Not IsArray($ah_Handle) Then SetError(1) Return 0 EndIf Local $v_Buffer = DllStructCreate($sv_Type) If @error Then SetError(@error + 1) Return 0 EndIf DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '') If Not @error Then Local $v_Value = DllStructGetData($v_Buffer, 1) Return $v_Value Else SetError(6) Return 0 EndIf EndFunc ;==>_MemoryRead Func SetPrivilege($privilege, $bEnable) Const $TOKEN_ADJUST_PRIVILEGES = 0x0020 Const $TOKEN_QUERY = 0x0008 Const $SE_PRIVILEGE_ENABLED = 0x0002 Local $hToken, $SP_auxret, $SP_ret, $hCurrProcess, $nTokens, $nTokenIndex, $priv $nTokens = 1 $LUID = DllStructCreate("dword;int") If IsArray($privilege) Then $nTokens = UBound($privilege) $TOKEN_PRIVILEGES = DllStructCreate("dword;dword[" & (3 * $nTokens) & "]") $NEWTOKEN_PRIVILEGES = DllStructCreate("dword;dword[" & (3 * $nTokens) & "]") $hCurrProcess = DllCall("kernel32.dll", "hwnd", "GetCurrentProcess") $SP_auxret = DllCall("advapi32.dll", "int", "OpenProcessToken", "hwnd", $hCurrProcess[0], "int", BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY), "int_ptr", 0) If $SP_auxret[0] Then $hToken = $SP_auxret[3] DllStructSetData($TOKEN_PRIVILEGES, 1, 1) $nTokenIndex = 1 While $nTokenIndex <= $nTokens If IsArray($privilege) Then $priv = $privilege[$nTokenIndex - 1] Else $priv = $privilege EndIf $ret = DllCall("advapi32.dll", "int", "LookupPrivilegeValue", "str", "", "str", $priv, _ "ptr", DllStructGetPtr($LUID)) If $ret[0] Then If $bEnable Then DllStructSetData($TOKEN_PRIVILEGES, 2, $SE_PRIVILEGE_ENABLED, (3 * $nTokenIndex)) Else DllStructSetData($TOKEN_PRIVILEGES, 2, 0, (3 * $nTokenIndex)) EndIf DllStructSetData($TOKEN_PRIVILEGES, 2, DllStructGetData($LUID, 1), (3 * ($nTokenIndex - 1)) + 1) DllStructSetData($TOKEN_PRIVILEGES, 2, DllStructGetData($LUID, 2), (3 * ($nTokenIndex - 1)) + 2) DllStructSetData($LUID, 1, 0) DllStructSetData($LUID, 2, 0) EndIf $nTokenIndex += 1 WEnd $ret = DllCall("advapi32.dll", "int", "AdjustTokenPrivileges", "hwnd", $hToken, "int", 0, _ "ptr", DllStructGetPtr($TOKEN_PRIVILEGES), "int", DllStructGetSize($NEWTOKEN_PRIVILEGES), _ "ptr", DllStructGetPtr($NEWTOKEN_PRIVILEGES), "int_ptr", 0) $f = DllCall("kernel32.dll", "int", "GetLastError") EndIf $NEWTOKEN_PRIVILEGES = 0 $TOKEN_PRIVILEGES = 0 $LUID = 0 If $SP_auxret[0] = 0 Then Return 0 $SP_auxret = DllCall("kernel32.dll", "int", "CloseHandle", "hwnd", $hToken) If Not $ret[0] And Not $SP_auxret[0] Then Return 0 Return $ret[0] EndFunc ;==>SetPrivilege #cs -- Memory Adresses PlayerHPadr = 0x00F86E18; PlayerHPoff = 0x1D4; TargetLockadr = 0x18DBD325; -- Setup -- -- Sit When HP Reaches.. -- PlayerHPStop = 300; -- Stand Up When HP Reaches.. -- PlayerHPSit = 630; -- Enables Looting, increases the time between killing -- EnableLooting = 1; -- Reviving Enabled? -- Revive = 1; -- Mouse Coords of the Revive Button ReviveX = 547; ReviveY = 411; -- End of Setup-- function GetTarget() TargetLock = memoryReadByte(proc, TargetLockadr); if( TargetLock == 1 and PlayerHP > PlayerHPStop and Sitting == 0) then keyboardPress( key.VK_1 ); rest(20); keyboardPress( key.VK_7 ); end if( TargetLock == 0 and PlayerHP > PlayerHPStop and Sitting == 0 ) then Loot(); keyboardPress( key.VK_0 ); rest(20); end rest(20); end function Heal() PlayerHP = memoryReadIntPtr(proc, PlayerHPadr, PlayerHPoff); if( PlayerHP <= PlayerHPStop and TargetLock == 0 and Sitting == 0 ) then rest(5000); keyboardPress( key.VK_8 ); rest(4000); Sitting = 1; end if( PlayerHP >= PlayerHPSit and TargetLock == 0 and Sitting == 1 ) then keyboardPress( key.VK_8 ); rest(4000); Sitting = 0; end end function DefeatAttacker() if( Sitting == 1 and TargetLock == 1 ) then keyboardPress( key.VK_S ); rest(500); Sitting = 0; keyboardPress( key.VK_7 ); end end function Loot() if( EnableLooting == 1 ) then keyboardPress( key.VK_X ); rest(4000); end end function Reviving() if( Revive == 1 and PlayerHP == 0 ) then yrest(5000); mouseSet(ReviveX, ReviveY); yrest(500); mouseLClick(); end end function main() attach( findWindow("Florensia") ); proc = openProcess( findProcess("Florensia") ); Sitting = 0; while(true) do Heal(); DefeatAttacker(); GetTarget(); Reviving(); rest(10); end end startMacro(main, true); #ce this returns: 213649612 Edited August 19, 2008 by Golbez
dbzfanatic Posted August 19, 2008 Posted August 19, 2008 Hmm...maybe this? expandcollapse popup;#include <NomadMemory.au3> #Include <String.au3> SetPrivilege("SeDebugPrivilege", 1) Global $mainwindow = "Florensia" If WinExists($mainwindow) Then $PlayerHPadr = 0x00FA8958 $PlayerHPoff = 0x000001D4 $gamepid = ProcessExists("FlorensiaEN.bin") $gamehandle = _MemoryOpen($gamepid) $newVal = _FindNewAddress($PlayerHpadr,$PlayerHpoff) $health = _MemoryRead($newVal, $gamehandle) MsgBox(1, $gamepid, "Address: " & $test & " -|- Health: " & $health) ClipPut($health) Else MsgBox(1, "Error", "ERROR: " & $mainwindow & " Not Found!") EndIf #cs - Health - Value: 0C299DB0 Address: 00FA8958 Offset: 1D4 - Mana - Value: 0C6D5608 Address: 0C5A8C68 Offest: 10 #ce #cs -- Memory Adresses PlayerHPadr = 0x00F86E18; PlayerHPoff = 0x1D4; TargetLockadr = 0x18DBD325; -- Setup -- -- Sit When HP Reaches.. -- PlayerHPStop = 300; -- Stand Up When HP Reaches.. -- PlayerHPSit = 630; -- Enables Looting, increases the time between killing -- EnableLooting = 1; -- Reviving Enabled? -- Revive = 1; -- Mouse Coords of the Revive Button ReviveX = 547; ReviveY = 411; -- End of Setup-- function GetTarget() TargetLock = memoryReadByte(proc, TargetLockadr); if( TargetLock == 1 and PlayerHP > PlayerHPStop and Sitting == 0) then keyboardPress( key.VK_1 ); rest(20); keyboardPress( key.VK_7 ); end if( TargetLock == 0 and PlayerHP > PlayerHPStop and Sitting == 0 ) then Loot(); keyboardPress( key.VK_0 ); rest(20); end rest(20); end function Heal() PlayerHP = memoryReadIntPtr(proc, PlayerHPadr, PlayerHPoff); if( PlayerHP <= PlayerHPStop and TargetLock == 0 and Sitting == 0 ) then rest(5000); keyboardPress( key.VK_8 ); rest(4000); Sitting = 1; end if( PlayerHP >= PlayerHPSit and TargetLock == 0 and Sitting == 1 ) then keyboardPress( key.VK_8 ); rest(4000); Sitting = 0; end end function DefeatAttacker() if( Sitting == 1 and TargetLock == 1 ) then keyboardPress( key.VK_S ); rest(500); Sitting = 0; keyboardPress( key.VK_7 ); end end function Loot() if( EnableLooting == 1 ) then keyboardPress( key.VK_X ); rest(4000); end end function Reviving() if( Revive == 1 and PlayerHP == 0 ) then yrest(5000); mouseSet(ReviveX, ReviveY); yrest(500); mouseLClick(); end end function main() attach( findWindow("Florensia") ); proc = openProcess( findProcess("Florensia") ); Sitting = 0; while(true) do Heal(); DefeatAttacker(); GetTarget(); Reviving(); rest(10); end end startMacro(main, true); #ce Func _MemoryOpen($iv_Pid, $iv_DesiredAccess = 0x1F0FFF, $iv_InheritHandle = 1) If Not ProcessExists($iv_Pid) Then SetError(1) Return 0 EndIf Local $ah_Handle[2] = [DllOpen('kernel32.dll')] If @error Then SetError(2) Return 0 EndIf Local $av_OpenProcess = DllCall($ah_Handle[0], 'int', 'OpenProcess', 'int', $iv_DesiredAccess, 'int', $iv_InheritHandle, 'int', $iv_Pid) If @error Then DllClose($ah_Handle[0]) SetError(3) Return 0 EndIf $ah_Handle[1] = $av_OpenProcess[0] Return $ah_Handle EndFunc ;==>_MemoryOpen Func _MemoryRead($iv_Address, $ah_Handle, $sv_Type = 'dword') If Not IsArray($ah_Handle) Then SetError(1) Return 0 EndIf Local $v_Buffer = DllStructCreate($sv_Type) If @error Then SetError(@error + 1) Return 0 EndIf DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '') If Not @error Then Local $v_Value = DllStructGetData($v_Buffer, 1) Return $v_Value Else SetError(6) Return 0 EndIf EndFunc ;==>_MemoryRead Func SetPrivilege($privilege, $bEnable) Const $TOKEN_ADJUST_PRIVILEGES = 0x0020 Const $TOKEN_QUERY = 0x0008 Const $SE_PRIVILEGE_ENABLED = 0x0002 Local $hToken, $SP_auxret, $SP_ret, $hCurrProcess, $nTokens, $nTokenIndex, $priv $nTokens = 1 $LUID = DllStructCreate("dword;int") If IsArray($privilege) Then $nTokens = UBound($privilege) $TOKEN_PRIVILEGES = DllStructCreate("dword;dword[" & (3 * $nTokens) & "]") $NEWTOKEN_PRIVILEGES = DllStructCreate("dword;dword[" & (3 * $nTokens) & "]") $hCurrProcess = DllCall("kernel32.dll", "hwnd", "GetCurrentProcess") $SP_auxret = DllCall("advapi32.dll", "int", "OpenProcessToken", "hwnd", $hCurrProcess[0], "int", BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY), "int_ptr", 0) If $SP_auxret[0] Then $hToken = $SP_auxret[3] DllStructSetData($TOKEN_PRIVILEGES, 1, 1) $nTokenIndex = 1 While $nTokenIndex <= $nTokens If IsArray($privilege) Then $priv = $privilege[$nTokenIndex - 1] Else $priv = $privilege EndIf $ret = DllCall("advapi32.dll", "int", "LookupPrivilegeValue", "str", "", "str", $priv, _ "ptr", DllStructGetPtr($LUID)) If $ret[0] Then If $bEnable Then DllStructSetData($TOKEN_PRIVILEGES, 2, $SE_PRIVILEGE_ENABLED, (3 * $nTokenIndex)) Else DllStructSetData($TOKEN_PRIVILEGES, 2, 0, (3 * $nTokenIndex)) EndIf DllStructSetData($TOKEN_PRIVILEGES, 2, DllStructGetData($LUID, 1), (3 * ($nTokenIndex - 1)) + 1) DllStructSetData($TOKEN_PRIVILEGES, 2, DllStructGetData($LUID, 2), (3 * ($nTokenIndex - 1)) + 2) DllStructSetData($LUID, 1, 0) DllStructSetData($LUID, 2, 0) EndIf $nTokenIndex += 1 WEnd $ret = DllCall("advapi32.dll", "int", "AdjustTokenPrivileges", "hwnd", $hToken, "int", 0, _ "ptr", DllStructGetPtr($TOKEN_PRIVILEGES), "int", DllStructGetSize($NEWTOKEN_PRIVILEGES), _ "ptr", DllStructGetPtr($NEWTOKEN_PRIVILEGES), "int_ptr", 0) $f = DllCall("kernel32.dll", "int", "GetLastError") EndIf $NEWTOKEN_PRIVILEGES = 0 $TOKEN_PRIVILEGES = 0 $LUID = 0 If $SP_auxret[0] = 0 Then Return 0 $SP_auxret = DllCall("kernel32.dll", "int", "CloseHandle", "hwnd", $hToken) If Not $ret[0] And Not $SP_auxret[0] Then Return 0 Return $ret[0] EndFunc ;==>SetPrivilege Func _FindNewAddress(ByRef $P,ByRef $OSet) $ID=_MemoryOpen(0x00000848) $New_Address=_MemoryRead($P,$ID) +$OSet _MemoryClose($ID) Return $New_Address EndFunc If that doesn't work try editing the _FindNewAddress() function by removing the $ID=_MemoryOpen(0x00000848) line and trying again by substituting $ID = $gamehandle. Post what happens ok? Go to my website. | My Zazzle Page (custom products)Al Bhed Translator | Direct linkScreenRec ProSimple Text Editor (STE) [TUTORIAL]Task Scheduler UDF <--- First ever UDF!_ControlPaste() UDF[quote name='renanzin' post='584064' date='Sep 26 2008, 07:00 AM']whats help ?[/quote]
dbzfanatic Posted August 19, 2008 Posted August 19, 2008 Hopefully when you get back you'll have figured out a way that works and can tell the rest of us . Go to my website. | My Zazzle Page (custom products)Al Bhed Translator | Direct linkScreenRec ProSimple Text Editor (STE) [TUTORIAL]Task Scheduler UDF <--- First ever UDF!_ControlPaste() UDF[quote name='renanzin' post='584064' date='Sep 26 2008, 07:00 AM']whats help ?[/quote]
killerofsix Posted August 19, 2008 Posted August 19, 2008 why don't you try using _MemoryPointerRead, works for me. expandcollapse popup;================================================================================================= ; Function: _MemoryPointerRead ($iv_Address, $ah_Handle, $av_Offset[, $sv_Type]) ; Description: Reads a chain of pointers and returns an array containing the destination ; address and the data at the address. ; Parameter(s): $iv_Address - The static memory address you want to start at. It must be in ; hex format (0x00000000). ; $ah_Handle - An array containing the Dll handle and the handle of the open ; process as returned by _MemoryOpen(). ; $av_Offset - An array of offsets for the pointers. Each pointer must have an ; offset. If there is no offset for a pointer, enter 0 for that ; array dimension. ; $sv_Type - (optional) The "Type" of data you intend to read at the destination ; address. This is set to 'dword'(32bit(4byte) signed integer) by ; default. See the help file for DllStructCreate for all types. ; Requirement(s): The $ah_Handle returned from _MemoryOpen. ; Return Value(s): On Success - Returns an array containing the destination address and the value ; located at the address. ; On Failure - Returns 0 ; @Error - 0 = No error. ; 1 = $av_Offset is not an array. ; 2 = Invalid $ah_Handle. ; 3 = $sv_Type is not a string. ; 4 = $sv_Type is an unknown data type. ; 5 = Failed to allocate the memory needed for the DllStructure. ; 6 = Error allocating memory for $sv_Type. ; 7 = Failed to read from the specified process. ; Author(s): Nomad ; Note(s): Values returned are in Decimal format, unless a 'char' type is selected. ; Set $av_Offset like this: ; $av_Offset[0] = NULL (not used) ; $av_Offset[1] = Offset for pointer 1 (all offsets must be in Decimal) ; $av_Offset[2] = Offset for pointer 2 ; etc... ; (The number of array dimensions determines the number of pointers) ;================================================================================================= Func _MemoryPointerRead($iv_Address, $ah_Handle, $av_Offset, $sv_Type = 'dword') If IsArray($av_Offset) Then If IsArray($ah_Handle) Then Local $iv_PointerCount = UBound($av_Offset) - 1 Else SetError(2) Return 0 EndIf Else SetError(1) Return 0 EndIf Local $iv_Data[2], $i Local $v_Buffer = DllStructCreate('dword') For $i = 0 To $iv_PointerCount If $i = $iv_PointerCount Then $v_Buffer = DllStructCreate($sv_Type) If @error Then SetError(@error + 2) Return 0 EndIf $iv_Address = '0x' & Hex($iv_Data[1] + $av_Offset[$i]) DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '') If @error Then SetError(7) Return 0 EndIf $iv_Data[1] = DllStructGetData($v_Buffer, 1) ElseIf $i = 0 Then DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '') If @error Then SetError(7) Return 0 EndIf $iv_Data[1] = DllStructGetData($v_Buffer, 1) Else $iv_Address = '0x' & Hex($iv_Data[1] + $av_Offset[$i]) DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '') If @error Then SetError(7) Return 0 EndIf $iv_Data[1] = DllStructGetData($v_Buffer, 1) EndIf Next $iv_Data[0] = $iv_Address Return $iv_Data EndFunc ;==>_MemoryPointerReadoÝ÷ Ú«{l¶Å©©ãh§p®^jëh×6;This is just a structural example it will not function ;unless the correct information is entered. #include <Memory.au3> ;get the process ID $ProcessID = WinGetProcess("Any Window") ;set the static address $Address = 0x6FBCC1E0 ;set the pointer offsets in Decimal Dim $Offset[4] $Offset[0] = 0 ;no offset for pointer 1 $Offset[1] = 56 ;0x38 in Hex $Offset[2] = 200 ;0xC8 in Hex $Offset[3] = 0 ;no offset for pointer 4 ;open the process and get the handle $Handle = _MemoryOpen($ProcessID) ;read the 'dword' value at the destination address $Value = _MemoryPointerRead($Address, $Handle, $Offset) #cs ;or if the value is a 9 character 'char' type $Type = 'char[10]' $Value = _MemoryPointerRead($Address, $Handle, $Offset, $Type) #ce ;close the open process _MemoryClose($Handle) ;display the value and the destination address MsgBox(4096, "Returned", "Address = " & $Value[0] & @CRLF & "Value =" & $Value[1]) "The quieter you are, the more you are able to hear..." My AppsUSB Finder
Golbez Posted August 19, 2008 Author Posted August 19, 2008 why don't you try using _MemoryPointerRead, works for me. expandcollapse popup;================================================================================================= ; Function: _MemoryPointerRead ($iv_Address, $ah_Handle, $av_Offset[, $sv_Type]) ; Description: Reads a chain of pointers and returns an array containing the destination ; address and the data at the address. ; Parameter(s): $iv_Address - The static memory address you want to start at. It must be in ; hex format (0x00000000). ; $ah_Handle - An array containing the Dll handle and the handle of the open ; process as returned by _MemoryOpen(). ; $av_Offset - An array of offsets for the pointers. Each pointer must have an ; offset. If there is no offset for a pointer, enter 0 for that ; array dimension. ; $sv_Type - (optional) The "Type" of data you intend to read at the destination ; address. This is set to 'dword'(32bit(4byte) signed integer) by ; default. See the help file for DllStructCreate for all types. ; Requirement(s): The $ah_Handle returned from _MemoryOpen. ; Return Value(s): On Success - Returns an array containing the destination address and the value ; located at the address. ; On Failure - Returns 0 ; @Error - 0 = No error. ; 1 = $av_Offset is not an array. ; 2 = Invalid $ah_Handle. ; 3 = $sv_Type is not a string. ; 4 = $sv_Type is an unknown data type. ; 5 = Failed to allocate the memory needed for the DllStructure. ; 6 = Error allocating memory for $sv_Type. ; 7 = Failed to read from the specified process. ; Author(s): Nomad ; Note(s): Values returned are in Decimal format, unless a 'char' type is selected. ; Set $av_Offset like this: ; $av_Offset[0] = NULL (not used) ; $av_Offset[1] = Offset for pointer 1 (all offsets must be in Decimal) ; $av_Offset[2] = Offset for pointer 2 ; etc... ; (The number of array dimensions determines the number of pointers) ;================================================================================================= Func _MemoryPointerRead($iv_Address, $ah_Handle, $av_Offset, $sv_Type = 'dword') If IsArray($av_Offset) Then If IsArray($ah_Handle) Then Local $iv_PointerCount = UBound($av_Offset) - 1 Else SetError(2) Return 0 EndIf Else SetError(1) Return 0 EndIf Local $iv_Data[2], $i Local $v_Buffer = DllStructCreate('dword') For $i = 0 To $iv_PointerCount If $i = $iv_PointerCount Then $v_Buffer = DllStructCreate($sv_Type) If @error Then SetError(@error + 2) Return 0 EndIf $iv_Address = '0x' & Hex($iv_Data[1] + $av_Offset[$i]) DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '') If @error Then SetError(7) Return 0 EndIf $iv_Data[1] = DllStructGetData($v_Buffer, 1) ElseIf $i = 0 Then DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '') If @error Then SetError(7) Return 0 EndIf $iv_Data[1] = DllStructGetData($v_Buffer, 1) Else $iv_Address = '0x' & Hex($iv_Data[1] + $av_Offset[$i]) DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '') If @error Then SetError(7) Return 0 EndIf $iv_Data[1] = DllStructGetData($v_Buffer, 1) EndIf Next $iv_Data[0] = $iv_Address Return $iv_Data EndFunc ;==>_MemoryPointerReadoÝ÷ Ú«{l¶Å©©ãh§p®^jëh×6;This is just a structural example it will not function ;unless the correct information is entered. #include <Memory.au3> ;get the process ID $ProcessID = WinGetProcess("Any Window") ;set the static address $Address = 0x6FBCC1E0 ;set the pointer offsets in Decimal Dim $Offset[4] $Offset[0] = 0 ;no offset for pointer 1 $Offset[1] = 56 ;0x38 in Hex $Offset[2] = 200 ;0xC8 in Hex $Offset[3] = 0 ;no offset for pointer 4 ;open the process and get the handle $Handle = _MemoryOpen($ProcessID) ;read the 'dword' value at the destination address $Value = _MemoryPointerRead($Address, $Handle, $Offset) #cs ;or if the value is a 9 character 'char' type $Type = 'char[10]' $Value = _MemoryPointerRead($Address, $Handle, $Offset, $Type) #ce ;close the open process _MemoryClose($Handle) ;display the value and the destination address MsgBox(4096, "Returned", "Address = " & $Value[0] & @CRLF & "Value =" & $Value[1]) TY!!!! i didnt know it existed trying now btw the mummy3 was good
killerofsix Posted August 19, 2008 Posted August 19, 2008 (edited) Just something I noticed when using this function. Use one array for each offset. (offsets should be in decimal form NOT HEX) Here's a hex to decimal converter: http://www.easycalculation.com/hex-converter.php$procHwnd = ProcessExists("FlorensiaEN.bin") $address = 0x6FBCC1E0 ;This is still hex Dim $offset1[2] $offset1[0] = 0 ;not used by memory function $offset1[1] = 468 ;1D4 in decimal Dim $offset2[2] $offset2[0] = 0 ;not used by memory function $offset2[1] = 469 ;1D5 in decimal $read1 = _MemoryPointerRead ($address, $procHwnd, $offset1) $read 2 = _MemoryPointerRead ($address, $procHwnd, $offset2) MsgBox( 0, "", "Value of offset1 is: " & $read1) MsgBox( 0, "", "Value of offset2 is: " & $read2)Just to give you an idea. Good luck and tell us if you get it working. yes the mummy 3 was good saw it last week Edited August 19, 2008 by killerofsix "The quieter you are, the more you are able to hear..." My AppsUSB Finder
Szhlopp Posted August 19, 2008 Posted August 19, 2008 Just something I noticed when using this function. Use one array for each offset. (offsets should be in decimal form NOT HEX) Here's a hex to decimal converter: http://www.easycalculation.com/hex-converter.php $procHwnd = ProcessExists("FlorensiaEN.bin") $address = 0x6FBCC1E0 ;This is still hex Dim $offset1[2] $offset1[0] = 0 ;not used by memory function $offset1[1] = 468 ;1D4 in decimal Dim $offset2[2] $offset2[0] = 0 ;not used by memory function $offset2[1] = 469 ;1D5 in decimal $read1 = _MemoryPointerRead ($address, $procHwnd, $offset1) $read 2 = _MemoryPointerRead ($address, $procHwnd, $offset2) MsgBox( 0, "", "Value of offset1 is: " & $read1) MsgBox( 0, "", "Value of offset2 is: " & $read2) Just to give you an idea. Good luck and tell us if you get it working. yes the mummy 3 was good saw it last week The sad thing is AutoIt (ATM) cannot do enough of the memory functions to make it worth while... You can grab a green address and put it in your script but as soon as you restart your computer that address is useless. Example: "Gamename.exe+753EC" I can calculate to find out what "Gamename.exe" equals and put it in my script and it runs fine. But next time I start my computer I've got to re-calculate that address again (Through CE). I guess this is a request for someone with more AutoIt knowledge than I. We need the ability to get whatever that EXE name equals; as soon as we can do that AutoIt will be a very powerful tool for memory operations RegEx/RegExRep Tester!Nerd Olympics - Community App!Login UDFMemory UDF - "Game.exe+753EC" - CE pointer to AU3Password Manager W/ SourceDataFiler - Include files in your au3!--- Was I helpful? Click the little green '+'
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now