Qousio Posted April 23, 2009 Share Posted April 23, 2009 (edited) Hello. What I'm trying to do is move the value of a pointer into an autoit variable. I have tried several methods, this seems to be a working one, but its not... working... Here is what I'm currently trying (Just a test) #Include <Memory.au3> Global $str, $a, $ptr, $var $str = "ptr var1" $a = DllStructCreate($str) if @error Then MsgBox(0,"","Error in DllStructCreate " & @error); exit endif DllStructSetData($a,"var1",1) $ptr = DllStructGetPtr ($a) _MemMoveMemory(0x0009828C, $ptr, 32) $a = $var MsgBox(0,"DllStruct","Struct Size: " & DllStructGetSize($a) & @CRLF & _ "Struct pointer: " & DllStructGetPtr($a) & @CRLF & _ "Data:" & @CRLF & _ "Var value " & $var & @CRLF & _ DllStructGetData($a,1)) When I launch the script I get an error and autoit crashes... Any ideas? Edited April 23, 2009 by Qousio Link to comment Share on other sites More sharing options...
monoceres Posted April 23, 2009 Share Posted April 23, 2009 So, uhm, where does this little cute number come from: 0x0009828C? Broken link? PM me and I'll send you the file! Link to comment Share on other sites More sharing options...
Qousio Posted April 24, 2009 Author Share Posted April 24, 2009 So, uhm, where does this little cute number come from: 0x0009828C?I have made an assembler script that allocates memory and sets the value of address 00097F7A to 100. Then I have created a pointer with 312 offset, thus the pointer that points to address 00097F7A is 0009828C. I have tried inserting 0009828C but autoit says its a wrong number, so I changed it to 0x0009828C. Link to comment Share on other sites More sharing options...
martin Posted April 24, 2009 Share Posted April 24, 2009 (edited) Hello. What I'm trying to do is move the value of a pointer into an autoit variable. I have tried several methods, this seems to be a working one, but its not... working... Here is what I'm currently trying (Just a test) #Include <Memory.au3> Global $str, $a, $ptr, $var $str = "ptr var1" $a = DllStructCreate($str) if @error Then MsgBox(0,"","Error in DllStructCreate " & @error); exit endif DllStructSetData($a,"var1",1) $ptr = DllStructGetPtr ($a) _MemMoveMemory(0x0009828C, $ptr, 32) $a = $var MsgBox(0,"DllStruct","Struct Size: " & DllStructGetSize($a) & @CRLF & _ "Struct pointer: " & DllStructGetPtr($a) & @CRLF & _ "Data:" & @CRLF & _ "Var value " & $var & @CRLF & _ DllStructGetData($a,1)) When I launch the script I get an error and autoit crashes... Any ideas?I'm not sure what the line $a = $var is for but it is definetly wrong. $var will be created as a null string untill it is set with some value. Maybe you are confusing $var with "var1" in your struct? Perhaps this will work #Include <Memory.au3> Global $str, $a, $ptr, $var $str = "ptr var1" $a = DllStructCreate($str) if @error Then MsgBox(0,"","Error in DllStructCreate " & @error); exit endif DllStructSetData($a,"var1",1) $ptr = DllStructGetPtr ($a) _MemMoveMemory(0x0009828C, $ptr, 32) ;$a = $var MsgBox(0,"DllStruct","Struct Size: " & DllStructGetSize($a) & @CRLF & _ "Struct pointer: " & DllStructGetPtr($a) & @CRLF & _ "Data:" & @CRLF & _ "Var1 value =" & DllStructGetData($a,1)) Edited April 24, 2009 by martin Serial port communications UDF Includes functions for binary transmission and reception.printing UDF Useful for graphs, forms, labels, reports etc.Add User Call Tips to SciTE for functions in UDFs not included with AutoIt and for your own scripts.Functions with parameters in OnEvent mode and for Hot Keys One function replaces GuiSetOnEvent, GuiCtrlSetOnEvent and HotKeySet.UDF IsConnected2 for notification of status of connected state of many urls or IPs, without slowing the script. Link to comment Share on other sites More sharing options...
Qousio Posted April 24, 2009 Author Share Posted April 24, 2009 (edited) I'm not sure what the line $a = $var is for but it is definetly wrong. $var will be created as a null string untill it is set with some value. Maybe you are confusing $var with "var1" in your struct? Perhaps this will work Ok, I can launch the script now. The reason I did $a=$var is because I wanted to put the value of $a to the variable $var. But, it seems that I should put DllStructGetData into $var. So the working script is: #Include <Memory.au3> Global $str, $a, $ptr, $var, $data $var = 1 $str = "ptr var1" $a = DllStructCreate($str) if @error Then MsgBox(0,"","Error in DllStructCreate " & @error); exit endif DllStructSetData($a,"var1",1) $ptr = DllStructGetPtr($a) _MemMoveMemory(0x0009828C, $ptr, 1) $data = DllStructGetData($a,1) $var = $Data MsgBox(0,"DllStruct","Struct Size: " & DllStructGetSize($a) & @CRLF & _ "Struct pointer: " & DllStructGetPtr($a) & @CRLF & _ "Data:" & @CRLF & _ "Var value " & $var & @CRLF & _ DllStructGetData($a,1)) It works perfectly fine, but When I tried a different pointer it crashes again ;; any ideas? Edited April 24, 2009 by Qousio Link to comment Share on other sites More sharing options...
trancexx Posted April 24, 2009 Share Posted April 24, 2009 Invalid pointer. ... I would love to see the rest of the script. Is that possible? ♡♡♡ . eMyvnE Link to comment Share on other sites More sharing options...
Qousio Posted April 24, 2009 Author Share Posted April 24, 2009 (edited) Invalid pointer.... I would love to see the rest of the script. Is that possible?Right now im just trying to make this work... I do have the second part of the script ready, basically its a bunch of GDI+ drawings...#Edit: Ok now I'm really confused The script works, but the result is -Wrong- I'm putting the value of pointer 00460f68 to $ptr which is the pointer of my DllStruct. Using _MemMoveMemory(0x460F68, $ptr, 1)But the value I get is 75, it should be 77.... Any suggestions?#Edit2: I increased the length of _MemMove to 6 bytes, now I get 0x8B561875.What the hell... ? O_o Edited April 24, 2009 by Qousio Link to comment Share on other sites More sharing options...
trancexx Posted April 24, 2009 Share Posted April 24, 2009 #Edit2: I increased the length of _MemMove to 6 bytes, now I get 0x8B561875.What the hell... ? O_oAnd if the number is 2 you get 1875? ♡♡♡ . eMyvnE Link to comment Share on other sites More sharing options...
Qousio Posted April 24, 2009 Author Share Posted April 24, 2009 And if the number is 2 you get 1875?Correct. What does this mean? I screwed up somewhere ? Link to comment Share on other sites More sharing options...
trancexx Posted April 24, 2009 Share Posted April 24, 2009 Correct. What does this mean? I screwed up somewhere ?No, actually it means that all works as it should.Your problem is contained in monoceres' post. ... but since you are not showing the code, no help could be provided. ♡♡♡ . eMyvnE Link to comment Share on other sites More sharing options...
Qousio Posted April 24, 2009 Author Share Posted April 24, 2009 (edited) No, actually it means that all works as it should. Your problem is contained in monoceres' post. ... but since you are not showing the code, no help could be provided. That IS the code o_O... and which post should i be looking for? If you mean the post in THIS thread, then it makes no sense. The first pointer which I used and which works is the one that I have created with an asm script. The second pointer which I'm using right now is from a game. I am 100% confident the pointer is correct because I can alter the value of this pointer and it will be reflected in game. For example, this is an asm script I have created a long time ago: expandcollapse popup[ENABLE] alloc(newmem,2048) label(returnhere) label(returnhere1) label(robot) label(resource) newmem: robot: mov ecx, 0 add [esi+20],ecx mov eax,[ebp+00000798] jmp returnhere1 resource: mov edx, 1000 add [ecx+eax*4+4c],edx mov edx,[ecx+eax*4+4c] jmp returnhere 01C049E1: jmp robot nop nop nop nop returnhere1: 01BCB7A8: jmp resource nop nop nop returnhere: [DISABLE] 01C049E1: add [esi+20],ecx mov eax,[ebp+00000798] 01BCB7A8: add [ecx+eax*4+4c],edx mov edx,[ecx+eax*4+4c] dealloc(newmem) This: 01C049E1 and this: 01BCB7A8 are valid pointers. I can find and alter there values, but when I use them in my autoit script it won't return the correct value. Edited April 24, 2009 by Qousio Link to comment Share on other sites More sharing options...
ProgAndy Posted April 24, 2009 Share Posted April 24, 2009 What are you exactly doing?-Run the assembler Script-run AutoIt-Script- trying to read memory from assembler-script?--> different processes have different virtual memory. You can't read the memory of another process with _MemMoveMemory.Also, after a process has closed all it's memory is freed.To read the memory from a running process, you have to use NomadMemory.au3. *GERMAN* [note: you are not allowed to remove author / modified info from my UDFs]My UDFs:[_SetImageBinaryToCtrl] [_TaskDialog] [AutoItObject] [Animated GIF (GDI+)] [ClipPut for Image] [FreeImage] [GDI32 UDFs] [GDIPlus Progressbar] [Hotkey-Selector] [Multiline Inputbox] [MySQL without ODBC] [RichEdit UDFs] [SpeechAPI Example] [WinHTTP]UDFs included in AutoIt: FTP_Ex (as FTPEx), _WinAPI_SetLayeredWindowAttributes Link to comment Share on other sites More sharing options...
Qousio Posted April 24, 2009 Author Share Posted April 24, 2009 (edited) What are you exactly doing?-Run the assembler Script-run AutoIt-Script- trying to read memory from assembler-script?--> different processes have different virtual memory. You can't read the memory of another process with _MemMoveMemory.Also, after a process has closed all it's memory is freed.To read the memory from a running process, you have to use NomadMemory.au3.Thank you thank you than you thank you! NomadMemory.au3 is what I need I didnt know how _MemMoveMemory works, so this is why my script wasn't working Gosh I feel so stupid now ;; I knew that theres supposed to be a debugger that grants rights to modify/check programms memory I guess I'm so used to OllyDbg that I forgot about it when using autoit Edited April 24, 2009 by Qousio Link to comment Share on other sites More sharing options...
Richard Robertson Posted April 24, 2009 Share Posted April 24, 2009 _MemMoveMemory is like a low level copy operation. The process only has access to its own memory space, as mentioned above. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now