Sign in to follow this  
Followers 0
marko001

Read Memory Return 0

18 posts in this topic

Hi all,

i'm using the code below to show my name in a game (World of Warcraft).

I'm amost confident that the address is the pointer and correct.

Anyway, the result i always get is 0, not error but 0

#include <Memory_new.au3>
#include <GUIConstants.au3>
#include <File.au3>
#include <math.au3>
SetPrivilege("SetDebugPrivilege", 1)
$ProcessID = ProcessExists('Wow.exe')
$nMsg = GUIGetMsg()
Local $DllInformation = _MemoryOpen($ProcessID)
Local $name
$name = _MemoryRead(0x011ca298, $DllInformation, 'char[13]')
If @error Then
        MsgBox(4096, "ERROR", "Failed to read memory.")
        Exit
    EndIf
_MemoryClose($DllInformation)
msgbox(0,"My name",$name)

Can someone help me sort it out?

Thanks,

Marco

Share this post


Link to post
Share on other sites



Hi all,

i'm using the code below to show my name in a game (World of Warcraft).

I'm amost confident that the address is the pointer and correct.

Anyway, the result i always get is 0, not error but 0

#include <Memory_new.au3>
#include <GUIConstants.au3>
#include <File.au3>
#include <math.au3>
SetPrivilege("SetDebugPrivilege", 1)
$ProcessID = ProcessExists('Wow.exe')
$nMsg = GUIGetMsg()
Local $DllInformation = _MemoryOpen($ProcessID)
Local $name
$name = _MemoryRead(0x011ca298, $DllInformation, 'char[13]')
If @error Then
        MsgBox(4096, "ERROR", "Failed to read memory.")
        Exit
    EndIf
_MemoryClose($DllInformation)
msgbox(0,"My name",$name)

Can someone help me sort it out?

Thanks,

Marco

Step 1. Check to $DllInformation that opened handle is valid.

Step 2. Replace 'char[13]' to 'byte[13]'

Share this post


Link to post
Share on other sites

To Goodman: Thanks for your hint, but what you mean when you say "Step 1. Check to $DllInformation that opened handle is valid." ? i msgboxed the $ProcessIID and it doesn't return 0 but the handle.

For the byte, since it's a text string what i'm looking for I believe char[13] should be the correct way. Anyway i tried all the others but i alway get 0.

I got the "green" address with CE, surely.

Thanks,

Marco

Share this post


Link to post
Share on other sites

up

Share this post


Link to post
Share on other sites

up

Share this post


Link to post
Share on other sites

To Goodman: Thanks for your hint, but what you mean when you say "Step 1. Check to $DllInformation that opened handle is valid." ? i msgboxed the $ProcessIID and it doesn't return 0 but the handle.

For the byte, since it's a text string what i'm looking for I believe char[13] should be the correct way. Anyway i tried all the others but i alway get 0.

I got the "green" address with CE, surely.

Thanks,

Marco

You checked $ProcessID as PID.

I suggested to check $DllInformation as pHandle.

Check this;

MsgBox( 0 , StringToArray( $DllInformation , " , " ) )

$DllInformation should be $DllInformation[0] >= 1 and $DllInformation[1] >= 1

Share this post


Link to post
Share on other sites

sorry mate i can't understand it. Can you help me sort it out trying to modify the code i gave you in first message?

Thanks for the help, mate

Share this post


Link to post
Share on other sites

Wow requires you to unlock the process before you can read/write to it iirc...

i think your going to need permedit

Share this post


Link to post
Share on other sites

yes, infact with Permedit it works.

But it's a "patched" solution, since i need to run Permedit.exe and ask it to grant access to my AutoIt Script once the script is up.

Is it possible to tell the script to grant itself such a right?

I see that

SetPrivilege("SeDebugPrivilege", 1)

doesn't help.

Thanks,

M.

Share this post


Link to post
Share on other sites

sorry mate i can't understand it. Can you help me sort it out trying to modify the code i gave you in first message?

Thanks for the help, mate

#include <Memory_new.au3>
#include <GUIConstants.au3>
#include <File.au3>
#include <math.au3>

Local $ProcessID = ProcessExists('Wow.exe')
If @error Then
    MsgBox(4096, "ERROR", "Failed to get PID.")
    Exit
EndIf

;SetPrivilege("SetDebugPrivilege", 1)

Local $DllInformation = _MemoryOpen($ProcessID)

If @error Then
    MsgBox(4096, "ERROR", "Failed to open memory.")
    Exit
EndIf

Local $name = _MemoryRead(0x011ca298, $DllInformation, 'char[13]')

If @error Then
    MsgBox(4096, "ERROR", "Failed to read memory.")
    Exit
EndIf

_MemoryClose($DllInformation)

MsgBox(0 , "My name" , "CHR = " & $name & @LF & "HEX = " & StringToBinary( $name ) )

Share this post


Link to post
Share on other sites

Ok, mate,

SetDebugPrivilege <= WRONG

SeDebugPrivilege <= VALID

Good luck, mate :-)

Share this post


Link to post
Share on other sites

Nope, mate. it doesn't work.

What Dinosaurr said few lines up here is correct: i need to unlock the process and Permedit can do that.

If i add a sleep(30000) at beginning, i run the autoit then permedit.exe and i tell him to unlock autoit process it works.

But obviously using an external tool it's unuseful. Do you know if there is an internal tool/string that can grant same privileges?

Thanks again for your full support

Share this post


Link to post
Share on other sites

#15 ·  Posted (edited)

Nope, mate. it doesn't work.

What Dinosaurr said few lines up here is correct: i need to unlock the process and Permedit can do that.

If i add a sleep(30000) at beginning, i run the autoit then permedit.exe and i tell him to unlock autoit process it works.

But obviously using an external tool it's unuseful. Do you know if there is an internal tool/string that can grant same privileges?

Thanks again for your full support

http://www.autoitscript.com/forum/index.ph...st&p=566751

; #FUNCTION# ====================================================================================================

================

; Name...........: _Security__SetPrivilege

; Description ...: Enables or disables a local token privilege

; Syntax.........: _Security__SetPrivilege($hToken, $sPrivilege, $fEnable)

; Parameters ....: $hToken - Handle to a token

; $sPrivilege - Privilege name

; $fEnable - Privilege setting:

; | True - Enable privilege

; |False - Disable privilege

; Return values .: Success - True

; Failure - False

; Author ........: Paul Campbell (PaulIA)

; Modified.......:

; Remarks .......:

; Related .......:

; Link ..........;

; Example .......;

; ====================================================================================================

===========================

Edited by GoodMan

Share this post


Link to post
Share on other sites

Sounds good but i still get some minor problems:

I added

#Include <WinAPI.au3>

into memory-new.au3 due to the modified function

and changed SetPrivilege with

Func SetPrivilege($vPrivilege, $fEnable = True)
    If IsArray($vPrivilege) Then
        Local $avPriv = $vPrivilege
    Else
        Local $avPriv[1] = [$vPrivilege]
    EndIf
    Local $hToken = _Security__OpenProcessToken( _WinAPI_GetCurrentProcess(), BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY) )
    For $i = 0 To UBound($avPriv) - 1
        _Security__SetPrivilege_mod($hToken, $avPriv[$i], $fEnable)
    Next
    _WinAPI_CloseHandle($hToken)
EndFunc

Running the main i get the following:

C:\Users\XXX\Desktop\ai\memory\Memory_new.au3 (482) : ==> Variable used without being declared.:
Local $hToken = _Security__OpenProcessToken( _WinAPI_GetCurrentProcess(), BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY) )
Local $hToken = _Security__OpenProcessToken( _WinAPI_GetCurrentProcess(), BitOR(^ ERROR

What shall I add there that is still missing?

M.

Share this post


Link to post
Share on other sites

Sounds good but i still get some minor problems:

I added

#Include <WinAPI.au3>

into memory-new.au3 due to the modified function

and changed SetPrivilege with

Func SetPrivilege($vPrivilege, $fEnable = True)
    If IsArray($vPrivilege) Then
        Local $avPriv = $vPrivilege
    Else
        Local $avPriv[1] = [$vPrivilege]
    EndIf
    Local $hToken = _Security__OpenProcessToken( _WinAPI_GetCurrentProcess(), BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY) )
    For $i = 0 To UBound($avPriv) - 1
        _Security__SetPrivilege_mod($hToken, $avPriv[$i], $fEnable)
    Next
    _WinAPI_CloseHandle($hToken)
EndFunc

Running the main i get the following:

C:\Users\XXX\Desktop\ai\memory\Memory_new.au3 (482) : ==> Variable used without being declared.:
Local $hToken = _Security__OpenProcessToken( _WinAPI_GetCurrentProcess(), BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY) )
Local $hToken = _Security__OpenProcessToken( _WinAPI_GetCurrentProcess(), BitOR(^ ERROR

What shall I add there that is still missing?

M.

This;

#Include <WinAPI.au3>
#Include <Security.au3>
#Include <SecurityConstants.au3>
#Include <StructureConstants.au3>

Share this post


Link to post
Share on other sites

Gotcha!!!

Still needed

#include <Constants.au3>

in Memory_new.au3 but I found and added it.

Now it works (tested just with 0x011ca298 but I think that's 0 or 1 ... it works or it doesn't work)

Thanks again mate, Really ++rep for you!

Thread Closed!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0