marko001 Posted December 12, 2008 Posted December 12, 2008 Hi all, i'm using the code below to show my name in a game (World of Warcraft). I'm amost confident that the address is the pointer and correct. Anyway, the result i always get is 0, not error but 0 #include <Memory_new.au3> #include <GUIConstants.au3> #include <File.au3> #include <math.au3> SetPrivilege("SetDebugPrivilege", 1) $ProcessID = ProcessExists('Wow.exe') $nMsg = GUIGetMsg() Local $DllInformation = _MemoryOpen($ProcessID) Local $name $name = _MemoryRead(0x011ca298, $DllInformation, 'char[13]') If @error Then MsgBox(4096, "ERROR", "Failed to read memory.") Exit EndIf _MemoryClose($DllInformation) msgbox(0,"My name",$name) Can someone help me sort it out? Thanks, Marco
Marlo Posted December 12, 2008 Posted December 12, 2008 Where did you find the address? Cheatengine? Click here for the best AutoIt help possible.Currently Working on: Autoit RAT
ChangMinYang Posted December 12, 2008 Posted December 12, 2008 Hi all, i'm using the code below to show my name in a game (World of Warcraft). I'm amost confident that the address is the pointer and correct. Anyway, the result i always get is 0, not error but 0 #include <Memory_new.au3> #include <GUIConstants.au3> #include <File.au3> #include <math.au3> SetPrivilege("SetDebugPrivilege", 1) $ProcessID = ProcessExists('Wow.exe') $nMsg = GUIGetMsg() Local $DllInformation = _MemoryOpen($ProcessID) Local $name $name = _MemoryRead(0x011ca298, $DllInformation, 'char[13]') If @error Then MsgBox(4096, "ERROR", "Failed to read memory.") Exit EndIf _MemoryClose($DllInformation) msgbox(0,"My name",$name) Can someone help me sort it out? Thanks, Marco Step 1. Check to $DllInformation that opened handle is valid. Step 2. Replace 'char[13]' to 'byte[13]'
Marlo Posted December 12, 2008 Posted December 12, 2008 Not used Nomad for a while but im sure you could also replace 'char[13]' with 'dword' And maybe use WinGetProcess("World of Warcraft") Click here for the best AutoIt help possible.Currently Working on: Autoit RAT
marko001 Posted December 12, 2008 Author Posted December 12, 2008 To Goodman: Thanks for your hint, but what you mean when you say "Step 1. Check to $DllInformation that opened handle is valid." ? i msgboxed the $ProcessIID and it doesn't return 0 but the handle. For the byte, since it's a text string what i'm looking for I believe char[13] should be the correct way. Anyway i tried all the others but i alway get 0. I got the "green" address with CE, surely. Thanks, Marco
ChangMinYang Posted December 13, 2008 Posted December 13, 2008 To Goodman: Thanks for your hint, but what you mean when you say "Step 1. Check to $DllInformation that opened handle is valid." ? i msgboxed the $ProcessIID and it doesn't return 0 but the handle. For the byte, since it's a text string what i'm looking for I believe char[13] should be the correct way. Anyway i tried all the others but i alway get 0. I got the "green" address with CE, surely. Thanks, Marco You checked $ProcessID as PID. I suggested to check $DllInformation as pHandle. Check this; MsgBox( 0 , StringToArray( $DllInformation , " , " ) ) $DllInformation should be $DllInformation[0] >= 1 and $DllInformation[1] >= 1
marko001 Posted December 13, 2008 Author Posted December 13, 2008 sorry mate i can't understand it. Can you help me sort it out trying to modify the code i gave you in first message? Thanks for the help, mate
Dinosaurr Posted December 13, 2008 Posted December 13, 2008 Wow requires you to unlock the process before you can read/write to it iirc... i think your going to need permedit
marko001 Posted December 14, 2008 Author Posted December 14, 2008 yes, infact with Permedit it works. But it's a "patched" solution, since i need to run Permedit.exe and ask it to grant access to my AutoIt Script once the script is up. Is it possible to tell the script to grant itself such a right? I see that SetPrivilege("SeDebugPrivilege", 1) doesn't help. Thanks, M.
ChangMinYang Posted December 14, 2008 Posted December 14, 2008 sorry mate i can't understand it. Can you help me sort it out trying to modify the code i gave you in first message? Thanks for the help, mate #include <Memory_new.au3> #include <GUIConstants.au3> #include <File.au3> #include <math.au3> Local $ProcessID = ProcessExists('Wow.exe') If @error Then MsgBox(4096, "ERROR", "Failed to get PID.") Exit EndIf ;SetPrivilege("SetDebugPrivilege", 1) Local $DllInformation = _MemoryOpen($ProcessID) If @error Then MsgBox(4096, "ERROR", "Failed to open memory.") Exit EndIf Local $name = _MemoryRead(0x011ca298, $DllInformation, 'char[13]') If @error Then MsgBox(4096, "ERROR", "Failed to read memory.") Exit EndIf _MemoryClose($DllInformation) MsgBox(0 , "My name" , "CHR = " & $name & @LF & "HEX = " & StringToBinary( $name ) )
ChangMinYang Posted December 14, 2008 Posted December 14, 2008 Ok, mate, SetDebugPrivilege <= WRONG SeDebugPrivilege <= VALID Good luck, mate :-)
marko001 Posted December 14, 2008 Author Posted December 14, 2008 Nope, mate. it doesn't work. What Dinosaurr said few lines up here is correct: i need to unlock the process and Permedit can do that. If i add a sleep(30000) at beginning, i run the autoit then permedit.exe and i tell him to unlock autoit process it works. But obviously using an external tool it's unuseful. Do you know if there is an internal tool/string that can grant same privileges? Thanks again for your full support
ChangMinYang Posted December 14, 2008 Posted December 14, 2008 (edited) Nope, mate. it doesn't work.What Dinosaurr said few lines up here is correct: i need to unlock the process and Permedit can do that.If i add a sleep(30000) at beginning, i run the autoit then permedit.exe and i tell him to unlock autoit process it works.But obviously using an external tool it's unuseful. Do you know if there is an internal tool/string that can grant same privileges?Thanks again for your full supporthttp://www.autoitscript.com/forum/index.ph...st&p=566751; #FUNCTION# ====================================================================================================================; Name...........: _Security__SetPrivilege; Description ...: Enables or disables a local token privilege; Syntax.........: _Security__SetPrivilege($hToken, $sPrivilege, $fEnable); Parameters ....: $hToken - Handle to a token; $sPrivilege - Privilege name; $fEnable - Privilege setting:; | True - Enable privilege; |False - Disable privilege; Return values .: Success - True; Failure - False; Author ........: Paul Campbell (PaulIA); Modified.......:; Remarks .......:; Related .......:; Link ..........;; Example .......;; =============================================================================================================================== Edited December 14, 2008 by GoodMan
marko001 Posted December 14, 2008 Author Posted December 14, 2008 Sounds good but i still get some minor problems: I added #Include <WinAPI.au3> into memory-new.au3 due to the modified function and changed SetPrivilege with Func SetPrivilege($vPrivilege, $fEnable = True) If IsArray($vPrivilege) Then Local $avPriv = $vPrivilege Else Local $avPriv[1] = [$vPrivilege] EndIf Local $hToken = _Security__OpenProcessToken( _WinAPI_GetCurrentProcess(), BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY) ) For $i = 0 To UBound($avPriv) - 1 _Security__SetPrivilege_mod($hToken, $avPriv[$i], $fEnable) Next _WinAPI_CloseHandle($hToken) EndFunc Running the main i get the following: C:\Users\XXX\Desktop\ai\memory\Memory_new.au3 (482) : ==> Variable used without being declared.: Local $hToken = _Security__OpenProcessToken( _WinAPI_GetCurrentProcess(), BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY) ) Local $hToken = _Security__OpenProcessToken( _WinAPI_GetCurrentProcess(), BitOR(^ ERROR What shall I add there that is still missing? M.
ChangMinYang Posted December 15, 2008 Posted December 15, 2008 Sounds good but i still get some minor problems: I added #Include <WinAPI.au3> into memory-new.au3 due to the modified function and changed SetPrivilege with Func SetPrivilege($vPrivilege, $fEnable = True) If IsArray($vPrivilege) Then Local $avPriv = $vPrivilege Else Local $avPriv[1] = [$vPrivilege] EndIf Local $hToken = _Security__OpenProcessToken( _WinAPI_GetCurrentProcess(), BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY) ) For $i = 0 To UBound($avPriv) - 1 _Security__SetPrivilege_mod($hToken, $avPriv[$i], $fEnable) Next _WinAPI_CloseHandle($hToken) EndFunc Running the main i get the following: C:\Users\XXX\Desktop\ai\memory\Memory_new.au3 (482) : ==> Variable used without being declared.: Local $hToken = _Security__OpenProcessToken( _WinAPI_GetCurrentProcess(), BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY) ) Local $hToken = _Security__OpenProcessToken( _WinAPI_GetCurrentProcess(), BitOR(^ ERROR What shall I add there that is still missing? M. This; #Include <WinAPI.au3> #Include <Security.au3> #Include <SecurityConstants.au3> #Include <StructureConstants.au3>
marko001 Posted December 15, 2008 Author Posted December 15, 2008 Gotcha!!! Still needed #include <Constants.au3> in Memory_new.au3 but I found and added it. Now it works (tested just with 0x011ca298 but I think that's 0 or 1 ... it works or it doesn't work) Thanks again mate, Really ++rep for you! Thread Closed!
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now