Jump to content
Sign in to follow this  
i3illig

Memory UDF doesn't work?

Recommended Posts

i3illig

Hi,

i need help because i really don't know whats wrogn usualle im not asking for help because you can google almost everything but now i m going to be crazy!!!!

I mean it sounds very simpy:

a) i ve got the pointer address for some informations from cheat engine - it is 100% right!!

Pointer's at TRose.exe:

Pointer Address of Action: 006936A8
Offset(Hex): 36

:) if i restart computer or client the pointer works at cheat engine if i insert him there

- and now my problem -

c) i think my source code is right and evrything but it returns the wrong pointer address value

$Offset = Dec("140")
$pid = ProcessExists("TRose.exe");Returns the PID (3020)

$openmem = _MemoryOpen($pid);Returns nothing in MsgBox

$baseADDR = _MemoryGetBaseAddress($openmem,1);Returns base address (3342336)
$Action_Address = "0x" & Hex($baseADDR + Dec("693504")); Returns 0x009C36A8

$Action_Read =  _MemoryPointerRead($Action_Address, $openmem, $Offset);Returns 0 (but it's not 0)

MsgBox(64,"Info","Address: "&$Action_Address&@CRLF&"Value: "&$Action_Read)oÝ÷ ÙØ¢{d0«m¡Ú¢é]ÖÞ¶­¶X¬u©çm«më~wvÊ+v¡j÷º'ç_"·§yçn®¥¤w«yªÞ¶]ý²Øq¶è§ZºÚ"µÍ[ÈÓY[[ÜSÜ[    ÌÍÚ]ÔY  ÌÍÚ]ÑÚYXØÙÜÈHQ ÌÍÚYÒ[][HHJBRYÝØÙÜÑ^ÝÊ   ÌÍÚ]ÔY
H[BTÙ]ÜJBBT]Q[YSØØ[ ÌÍØZÒ[VÌHHÑÜ[    ÌÎNÚÙ[Ì    ÌÎNÊWBRYÜ[BTÙ]ÜBBT]Q[YSØØ[  ÌÍØ]ÓÜ[ØÙÜÈHØ[
    ÌÍØZÒ[VÌK  ÌÎNÚ[    ÌÎNË ÌÎNÓÜ[ØÙÜÉÌÎNË   ÌÎNÚ[    ÌÎNË ÌÍÚ]ÑÚYXØÙÜË   ÌÎNÚ[    ÌÎNË ÌÍÚYÒ[][K   ÌÎNÚ[    ÌÎNË ÌÍÚ]ÔY
BRYÜ[BQÛÜÙJ ÌÍØZÒ[VÌJBBTÙ]ÜÊBBT]Q[YIÌÍØZÒ[VÌWHH    ÌÍØ]ÓÜ[ØÙÜÖÌBT]   ÌÍØZÒ[B[[ÂÏOOOOOOOOOOOOOOOOOB[ÈÓY[[ÜQÙ]ÙPYÜÊ   ÌÍØZÒ[K ÌÍÚR^XÈH
BBSØØ[    ÌÍÚ]ÐYÜÈHLSØØ[  ÌÍÝÐYHÝXÝÜX]J    ÌÎNÙÛÜÙÛÜÙÛÜÙÛÜÙÛÜÙÛÜÙÛÜ ÌÎNÊBSØØ[  ÌÍÝ]BSØØ[  ÌÍÝBBRYÝÐ^J    ÌÍØZÒ[JH[BTÙ]ÜJBBT]Q[YBQØ[
    ÌÍØZÒ[VÌK  ÌÎNÚ[    ÌÎNË ÌÎNÕX[]YQ^   ÌÎNË ÌÎNÚ[    ÌÎNË ÌÍØZÒ[VÌWK ÌÎNÚ[    ÌÎNË ÌÍÚ]ÐYÜË  ÌÎNÜÌÎNËÝXÝÙ]  ÌÍÝÐYK  ÌÎNÚ[    ÌÎNËÝXÝÙ]Ú^J ÌÍÝÐYJBBRYÝÜ[BBBIÌÍÝ]HH^
ÝXÝÙ]]J  ÌÍÝÐYJBBIÌÍÝHH^
ÝXÝÙ]]J  ÌÍÝÐYÊJBBBBUÚ[H   ÌÍÝH ÉÝÈ  ][ÝÌ  ][ÝÂBBQØ[
    ÌÍØZÒ[VÌK  ÌÎNÚ[    ÌÎNË ÌÎNÕX[]YQ^   ÌÎNË ÌÎNÚ[    ÌÎNË ÌÍØZÒ[VÌWK ÌÎNÚ[    ÌÎNË ÌÍÚ]ÐYÜË  ÌÎNÜÌÎNËÝXÝÙ]  ÌÍÝÐYK  ÌÎNÚ[    ÌÎNËÝXÝÙ]Ú^J ÌÍÝÐYJBBBIÌÍÝ]HH^
ÝXÝÙ]]J  ÌÍÝÐYJBBBIÌÍÝHH^
ÝXÝÙ]]J  ÌÍÝÐYÊJBBBRY^
    ÌÍÚ]ÐYÜÊHH    ][ÝÌL ][ÝÈ[^]ÛÜBBIÌÍÚ]ÐYÜÈ
ÏH
MLÍBBBBUÑ[BRY ÌÍÝHH    ][ÝÌ  ][ÝÈ[BBTÙ]Ü
BBBRY   ÌÍÚR^XÈHH[BBBT]XÊ  ÌÍÝ]JBBBQ[ÙBBBBT]   ÌÍÝ]BBBQ[YBBBBQ[ÙBBBTÙ]ÜBBBT]BQ[YBBQ[ÙBBTÙ]ÜÊBBT]Q[YB[[ÂÏOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOB[ÈÓY[[ÜTÚ[XY
    ÌÍÚ]ÐYÜË  ÌÍØZÒ[K ÌÍØ]ÓÙÙ]  ÌÍÜÝÕHH    ÌÎNÙÛÜ ÌÎNÊBRYÐ^J  ÌÍØ]ÓÙÙ]
H[BRYÐ^J   ÌÍØZÒ[JH[BBSØØ[   ÌÍÚ]ÔÚ[ÛÝ[HPÝ[
    ÌÍØ]ÓÙÙ]
HHBBQ[ÙBBBTÙ]ÜBBBT]BQ[YQ[ÙBBTÙ]ÜJBBT]Q[YSØØ[    ÌÍÚ]Ñ]VÌK  ÌÍÚBSØØ[   ÌÍÝÐYHÝXÝÜX]J    ÌÎNÙÛÜ ÌÎNÊBQÜ ÌÍÚHHÈ  ÌÍÚ]ÔÚ[ÛÝ[HBRY   ÌÍÚHH    ÌÍÚ]ÔÚ[ÛÝ[[BBIÌÍÝÐYHÝXÝÜX]J   ÌÍÜÝÕJBBBRYÜ[BBBTÙ]ÜÜ
ÈBBBBT]BBQ[YBHBBIÌÍÚ]ÐYÜÈH   ÌÎNÌ ÌÎNÈ [È^
    ÌÍÚ]Ñ]VÌWH
È  ÌÍØ]ÓÙÙ]ÉÌÍÚWJBBBQØ[
    ÌÍØZÒ[VÌK  ÌÎNÚ[    ÌÎNË ÌÎNÔXYØÙÜÓY[[ÜIÌÎNË  ÌÎNÚ[    ÌÎNË ÌÍØZÒ[VÌWK ÌÎNÚ[    ÌÎNË ÌÍÚ]ÐYÜË  ÌÎNÜÌÎNËÝXÝÙ]  ÌÍÝÐYK  ÌÎNÚ[    ÌÎNËÝXÝÙ]Ú^J ÌÍÝÐYK  ÌÎNÚ[    ÌÎNË ÌÎNÉÌÎNÊBBBRYÜ[BBBTÙ]Ü
ÊBBBBT]BBQ[YBHBBIÌÍÚ]Ñ]VÌWHHÝXÝÙ]]J    ÌÍÝÐYJBBHBQ[ÙRY    ÌÍÚHH[BBQØ[
    ÌÍØZÒ[VÌK  ÌÎNÚ[    ÌÎNË ÌÎNÔXYØÙÜÓY[[ÜIÌÎNË  ÌÎNÚ[    ÌÎNË ÌÍØZÒ[VÌWK ÌÎNÚ[    ÌÎNË ÌÍÚ]ÐYÜË  ÌÎNÜÌÎNËÝXÝÙ]  ÌÍÝÐYK  ÌÎNÚ[    ÌÎNËÝXÝÙ]Ú^J ÌÍÝÐYK  ÌÎNÚ[    ÌÎNË ÌÎNÉÌÎNÊBBBRYÜ[BBBTÙ]Ü
ÊBBBBT]BBQ[YBHBBIÌÍÚ]Ñ]VÌWHHÝXÝÙ]]J    ÌÍÝÐYJBBHBQ[ÙBBBIÌÍÚ]ÐYÜÈH   ÌÎNÌ ÌÎNÈ [È^
    ÌÍÚ]Ñ]VÌWH
È  ÌÍØ]ÓÙÙ]ÉÌÍÚWJBBBQØ[
    ÌÍØZÒ[VÌK  ÌÎNÚ[    ÌÎNË ÌÎNÔXYØÙÜÓY[[ÜIÌÎNË  ÌÎNÚ[    ÌÎNË ÌÍØZÒ[VÌWK ÌÎNÚ[    ÌÎNË ÌÍÚ]ÐYÜË  ÌÎNÜÌÎNËÝXÝÙ]  ÌÍÝÐYK  ÌÎNÚ[    ÌÎNËÝXÝÙ]Ú^J ÌÍÝÐYK  ÌÎNÚ[    ÌÎNË ÌÎNÉÌÎNÊBBBRYÜ[BBBTÙ]Ü
ÊBBBBT]BBQ[YBHBBIÌÍÚ]Ñ]VÌWHHÝXÝÙ]]J    ÌÍÝÐYJBBHBQ[YHS^IÌÍÚ]Ñ]VÌHH    ÌÍÚ]ÐYÜÂT]    ÌÍÚ]Ñ]B[[

And I think the source code worked yesterday....

thx for help x(

Edited by i3illig

Share this post


Link to post
Share on other sites
Dampe

Use this UDF:

#include-once
#region _Memory
;==================================================================================
; AutoIt Version:   3.1.127 (beta)
; Language:         English
; Platform:         All Windows
; Author:           Nomad
; Requirements:     These functions will only work with beta.
;==================================================================================
; Credits:  wOuter - These functions are based on his original _Mem() functions.
;           But they are easier to comprehend and more reliable.  These
;           functions are in no way a direct copy of his functions.  His
;           functions only provided a foundation from which these evolved.
;==================================================================================
;
; Functions:
;
;==================================================================================
; Function:         _MemoryOpen($iv_Pid[, $iv_DesiredAccess[, $iv_InheritHandle]])
; Description:      Opens a process and enables all possible access rights to the
;                   process.  The Process ID of the process is used to specify which
;                   process to open.  You must call this function before calling
;                   _MemoryClose(), _MemoryRead(), or _MemoryWrite().
; Parameter(s):     $iv_Pid - The Process ID of the program you want to open.
;                   $iv_DesiredAccess - (optional) Set to 0x1F0FFF by default, which
;                                       enables all possible access rights to the
;                                       process specified by the Process ID.
;                   $iv_InheritHandle - (optional) If this value is TRUE, all processes
;                                       created by this process will inherit the access
;                                       handle.  Set to 1 (TRUE) by default.  Set to 0
;                                       if you want it FALSE.
; Requirement(s):   None.
; Return Value(s):  On Success - Returns an array containing the Dll handle and an
;                                open handle to the specified process.
;                   On Failure - Returns 0
;                   @Error - 0 = No error.
;                            1 = Invalid $iv_Pid.
;                            2 = Failed to open Kernel32.dll.
;                            3 = Failed to open the specified process.
; Author(s):        Nomad
; Note(s):
;==================================================================================
Func _MemoryOpen($iv_Pid, $iv_DesiredAccess = 0x1F0FFF, $iv_InheritHandle = 1)
    
    If Not ProcessExists($iv_Pid) Then
        SetError(1)
        Return 0
    EndIf
    
    Local $ah_Handle[2] = [DllOpen('kernel32.dll')]
    
    If @Error Then
        SetError(2)
        Return 0
    EndIf
    
    Local $av_OpenProcess = DllCall($ah_Handle[0], 'int', 'OpenProcess', 'int', $iv_DesiredAccess, 'int', $iv_InheritHandle, 'int', $iv_Pid)
    
    If @Error Then
        DllClose($ah_Handle[0])
        SetError(3)
        Return 0
    EndIf
    
    $ah_Handle[1] = $av_OpenProcess[0]
    
    Return $ah_Handle
    
EndFunc

;==================================================================================
; Function:         _MemoryRead($iv_Address, $ah_Handle[, $sv_Type])
; Description:      Reads the value located in the memory address specified.
; Parameter(s):     $iv_Address - The memory address you want to read from. It must
;                                 be in hex format (0x00000000).
;                   $ah_Handle - An array containing the Dll handle and the handle
;                                of the open process as returned by _MemoryOpen().
;                   $sv_Type - (optional) The "Type" of value you intend to read.
;                               This is set to 'dword'(32bit(4byte) signed integer)
;                               by default.  See the help file for DllStructCreate
;                               for all types.  An example: If you want to read a
;                               word that is 15 characters in length, you would use
;                               'char[16]' since a 'char' is 8 bits (1 byte) in size.
; Return Value(s):  On Success - Returns the value located at the specified address.
;                   On Failure - Returns 0
;                   @Error - 0 = No error.
;                            1 = Invalid $ah_Handle.
;                            2 = $sv_Type was not a string.
;                            3 = $sv_Type is an unknown data type.
;                            4 = Failed to allocate the memory needed for the DllStructure.
;                            5 = Error allocating memory for $sv_Type.
;                            6 = Failed to read from the specified process.
; Author(s):        Nomad
; Note(s):          Values returned are in Decimal format, unless specified as a
;                   'char' type, then they are returned in ASCII format.  Also note
;                   that size ('char[size]') for all 'char' types should be 1
;                   greater than the actual size.
;==================================================================================
Func _MemoryRead($iv_Address, $ah_Handle, $sv_Type = 'dword')
    
    If Not IsArray($ah_Handle) Then
        SetError(1)
        Return 0
    EndIf
    
    Local $v_Buffer = DllStructCreate($sv_Type)
    
    If @Error Then
        SetError(@Error + 1)
        Return 0
    EndIf
    
    DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
    
    If Not @Error Then
        Local $v_Value = DllStructGetData($v_Buffer, 1)
        Return $v_Value
    Else
        SetError(6)
        Return 0
    EndIf
    
EndFunc

;==================================================================================
; Function:         _MemoryWrite($iv_Address, $ah_Handle, $v_Data[, $sv_Type])
; Description:      Writes data to the specified memory address.
; Parameter(s):     $iv_Address - The memory address which you want to write to.
;                                 It must be in hex format (0x00000000).
;                   $ah_Handle - An array containing the Dll handle and the handle
;                                of the open process as returned by _MemoryOpen().
;                   $v_Data - The data to be written.
;                   $sv_Type - (optional) The "Type" of value you intend to write.
;                               This is set to 'dword'(32bit(4byte) signed integer)
;                               by default.  See the help file for DllStructCreate
;                               for all types.  An example: If you want to write a
;                               word that is 15 characters in length, you would use
;                               'char[16]' since a 'char' is 8 bits (1 byte) in size.
; Return Value(s):  On Success - Returns 1
;                   On Failure - Returns 0
;                   @Error - 0 = No error.
;                            1 = Invalid $ah_Handle.
;                            2 = $sv_Type was not a string.
;                            3 = $sv_Type is an unknown data type.
;                            4 = Failed to allocate the memory needed for the DllStructure.
;                            5 = Error allocating memory for $sv_Type.
;                            6 = $v_Data is not in the proper format to be used with the
;                                "Type" selected for $sv_Type, or it is out of range.
;                            7 = Failed to write to the specified process.
; Author(s):        Nomad
; Note(s):          Values sent must be in Decimal format, unless specified as a
;                   'char' type, then they must be in ASCII format.  Also note
;                   that size ('char[size]') for all 'char' types should be 1
;                   greater than the actual size.
;==================================================================================
Func _MemoryWrite($iv_Address, $ah_Handle, $v_Data, $sv_Type = 'dword')
    
    If Not IsArray($ah_Handle) Then
        SetError(1)
        Return 0
    EndIf
    
    Local $v_Buffer = DllStructCreate($sv_Type)
    
    If @Error Then
        SetError(@Error + 1)
        Return 0
    Else
        DllStructSetData($v_Buffer, 1, $v_Data)
        If @Error Then
            SetError(6)
            Return 0
        EndIf
    EndIf
    
    DllCall($ah_Handle[0], 'int', 'WriteProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
    
    If Not @Error Then
        Return 1
    Else
        SetError(7)
        Return 0
    EndIf
    
EndFunc

;==================================================================================
; Function:         _MemoryClose($ah_Handle)
; Description:      Closes the process handle opened by using _MemoryOpen().
; Parameter(s):     $ah_Handle - An array containing the Dll handle and the handle
;                                of the open process as returned by _MemoryOpen().
; Return Value(s):  On Success - Returns 1
;                   On Failure - Returns 0
;                   @Error - 0 = No error.
;                            1 = Invalid $ah_Handle.
;                            2 = Unable to close the process handle.
; Author(s):        Nomad
; Note(s):
;==================================================================================
Func _MemoryClose($ah_Handle)
    
    If Not IsArray($ah_Handle) Then
        SetError(1)
        Return 0
    EndIf
    
    DllCall($ah_Handle[0], 'int', 'CloseHandle', 'int', $ah_Handle[1])
    If Not @Error Then
        DllClose($ah_Handle[0])
        Return 1
    Else
        DllClose($ah_Handle[0])
        SetError(2)
        Return 0
    EndIf
    
EndFunc

;==================================================================================
; Function:         SetPrivilege( $privilege, $bEnable )
; Description:      Enables (or disables) the $privilege on the current process
;                  (Probably) requires administrator privileges to run
;
; Author(s):        Larry (from autoitscript.com's Forum)
; Notes(s):
; http://www.autoitscript.com/forum/index.php?s=&showtopic=31248&view=findpost&p=223999
;==================================================================================

Func SetPrivilege( $privilege, $bEnable )
    Const $MY_TOKEN_ADJUST_PRIVILEGES = 0x0020
    Const $MY_TOKEN_QUERY = 0x0008
    Const $MY_SE_PRIVILEGE_ENABLED = 0x0002
    Local $hToken, $SP_auxret, $SP_ret, $hCurrProcess, $nTokens, $nTokenIndex, $priv
    $nTokens = 1
    $LUID = DLLStructCreate("dword;int")
    If IsArray($privilege) Then $nTokens = UBound($privilege)
    $TOKEN_PRIVILEGES = DLLStructCreate("dword;dword[" & (3 * $nTokens) & "]")
    $NEWTOKEN_PRIVILEGES = DLLStructCreate("dword;dword[" & (3 * $nTokens) & "]")
    $hCurrProcess = DLLCall("kernel32.dll","hwnd","GetCurrentProcess")
    $SP_auxret = DLLCall("advapi32.dll","int","OpenProcessToken","hwnd",$hCurrProcess[0],   _
            "int",BitOR($MY_TOKEN_ADJUST_PRIVILEGES,$MY_TOKEN_QUERY),"int*",0)
    If $SP_auxret[0] Then
        $hToken = $SP_auxret[3]
        DLLStructSetData($TOKEN_PRIVILEGES,1,1)
        $nTokenIndex = 1
        While $nTokenIndex <= $nTokens
            If IsArray($privilege) Then
                $priv = $privilege[$nTokenIndex-1]
            Else
                $priv = $privilege
            EndIf
            $ret = DLLCall("advapi32.dll","int","LookupPrivilegeValue","str","","str",$priv,   _
                    "ptr",DLLStructGetPtr($LUID))
            If $ret[0] Then
                If $bEnable Then
                    DLLStructSetData($TOKEN_PRIVILEGES,2,$MY_SE_PRIVILEGE_ENABLED,(3 * $nTokenIndex))
                Else
                    DLLStructSetData($TOKEN_PRIVILEGES,2,0,(3 * $nTokenIndex))
                EndIf
                DLLStructSetData($TOKEN_PRIVILEGES,2,DllStructGetData($LUID,1),(3 * ($nTokenIndex-1)) + 1)
                DLLStructSetData($TOKEN_PRIVILEGES,2,DllStructGetData($LUID,2),(3 * ($nTokenIndex-1)) + 2)
                DLLStructSetData($LUID,1,0)
                DLLStructSetData($LUID,2,0)
            EndIf
            $nTokenIndex += 1
        WEnd
        $ret = DLLCall("advapi32.dll","int","AdjustTokenPrivileges","hwnd",$hToken,"int",0,   _
                "ptr",DllStructGetPtr($TOKEN_PRIVILEGES),"int",DllStructGetSize($NEWTOKEN_PRIVILEGES),   _
                "ptr",DllStructGetPtr($NEWTOKEN_PRIVILEGES),"int*",0)
        $f = DLLCall("kernel32.dll","int","GetLastError")
    EndIf
    $NEWTOKEN_PRIVILEGES=0
    $TOKEN_PRIVILEGES=0
    $LUID=0
    If $SP_auxret[0] = 0 Then Return 0
    $SP_auxret = DLLCall("kernel32.dll","int","CloseHandle","hwnd",$hToken)
    If Not $ret[0] And Not $SP_auxret[0] Then Return 0
    return $ret[0]
EndFunc  ;==>SetPrivilege

#endregion

And use this function at the start of your script

SetPrivilege("SeDebugPrivilege", 1)

Share this post


Link to post
Share on other sites
i3illig

ähhm sorry in your UDF aren't the functions i used...

I need a udf that reads the pointer

Share this post


Link to post
Share on other sites
i3illig

does anybody know why the memory address change if I add an Offset like this:

Dim $off[1]

$off[0] = 36

is differtent to

Dim $off[2]

$off[0] = 0

$off[1] = 36

I dont know why for me it doesnt matter....

here my "new" script

#include <NomadMemory.au3>
SetPrivilege("SeDebugPrivilege", 1)


$adr = 0x006936A8   
Dim $off[2]
$off[0] = 0
$off[1] = 36    


$gamepid = ProcessExists("TRose.exe")
$gamehandle = _MemoryOpen($gamepid)
$value = _MemoryPointerRead($adr, $gamehandle, $off)
_MemoryClose($gamepid)

MsgBox(0,"",$value[0]&@CRLF&$value[1])

my script says: 0x097FF774

and cheat engine: 0x097FF786

-.-"

Edited by i3illig

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×