bill88 Posted July 17, 2009 Share Posted July 17, 2009 (edited) Hello, I've been messing around with this for quite a while.I'm trying to read an address of a java application using NomadMemory.au3.I've gotten the address by using Cheat Engine, however from what I heard, you can't get a pointer of a java application because of "dynamic memory allocation". So I would have to get the address every time I use this application?(Which isn't a big deal)I'm not having any luck getting the value of the address(22EF60FC, I am able to get the value using Cheat Engine.), here is what I have so far:#include <NomadMemory.au3> $address = "22EF60FC" $Open=_MemoryOpen(WinGetProcess("java.exe")) $Read=_MemoryRead(0x&$address, $Open) MsgBox(0,"Value: ",$Read) _MemoryClose($Open)Any help would be appreciated Edited July 17, 2009 by bill88 Link to comment Share on other sites More sharing options...
trung0407 Posted July 17, 2009 Share Posted July 17, 2009 You need to find the pointer of that memory allocation structure. A pointer will point where the structure is The offset will tell where value is located in the structure So you need to have 2 calls _memoryRead If its pointer of pointer of pointer.. it will be more complicated to find Link to comment Share on other sites More sharing options...
bill88 Posted July 17, 2009 Author Share Posted July 17, 2009 You need to find the pointer of that memory allocation structure.A pointer will point where the structure isThe offset will tell where value is located in the structureSo you need to have 2 calls _memoryReadIf its pointer of pointer of pointer.. it will be more complicated to findI have gotten the pointer(Not sure if it's a "pointer of a pointer" though).I tried to use _memoryRead with the pointer/address (having no luck returning the value)Address=22EF5F94Pointer=22EF5D70So does the address that you fill in for _memoryRead, the pointer, or the address?Thanks, for the reply Link to comment Share on other sites More sharing options...
oMBRa Posted July 17, 2009 Share Posted July 17, 2009 But you didnt find a static address... ok now search for the hex value 22EF5D70, if you find only one address your are lucky, then select "add address" manually" select the "Pointer" checkbox, and fill in with the address you have found and the offset, it should be the value of "ebx". If the pointer you have found is green, then is a static address, if not, right click on the pointer you have added and select "see what accesses this address"... repeat this until you find a static address. Anyway multi-level pointer is well explained in the cheat engine tutorial Link to comment Share on other sites More sharing options...
bill88 Posted July 19, 2009 Author Share Posted July 19, 2009 (edited) But you didnt find a static address...ok now search for the hex value 22EF5D70, if you find only one address your are lucky, then select "add address" manually" select the "Pointer" checkbox, and fill in with the address you have found and the offset, it should be the value of "ebx".If the pointer you have found is green, then is a static address, if not, right click on the pointer you have added and select "see what accesses this address"... repeat this until you find a static address.Anyway multi-level pointer is well explained in the cheat engine tutorialWhen I scanned for that address, I got several addresses listed.Do I have to have the static address, in order to get the value of an address? (If not then getting the static address isn't that important for me since this java application is rarely re-opened)Cheat Engine seems to easily be able to get the value of an address without the static address/pointer, is there anyway I can just get the value without it?Maybe I'm just not getting how memory reading works.Thanks for your reply,Any further reply's from anyone would be much appreciated. Edited July 19, 2009 by bill88 Link to comment Share on other sites More sharing options...
trung0407 Posted July 19, 2009 Share Posted July 19, 2009 I have gotten the pointer(Not sure if it's a "pointer of a pointer" though).I tried to use _memoryRead with the pointer/address (having no luck returning the value)Address=22EF5F94Pointer=22EF5D70So does the address that you fill in for _memoryRead, the pointer, or the address?Thanks, for the reply Pointer will point to an address. If Pointer=22EF5D70, means that at adress 0x22EF5D70, contains the address of the structure it point_MemoryRead($pointer,$dll) + $offset will give 0x22EF5F94In CheatEngine, a green address means static address, black is dynamic_MemoryRead(_MemoryRead($pointer,$dll) + $offset, $dll) will give the value you are searching (in this case at 0x22EF5F94) Link to comment Share on other sites More sharing options...
bill88 Posted July 19, 2009 Author Share Posted July 19, 2009 (edited) Pointer will point to an address. If Pointer=22EF5D70, means that at adress 0x22EF5D70, contains the address of the structure it point_MemoryRead($pointer,$dll) + $offset will give 0x22EF5F94In CheatEngine, a green address means static address, black is dynamic_MemoryRead(_MemoryRead($pointer,$dll) + $offset, $dll) will give the value you are searching (in this case at 0x22EF5F94)I was finally able to get the value of an address(with _MemoryRead and the address, but not with the pointer).Also, the above didn't seem to work for me with the 2 _MemoryRead's(with the pointer shown in the image & correct offset). Edited July 19, 2009 by bill88 Link to comment Share on other sites More sharing options...
trung0407 Posted July 20, 2009 Share Posted July 20, 2009 If the address is dynamic, it will change everytime you restart the program Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now